This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json) Hash identifier: aNpay5IwXnpgnRHOCrbuZyHtWjR9Ce+QptCP/MmkBDI= Subject key identifier: 3C:C5:5F:2A:DD:78:BA:15:3C:E7:E9:0C:91:E8:E1:19:25:41:53:82 Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9 Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9 Certificate serial: 019B3C7E28DB4391733C27BF71604047D69A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft Manifest number: 0DDD Signing time: Sat 20 Dec 2025 16:00:59 +0000 Manifest this update: Sat 20 Dec 2025 16:00:59 +0000 Manifest next update: Sun 21 Dec 2025 16:00:59 +0000 Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: DT5YF7pJjFXUnDdqyPTmTTm9rNQBHch5q2L3Ett3bTI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:28:db:43:91:73:3c:27:bf:71:60:40:47:d6:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9 Validity Not Before: Dec 20 16:00:59 2025 GMT Not After : Dec 21 16:00:59 2025 GMT Subject: CN=3cc55f2add78ba153ce7e90c91e8e11925415382 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a7:75:c1:e3:7e:1b:da:fd:1b:ce:0e:56:38: b9:20:36:ec:cf:03:ea:a0:07:7b:f4:44:45:0b:b7: 0f:59:11:e6:ec:c3:e1:4c:dd:88:af:39:ed:93:59: f9:83:3c:9c:9b:8f:80:18:66:a2:86:b6:f0:38:d1: fd:26:dd:e6:5a:81:d6:8b:7e:0d:51:49:44:3e:1b: bf:13:13:84:dd:c8:ef:9e:90:08:6c:60:4e:63:ed: e2:bd:23:ee:b1:c3:29:53:90:b6:13:cf:1f:e7:d5: d7:b4:a4:2e:0e:cb:9e:67:f3:b1:ff:41:d7:d6:30: 72:f6:93:42:2d:c4:5f:d2:ea:30:58:0f:02:ed:18: 35:24:09:2c:e8:a9:ac:a8:5c:9b:a3:75:21:e5:cf: 3e:68:63:8f:6c:06:4f:f6:48:f3:ce:db:8e:00:fe: e4:d7:7f:17:f9:a7:b1:ac:37:70:38:ea:87:90:b9: a9:23:0d:45:e0:99:20:2c:9d:e5:74:bc:79:24:e6: 80:97:f6:77:5a:ee:49:24:f9:fb:d9:a8:97:0a:98: 37:b0:57:3c:6f:78:33:1a:e7:c5:bd:af:91:a9:ba: ba:5e:67:40:01:91:15:0e:d9:66:ae:20:8f:4b:f4: ed:f3:2c:53:82:36:f1:23:3e:9f:d4:69:06:26:9d: ef:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:C5:5F:2A:DD:78:BA:15:3C:E7:E9:0C:91:E8:E1:19:25:41:53:82 X509v3 Authority Key Identifier: keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:13:24:fe:a3:cc:d0:47:67:9c:fe:af:27:2a:85:8a:ff:3d: 64:55:a7:ab:7e:d3:3a:70:d4:f1:d7:30:93:66:91:ee:76:6a: a8:54:06:8b:7d:79:80:5c:5f:3c:2a:34:2c:2e:1b:4c:ca:27: f5:b6:a9:a0:a0:c6:91:b0:12:0a:51:7e:51:eb:e2:97:95:6b: 27:36:82:c6:52:98:7a:b1:fa:aa:94:5b:02:f8:5c:3f:74:f1: 83:33:69:2a:02:4a:44:da:6a:5f:5d:0f:29:7b:a8:6c:1f:46: 6c:93:ce:d4:36:54:8e:9d:c5:9e:1d:e8:da:f5:ce:be:93:9f: 5e:da:52:f3:59:7d:4d:d3:ac:47:61:25:dc:44:35:2f:41:78: 4b:6c:e6:11:53:25:ac:9b:72:a0:5c:b1:04:8b:f0:79:ef:b8: 09:06:b3:8a:26:0c:29:06:e5:61:d3:05:28:1b:5c:49:1d:af: 47:84:3d:bc:1d:13:08:99:77:47:28:75:a2:7c:41:4e:c7:94: 1a:25:97:fb:c1:ba:41:f9:ab:1d:2a:20:1e:fd:41:e8:e4:f9: 42:c5:c8:04:24:fc:1b:29:1d:ec:30:58:2c:94:46:d2:da:41: 8f:f6:e7:fc:2d:83:5c:40:66:5e:3d:90:57:7d:b3:c4:2e:32: ec:1d:69:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fijbQ5FzPCe/cWBAR9aaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw ZWVlYjkwHhcNMjUxMjIwMTYwMDU5WhcNMjUxMjIxMTYwMDU5WjAzMTEwLwYDVQQD EygzY2M1NWYyYWRkNzhiYTE1M2NlN2U5MGM5MWU4ZTExOTI1NDE1MzgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqd1weN+G9r9G84OVji5IDbszwPq oAd79ERFC7cPWRHm7MPhTN2Irzntk1n5gzycm4+AGGaihrbwONH9Jt3mWoHWi34N UUlEPhu/ExOE3cjvnpAIbGBOY+3ivSPuscMpU5C2E88f59XXtKQuDsueZ/Ox/0HX 1jBy9pNCLcRf0uowWA8C7Rg1JAks6KmsqFybo3Uh5c8+aGOPbAZP9kjzztuOAP7k 138X+aexrDdwOOqHkLmpIw1F4JkgLJ3ldLx5JOaAl/Z3Wu5JJPn72aiXCpg3sFc8 b3gzGufFva+Rqbq6XmdAAZEVDtlmriCPS/Tt8yxTgjbxIz6f1GkGJp3vuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDzFXyrdeLoVPOfpDJHo4RklQVOCMB8GA1UdIwQY MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJhMk/qPM 0EdnnP6vJyqFiv89ZFWnq37TOnDU8dcwk2aR7nZqqFQGi315gFxfPCo0LC4bTMon 9bapoKDGkbASClF+Uevil5VrJzaCxlKYerH6qpRbAvhcP3TxgzNpKgJKRNpqX10P KXuobB9GbJPO1DZUjp3Fnh3o2vXOvpOfXtpS81l9TdOsR2El3EQ1L0F4S2zmEVMl rJtyoFyxBIvwee+4CQaziiYMKQblYdMFKBtcSR2vR4Q9vB0TCJl3Ryh1onxBTseU GiWX+8G6QfmrHSogHv1B6OT5QsXIBCT8Gykd7DBYLJRG0tpBj/bn/C2DXEBmXj2Q V32zxC4y7B1paw== -----END CERTIFICATE-----Generated at Sat Dec 20 21:13:58 2025 by rpki-client