This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft File: CEaS7DDzfffcteR600auvetx_DA.mft (raw, json) Hash identifier: mP2mYTcL/AJYNI2Z/zMuLeyvcHQEOWsqakQGgALf2Xg= Subject key identifier: AB:A9:A9:2A:47:65:5F:D2:50:6C:A7:2E:C5:C2:EF:EC:89:94:C8:FA Authority key identifier: 08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30 Certificate issuer: /CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30 Certificate serial: 019B657A9F9F4628A186F83D7A0D5D9F3A31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft Manifest number: 1799 Signing time: Sun 28 Dec 2025 15:01:33 +0000 Manifest this update: Sun 28 Dec 2025 15:01:33 +0000 Manifest next update: Mon 29 Dec 2025 15:01:33 +0000 Files and hashes: 1: CEaS7DDzfffcteR600auvetx_DA.crl (hash: 7OShIDSwicXh5E/Rv4Ksgj06uAB/Z0K4yuBPI0ee6oI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 15:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:7a:9f:9f:46:28:a1:86:f8:3d:7a:0d:5d:9f:3a:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=084692ec30f37df7dcb5e47ad346aebdeb71fc30 Validity Not Before: Dec 28 15:01:33 2025 GMT Not After : Dec 29 15:01:33 2025 GMT Subject: CN=aba9a92a47655fd2506ca72ec5c2efec8994c8fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:78:4f:a1:af:f8:5e:c7:b8:7d:d6:a8:c1:ad: 37:da:d9:a8:52:1e:8b:65:45:6f:c1:41:16:77:dd: d8:2c:b5:fa:80:0d:8e:f3:d2:d1:7d:90:eb:46:09: e5:6e:cb:60:12:44:a3:46:3f:ab:88:30:7a:b0:a8: c6:5d:d9:0c:1b:60:3d:a2:3b:fc:99:35:29:04:35: b7:57:9f:f1:e9:2d:95:d4:9d:13:b3:87:3a:96:c1: 60:bd:9e:69:ff:84:08:78:0c:b7:10:86:68:2a:24: 21:91:4c:13:1a:5b:f5:52:5a:8e:4a:e7:10:ae:d4: 63:ab:3f:d4:1a:bf:46:8a:41:9e:d2:a2:20:cb:dc: 60:a1:3a:6d:75:0a:26:60:69:f2:94:2c:fb:3b:27: 4b:b5:c2:1b:04:5c:cb:dd:9c:d4:0d:f6:ef:1f:a0: e8:7f:d0:c1:00:e7:d0:6d:5d:b5:70:31:9d:f1:47: 2f:84:d5:23:fd:5c:ec:3f:8b:27:51:c3:9c:02:95: ce:25:6e:b0:19:34:cc:16:6d:76:0e:6b:9b:14:2d: b0:db:47:96:f0:74:9f:87:8f:a8:83:c2:62:08:1a: 72:5e:2d:bf:bf:5f:77:03:96:97:bd:d8:c8:2d:53: 38:ee:0b:3a:76:3e:03:0a:de:8c:24:42:ae:7c:4e: 8c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:A9:A9:2A:47:65:5F:D2:50:6C:A7:2E:C5:C2:EF:EC:89:94:C8:FA X509v3 Authority Key Identifier: keyid:08:46:92:EC:30:F3:7D:F7:DC:B5:E4:7A:D3:46:AE:BD:EB:71:FC:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEaS7DDzfffcteR600auvetx_DA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/0fd013-ab7f-453c-9122-113374c48763/1/CEaS7DDzfffcteR600auvetx_DA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:41:f3:bb:cc:33:8f:7c:e1:51:d4:f5:38:28:f9:bf:39:10: 36:82:ac:be:13:c3:dc:e6:bd:7c:f7:99:fc:55:df:80:29:fc: 88:74:c8:86:40:ab:e2:99:68:cd:f5:1f:75:62:11:45:9b:66: 41:4e:d2:96:b5:bf:6b:67:76:d5:1c:78:7f:93:66:1b:cf:74: 37:96:bc:57:8e:5f:97:e6:02:44:75:85:5e:51:2e:cb:98:db: f3:53:73:d1:44:23:75:b9:a8:46:cc:53:f4:7d:86:c4:43:52: 55:d4:cb:20:c7:0a:30:63:20:5f:3d:83:2a:65:d6:cd:a1:2b: d6:f4:66:d7:4b:b3:c0:76:c6:4e:51:16:f3:61:c4:bf:63:9c: 00:1a:60:93:5a:e3:97:8b:df:0d:cb:ad:e3:78:48:9c:2d:c9: 24:96:51:bf:3e:7f:4a:c3:1f:58:65:be:1c:36:b4:4d:5b:9a: 27:72:3e:c7:7f:71:b9:19:c0:7a:7b:64:93:43:bd:7e:00:e8: 10:3e:5f:03:be:4c:0c:ff:c2:42:21:ad:e8:3e:67:cf:75:bf: c2:72:e9:38:f3:74:ac:2e:3e:3a:91:64:77:95:0f:e6:f2:27: 05:8e:57:b4:18:37:ed:3c:07:98:c3:95:50:e3:2a:9d:e4:52: 98:52:1e:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtlep+fRiihhvg9eg1dnzoxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NDY5MmVjMzBmMzdkZjdkY2I1ZTQ3YWQzNDZhZWJkZWI3 MWZjMzAwHhcNMjUxMjI4MTUwMTMzWhcNMjUxMjI5MTUwMTMzWjAzMTEwLwYDVQQD EyhhYmE5YTkyYTQ3NjU1ZmQyNTA2Y2E3MmVjNWMyZWZlYzg5OTRjOGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3hPoa/4Xse4fdaowa032tmoUh6L ZUVvwUEWd93YLLX6gA2O89LRfZDrRgnlbstgEkSjRj+riDB6sKjGXdkMG2A9ojv8 mTUpBDW3V5/x6S2V1J0Ts4c6lsFgvZ5p/4QIeAy3EIZoKiQhkUwTGlv1UlqOSucQ rtRjqz/UGr9GikGe0qIgy9xgoTptdQomYGnylCz7OydLtcIbBFzL3ZzUDfbvH6Do f9DBAOfQbV21cDGd8UcvhNUj/VzsP4snUcOcApXOJW6wGTTMFm12DmubFC2w20eW 8HSfh4+og8JiCBpyXi2/v193A5aXvdjILVM47gs6dj4DCt6MJEKufE6MsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKupqSpHZV/SUGynLsXC7+yJlMj6MB8GA1UdIwQY MBaAFAhGkuww83333LXketNGrr3rcfwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjIt MTEzMzc0YzQ4NzYzLzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS8wZmQwMTMtYWI3Zi00NTNjLTkxMjItMTEzMzc0YzQ4NzYz LzEvQ0VhUzdERHpmZmZjdGVSNjAwYXV2ZXR4X0RBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM0Hzu8wz j3zhUdT1OCj5vzkQNoKsvhPD3Oa9fPeZ/FXfgCn8iHTIhkCr4plozfUfdWIRRZtm QU7SlrW/a2d21Rx4f5NmG890N5a8V45fl+YCRHWFXlEuy5jb81Nz0UQjdbmoRsxT 9H2GxENSVdTLIMcKMGMgXz2DKmXWzaEr1vRm10uzwHbGTlEW82HEv2OcABpgk1rj l4vfDcut43hInC3JJJZRvz5/SsMfWGW+HDa0TVuaJ3I+x39xuRnAentkk0O9fgDo ED5fA75MDP/CQiGt6D5nz3W/wnLpOPN0rC4+OpFkd5UP5vInBY5XtBg37TwHmMOV UOMqneRSmFIeGw== -----END CERTIFICATE-----Generated at Mon Dec 29 00:49:21 2025 by rpki-client