This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft File: EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft (raw, json) Hash identifier: gDbwqEMSaoLDh3vNMUfRVuooX0T8+dc93S3D2O/Si6o= Subject key identifier: 1F:33:61:85:56:22:73:6D:88:DF:3E:E1:12:60:6B:E1:48:E0:7E:AF Authority key identifier: 12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD Certificate issuer: /CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd Certificate serial: 019B3AC6E236D16A69928FFC5BB5B6F7D479 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft Manifest number: 0982 Signing time: Sat 20 Dec 2025 08:01:11 +0000 Manifest this update: Sat 20 Dec 2025 08:01:11 +0000 Manifest next update: Sun 21 Dec 2025 08:01:11 +0000 Files and hashes: 1: EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl (hash: 0x62Kzq5+x0+f/304Ex+gSdjGIgPrArHydDv87+qXoU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 08:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:c6:e2:36:d1:6a:69:92:8f:fc:5b:b5:b6:f7:d4:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd Validity Not Before: Dec 20 08:01:11 2025 GMT Not After : Dec 21 08:01:11 2025 GMT Subject: CN=1f3361855622736d88df3ee112606be148e07eaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:ad:2a:9c:62:e8:91:c5:30:cb:f9:b9:ca:85: 68:dd:fa:98:f5:c1:bc:c6:c0:af:bf:7c:45:61:a4: 35:a5:5b:2c:48:af:97:5a:3a:46:64:29:d0:c8:26: 02:fb:50:8f:1c:d2:92:db:79:15:0e:1b:e3:2a:4f: 0b:be:3d:0e:22:b6:28:db:db:ba:99:bc:86:53:98: d3:d9:ad:7e:04:fc:dd:16:a3:04:68:ef:9c:39:c1: b8:53:c5:5b:46:dc:d2:ee:67:62:96:b7:87:2b:b7: ab:87:52:72:8b:9f:08:02:e6:c0:1d:2e:90:0b:c9: 60:cc:87:8a:f7:89:ca:b4:cb:72:98:5c:14:b4:eb: c4:09:b8:51:bc:0e:f9:07:c3:7d:5d:55:ac:d3:52: 4f:71:1e:ae:5f:2e:00:a3:8d:b7:9a:bd:52:cf:93: 52:55:22:6d:ba:a7:a8:66:fe:bf:66:81:b0:6f:ff: e6:20:5d:a1:c7:ed:e5:7c:98:3c:6e:d8:e0:67:ec: 4a:93:73:4e:46:cc:f6:4d:83:f4:ed:bf:c7:2a:27: 18:c0:38:c7:98:e2:93:c1:95:d0:73:5c:18:e0:38: e9:57:97:08:6f:6d:e8:a6:07:fc:be:90:43:af:50: d1:65:a5:17:18:92:cd:37:f1:36:a3:03:23:5c:e8: 21:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:33:61:85:56:22:73:6D:88:DF:3E:E1:12:60:6B:E1:48:E0:7E:AF X509v3 Authority Key Identifier: keyid:12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:bc:9b:65:49:03:cf:49:18:4a:fb:c3:ea:b5:90:85:5d:2b: 3a:60:e5:f1:c0:f5:8a:b3:40:cb:d1:7a:05:a5:be:94:c4:ee: 84:7e:51:87:a1:c9:79:6f:bb:2d:93:60:6f:c2:19:70:f3:9e: 23:60:5c:fb:06:65:47:45:0e:2a:30:10:18:2b:53:fc:0f:66: 0a:d3:2f:3f:51:02:2a:04:fb:e2:9e:8c:d1:5f:35:a9:e8:8c: 13:17:fc:04:2e:07:b0:c2:1c:81:ee:5f:48:a3:c2:12:3e:5e: 3e:da:07:45:33:06:55:57:ed:71:b6:d1:ab:78:26:ee:2f:86: 31:ff:86:3f:0d:08:c8:4a:2c:65:f5:94:fb:0e:6a:13:06:9a: 7a:a5:40:24:7a:08:3d:20:ad:94:88:08:fe:52:d8:98:f6:2a: 7a:6a:05:52:4f:b5:28:c5:58:5c:25:5f:56:54:55:58:0d:3f: ad:b8:ab:ab:59:0e:48:c2:2f:80:2a:11:8b:8c:fa:b4:92:fd: ba:8d:32:75:90:1f:df:0f:4c:bf:10:00:ca:a2:02:08:9e:49: 20:ed:d2:f6:d2:27:93:c0:c7:ca:74:89:70:56:57:91:22:20: 7b:ab:de:78:25:d1:29:85:43:ab:cf:00:81:d2:98:73:78:a5: 48:04:d6:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6xuI20Wppko/8W7W299R5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyOTQ2MmQ0NWI4YWI5NWQ0YzM1YzQwMjY1YjMxYjUyYmYx ZThkYmQwHhcNMjUxMjIwMDgwMTExWhcNMjUxMjIxMDgwMTExWjAzMTEwLwYDVQQD EygxZjMzNjE4NTU2MjI3MzZkODhkZjNlZTExMjYwNmJlMTQ4ZTA3ZWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla0qnGLokcUwy/m5yoVo3fqY9cG8 xsCvv3xFYaQ1pVssSK+XWjpGZCnQyCYC+1CPHNKS23kVDhvjKk8Lvj0OIrYo29u6 mbyGU5jT2a1+BPzdFqMEaO+cOcG4U8VbRtzS7mdilreHK7erh1Jyi58IAubAHS6Q C8lgzIeK94nKtMtymFwUtOvECbhRvA75B8N9XVWs01JPcR6uXy4Ao423mr1Sz5NS VSJtuqeoZv6/ZoGwb//mIF2hx+3lfJg8btjgZ+xKk3NORsz2TYP07b/HKicYwDjH mOKTwZXQc1wY4DjpV5cIb23opgf8vpBDr1DRZaUXGJLNN/E2owMjXOghYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB8zYYVWInNtiN8+4RJga+FI4H6vMB8GA1UdIwQY MBaAFBKUYtRbirldTDXEAmWzG1K/Ho29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQt M2EzODkzMzJmNzlmLzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQtM2EzODkzMzJmNzlm LzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAALybZUkD z0kYSvvD6rWQhV0rOmDl8cD1irNAy9F6BaW+lMTuhH5Rh6HJeW+7LZNgb8IZcPOe I2Bc+wZlR0UOKjAQGCtT/A9mCtMvP1ECKgT74p6M0V81qeiMExf8BC4HsMIcge5f SKPCEj5ePtoHRTMGVVftcbbRq3gm7i+GMf+GPw0IyEosZfWU+w5qEwaaeqVAJHoI PSCtlIgI/lLYmPYqemoFUk+1KMVYXCVfVlRVWA0/rbirq1kOSMIvgCoRi4z6tJL9 uo0ydZAf3w9MvxAAyqICCJ5JIO3S9tInk8DHynSJcFZXkSIge6veeCXRKYVDq88A gdKYc3ilSATWbQ== -----END CERTIFICATE-----Generated at Sat Dec 20 12:35:43 2025 by rpki-client