This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft File: VkQtN4qHkyt22vks6Pye80Hrx1k.mft (raw, json) Hash identifier: iVO03wizw+nk5ZZH7xMtSZJpgajo4FhZVWr408VhqOU= Subject key identifier: FA:08:83:C5:30:D3:B0:D1:88:13:2F:2F:21:00:D7:13:68:28:9D:E9 Authority key identifier: 56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59 Certificate issuer: /CN=56442d378a87932b76daf92ce8fc9ef341ebc759 Certificate serial: 019B5FE578910B83AC240B88C94B8407D990 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft Manifest number: 0D5C Signing time: Sat 27 Dec 2025 13:00:32 +0000 Manifest this update: Sat 27 Dec 2025 13:00:32 +0000 Manifest next update: Sun 28 Dec 2025 13:00:32 +0000 Files and hashes: 1: VkQtN4qHkyt22vks6Pye80Hrx1k.crl (hash: YSMdV0wMVZR+JbvovXUx7LCemUe3OEcUnLNtEO9st5k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5f:e5:78:91:0b:83:ac:24:0b:88:c9:4b:84:07:d9:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=56442d378a87932b76daf92ce8fc9ef341ebc759 Validity Not Before: Dec 27 13:00:32 2025 GMT Not After : Dec 28 13:00:32 2025 GMT Subject: CN=fa0883c530d3b0d188132f2f2100d71368289de9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:29:bb:86:fa:bd:12:9f:47:d6:35:56:81:aa: 02:f6:cb:49:d2:f7:cd:a1:18:25:6a:35:f9:61:40: 89:c6:24:42:29:b5:ca:6c:79:49:85:d6:1c:a5:b0: b7:e1:e6:a1:0d:de:21:75:de:2e:e2:d0:c7:87:f8: b7:da:33:ff:d8:e9:57:f4:75:35:bd:f8:91:c5:98: 13:46:47:37:82:1e:cd:80:23:c9:2f:29:9c:26:8c: 4d:40:1d:81:e4:73:86:3e:b6:7e:32:a7:5f:2f:f5: 14:90:34:7a:53:da:9b:25:98:92:79:47:fb:6b:dd: e6:85:61:77:15:8d:ab:b6:f1:e7:73:72:59:50:1a: 18:c2:3a:07:eb:9e:e5:b9:8d:6f:9d:96:3e:12:47: ba:17:74:57:77:22:d0:f5:5a:f3:b2:48:34:6c:00: f8:53:74:b6:cd:ad:1c:d0:ec:89:a0:12:2a:63:d6: 60:19:bd:e8:d2:7d:63:29:85:51:98:5c:85:54:68: c0:65:b4:c8:85:2d:18:78:c1:5a:19:23:ac:44:1b: 88:ae:12:41:14:79:32:b4:04:e0:13:9b:1e:b6:83: 0f:4d:68:46:48:95:6f:35:51:7b:d1:76:2b:54:22: c2:7e:0f:ee:82:55:0c:55:06:37:40:50:91:64:64: 4e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:08:83:C5:30:D3:B0:D1:88:13:2F:2F:21:00:D7:13:68:28:9D:E9 X509v3 Authority Key Identifier: keyid:56:44:2D:37:8A:87:93:2B:76:DA:F9:2C:E8:FC:9E:F3:41:EB:C7:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VkQtN4qHkyt22vks6Pye80Hrx1k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/4f3254-5442-4c87-8b14-9813f0906c4b/1/VkQtN4qHkyt22vks6Pye80Hrx1k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:53:d1:1f:4b:22:5d:9f:f9:19:24:ce:28:99:a3:31:9f:76: 82:11:d4:46:a5:dd:37:17:80:18:9d:c5:16:00:03:c3:06:48: 39:0e:a6:5d:42:73:fe:f5:7a:a0:62:34:fc:a3:c0:de:89:45: e0:0b:62:aa:d8:d0:86:38:bb:68:fe:8f:2e:d3:07:b3:5a:42: cf:01:fd:20:f2:2f:d0:c9:bd:50:35:9d:96:1b:74:46:a4:fa: f0:53:c7:b7:5f:a5:b0:de:8c:f4:64:93:c1:9e:f5:fc:f3:c3: 79:50:0b:a0:fc:66:b6:47:44:dc:37:84:64:fd:4c:78:f7:93: e5:08:4b:dd:1c:1f:a6:39:1a:52:c5:f7:93:24:4a:da:13:1e: 57:61:c7:08:f9:7f:44:26:c9:e3:20:b0:24:a5:dc:d6:43:f7: 45:84:0c:ed:8f:d1:9f:57:42:85:ca:3a:e5:39:62:8c:21:35: b2:e2:b1:1b:cc:2d:73:35:f3:e4:90:82:e6:81:2d:04:c3:2f: 7b:59:70:ae:00:5b:30:5a:24:ba:4d:b3:1b:36:08:c0:67:a6: a7:6b:1c:60:b9:09:b7:09:8c:df:6e:61:be:ce:28:7e:ff:d6: ba:77:36:69:59:2d:9e:d5:2a:41:35:d1:6b:5d:40:2f:43:6c: c7:c2:7a:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtf5XiRC4OsJAuIyUuEB9mQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2NDQyZDM3OGE4NzkzMmI3NmRhZjkyY2U4ZmM5ZWYzNDFl YmM3NTkwHhcNMjUxMjI3MTMwMDMyWhcNMjUxMjI4MTMwMDMyWjAzMTEwLwYDVQQD EyhmYTA4ODNjNTMwZDNiMGQxODgxMzJmMmYyMTAwZDcxMzY4Mjg5ZGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtim7hvq9Ep9H1jVWgaoC9stJ0vfN oRglajX5YUCJxiRCKbXKbHlJhdYcpbC34eahDd4hdd4u4tDHh/i32jP/2OlX9HU1 vfiRxZgTRkc3gh7NgCPJLymcJoxNQB2B5HOGPrZ+MqdfL/UUkDR6U9qbJZiSeUf7 a93mhWF3FY2rtvHnc3JZUBoYwjoH657luY1vnZY+Eke6F3RXdyLQ9Vrzskg0bAD4 U3S2za0c0OyJoBIqY9ZgGb3o0n1jKYVRmFyFVGjAZbTIhS0YeMFaGSOsRBuIrhJB FHkytATgE5setoMPTWhGSJVvNVF70XYrVCLCfg/uglUMVQY3QFCRZGROYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPoIg8Uw07DRiBMvLyEA1xNoKJ3pMB8GA1UdIwQY MBaAFFZELTeKh5Mrdtr5LOj8nvNB68dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQt OTgxM2YwOTA2YzRiLzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy80ZjMyNTQtNTQ0Mi00Yzg3LThiMTQtOTgxM2YwOTA2YzRi LzEvVmtRdE40cUhreXQyMnZrczZQeWU4MEhyeDFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa1PRH0si XZ/5GSTOKJmjMZ92ghHURqXdNxeAGJ3FFgADwwZIOQ6mXUJz/vV6oGI0/KPA3olF 4AtiqtjQhji7aP6PLtMHs1pCzwH9IPIv0Mm9UDWdlht0RqT68FPHt1+lsN6M9GST wZ71/PPDeVALoPxmtkdE3DeEZP1MePeT5QhL3RwfpjkaUsX3kyRK2hMeV2HHCPl/ RCbJ4yCwJKXc1kP3RYQM7Y/Rn1dChco65TlijCE1suKxG8wtczXz5JCC5oEtBMMv e1lwrgBbMFokuk2zGzYIwGemp2scYLkJtwmM325hvs4ofv/Wunc2aVktntUqQTXR a11AL0Nsx8J6VQ== -----END CERTIFICATE-----Generated at Sat Dec 27 17:51:29 2025 by rpki-client