This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft File: EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft (raw, json) Hash identifier: Kn+/R0RKvXFfMjwxiVl5DQgnulqoIpajk9Cen82Vo1U= Subject key identifier: DD:06:D0:82:9A:9D:21:99:CF:8F:D0:48:3D:CA:72:CD:AD:71:AA:FE Authority key identifier: 12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD Certificate issuer: /CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd Certificate serial: 019B446E5E93EC6BD11E1DAFA584BEEC9B81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft Manifest number: 0987 Signing time: Mon 22 Dec 2025 05:00:42 +0000 Manifest this update: Mon 22 Dec 2025 05:00:42 +0000 Manifest next update: Tue 23 Dec 2025 05:00:42 +0000 Files and hashes: 1: EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl (hash: 1MUsrQOdlDu/T60JHDQZX+8XhgBotbORpR+rhLbsU8s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:6e:5e:93:ec:6b:d1:1e:1d:af:a5:84:be:ec:9b:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd Validity Not Before: Dec 22 05:00:42 2025 GMT Not After : Dec 23 05:00:42 2025 GMT Subject: CN=dd06d0829a9d2199cf8fd0483dca72cdad71aafe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:17:c6:e5:22:c4:5c:58:ff:64:30:af:71:63: 42:e0:81:66:7b:b6:3f:68:58:78:04:08:2e:08:e0: a8:6e:2b:61:64:35:a2:38:36:cf:9c:05:35:f5:bc: c5:16:ef:79:a1:ea:bc:db:cd:00:22:b2:dd:ae:db: 4a:89:7e:43:56:bd:fc:9f:7f:63:8c:ae:e0:2a:b1: b9:00:eb:04:9f:88:1c:30:17:b7:e4:7f:ec:52:6f: 96:e2:bd:c3:83:ac:51:9b:02:ae:6f:77:22:76:5b: 04:57:c4:a6:3e:67:42:1f:81:4d:78:fc:25:ec:ee: 3e:25:2a:34:02:07:ad:13:70:6c:54:04:f1:14:76: 99:48:c0:2e:cb:ff:9a:bd:e9:40:1d:94:1c:ad:8f: f2:4d:ba:00:f7:fc:b3:65:93:d0:0a:d3:32:d1:98: fc:27:4f:57:56:06:d4:76:e2:12:fc:3c:55:fb:f0: e5:be:d0:3b:72:c6:05:43:f4:c2:d4:77:68:f7:2f: 8d:8a:e4:5f:5e:df:21:d5:4d:54:0e:18:05:c3:4e: 86:50:54:b4:5c:03:2d:1e:70:b4:2c:fe:51:03:f8: 9a:2f:f8:79:2a:67:ea:a1:9c:20:a4:e1:a3:ec:cf: 67:1a:88:3c:78:97:ac:08:b0:ac:ff:b1:3f:3f:2b: 7a:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:06:D0:82:9A:9D:21:99:CF:8F:D0:48:3D:CA:72:CD:AD:71:AA:FE X509v3 Authority Key Identifier: keyid:12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:31:bb:f5:d8:d0:fc:5b:2a:29:4b:11:d1:d9:8e:46:35:63: ed:dd:be:d1:b2:3f:bd:2a:16:5b:b6:20:34:c9:d9:d2:e2:da: e3:83:e2:86:99:4a:18:66:71:28:b2:4b:fd:24:66:d7:f1:42: b1:d3:6c:c3:a6:90:88:43:73:3a:d6:cf:68:5c:25:63:3c:4f: 2a:4d:d6:8e:16:b2:38:2a:06:fe:27:a7:df:8e:05:79:19:53: 7b:d7:1c:96:71:2d:02:ec:d8:b4:fc:a8:27:6d:1c:ed:3e:e4: 45:5f:97:4e:86:f8:3a:28:00:bf:15:53:a0:6c:9b:3c:67:67: 04:c6:13:80:45:d4:b8:18:bc:42:8e:ef:25:f9:9a:6d:e0:ad: 9f:38:67:6e:41:3f:30:86:df:df:62:32:75:b4:f2:5a:ce:e4: a7:f2:b7:b8:b6:07:8a:33:a1:0a:d1:e2:8e:e0:ab:cb:9a:9b: 5d:b7:dc:50:66:2d:6d:3b:70:8a:94:f1:1f:19:c1:23:46:63: 97:22:04:0b:97:b2:5f:7a:38:a8:f2:67:2a:48:ec:44:9b:a1: fd:d8:0c:c8:a0:1a:e7:12:67:32:da:b5:07:75:ad:30:f4:0b: a8:72:e6:62:d8:1a:3b:f0:1f:b1:7f:d5:74:5a:40:0e:36:6a: 9d:4c:1f:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEbl6T7GvRHh2vpYS+7JuBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyOTQ2MmQ0NWI4YWI5NWQ0YzM1YzQwMjY1YjMxYjUyYmYx ZThkYmQwHhcNMjUxMjIyMDUwMDQyWhcNMjUxMjIzMDUwMDQyWjAzMTEwLwYDVQQD EyhkZDA2ZDA4MjlhOWQyMTk5Y2Y4ZmQwNDgzZGNhNzJjZGFkNzFhYWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxfG5SLEXFj/ZDCvcWNC4IFme7Y/ aFh4BAguCOCobithZDWiODbPnAU19bzFFu95oeq8280AIrLdrttKiX5DVr38n39j jK7gKrG5AOsEn4gcMBe35H/sUm+W4r3Dg6xRmwKub3cidlsEV8SmPmdCH4FNePwl 7O4+JSo0AgetE3BsVATxFHaZSMAuy/+avelAHZQcrY/yTboA9/yzZZPQCtMy0Zj8 J09XVgbUduIS/DxV+/DlvtA7csYFQ/TC1Hdo9y+NiuRfXt8h1U1UDhgFw06GUFS0 XAMtHnC0LP5RA/iaL/h5KmfqoZwgpOGj7M9nGog8eJesCLCs/7E/Pyt60wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN0G0IKanSGZz4/QSD3Kcs2tcar+MB8GA1UdIwQY MBaAFBKUYtRbirldTDXEAmWzG1K/Ho29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQt M2EzODkzMzJmNzlmLzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQtM2EzODkzMzJmNzlm LzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqTG79djQ /FsqKUsR0dmORjVj7d2+0bI/vSoWW7YgNMnZ0uLa44PihplKGGZxKLJL/SRm1/FC sdNsw6aQiENzOtbPaFwlYzxPKk3WjhayOCoG/ien344FeRlTe9cclnEtAuzYtPyo J20c7T7kRV+XTob4OigAvxVToGybPGdnBMYTgEXUuBi8Qo7vJfmabeCtnzhnbkE/ MIbf32IydbTyWs7kp/K3uLYHijOhCtHijuCry5qbXbfcUGYtbTtwipTxHxnBI0Zj lyIEC5eyX3o4qPJnKkjsRJuh/dgMyKAa5xJnMtq1B3WtMPQLqHLmYtgaO/AfsX/V dFpADjZqnUwffw== -----END CERTIFICATE-----Generated at Mon Dec 22 06:24:18 2025 by rpki-client