This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft File: 52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json) Hash identifier: gAHdCnXKmNRVk7Dn71n4VG+W5ScTC8939OPjC6H9k2A= Subject key identifier: 4D:50:25:F4:FC:FD:A0:94:14:EC:1B:74:86:2E:C7:1E:44:9B:64:09 Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED Certificate issuer: /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced Certificate serial: 019B6EB4A73131AD990A741B0A3928EA28D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft Manifest number: 126B Signing time: Tue 30 Dec 2025 10:01:31 +0000 Manifest this update: Tue 30 Dec 2025 10:01:31 +0000 Manifest next update: Wed 31 Dec 2025 10:01:31 +0000 Files and hashes: 1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: CN/kpXV9hSNye8UVhKw1LXQbnbc+OMRISYLTbgAbnTk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 10:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6e:b4:a7:31:31:ad:99:0a:74:1b:0a:39:28:ea:28:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced Validity Not Before: Dec 30 10:01:31 2025 GMT Not After : Dec 31 10:01:31 2025 GMT Subject: CN=4d5025f4fcfda09414ec1b74862ec71e449b6409 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:62:79:c1:f1:0d:aa:e3:a1:6f:c6:68:8a:bc: a1:10:7e:4d:aa:4e:31:8d:11:4f:83:af:fa:10:98: de:1f:cd:1e:ec:b4:00:e9:64:0b:d3:74:88:da:db: 6c:d8:16:64:b1:96:63:83:8e:41:92:76:85:15:a5: f5:93:3c:0b:9e:76:31:bc:57:cc:90:d6:c4:92:49: 26:52:6c:6b:8f:8c:06:47:ac:fb:fb:d3:32:44:b6: c9:82:9f:3d:7a:4a:20:c5:1f:79:2a:36:14:ac:1b: cd:91:cb:f0:9f:32:9b:ef:77:8b:21:ee:a8:ef:7b: 9d:bf:4d:6c:9c:00:65:7d:a3:98:4a:79:7a:29:f6: e2:85:4d:e8:fe:2c:02:41:35:d0:5d:3c:27:bb:24: 22:e6:68:78:0e:c5:c8:ff:51:cc:ab:26:db:b9:55: 47:5e:fb:70:55:b1:80:48:c5:31:e1:c3:8f:08:5c: 2f:3d:b7:7a:8a:f4:63:17:22:2d:38:de:18:44:78: 41:fa:44:82:e6:17:08:21:fe:e0:2a:c6:40:33:fd: a9:83:65:c7:df:95:23:ca:c5:7d:ce:28:97:11:ca: 3e:d0:2d:d7:94:dd:7d:ae:4a:fe:67:6f:e0:c2:3e: 5f:3e:5b:d8:81:46:a2:62:52:1c:68:a0:73:9f:99: 31:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:50:25:F4:FC:FD:A0:94:14:EC:1B:74:86:2E:C7:1E:44:9B:64:09 X509v3 Authority Key Identifier: keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:a3:67:ac:5e:0d:a4:5f:49:1f:df:cd:ed:2e:70:bd:71:fa: 88:b6:cc:75:6c:19:c1:6b:5f:62:3e:04:8f:bf:28:f4:c5:34: e5:de:86:4b:1a:d4:83:df:af:a0:e1:24:6d:5f:4d:ed:5b:04: c6:a7:f5:ec:a8:0c:90:3c:1f:cf:32:a6:e3:00:3d:38:37:37: fb:ec:9e:9d:bc:7c:23:13:9b:7a:1a:78:d9:66:ef:ec:5f:90: bf:36:43:d7:53:d7:38:2c:89:c2:74:3e:b2:b7:f7:13:1b:72: 52:b3:b0:b0:99:40:78:e1:0d:60:d7:01:e3:39:01:30:f9:f2: 38:6c:9a:9a:32:6e:28:ed:b6:9b:7a:28:9c:e7:c3:49:7c:9d: de:ee:b0:bc:e7:fe:08:0d:21:39:6d:cb:ed:ac:1e:18:06:f0: 9a:60:91:89:28:66:f3:f7:7a:99:d0:cd:c3:41:49:82:21:f5: cb:3a:5e:90:3f:d5:37:2b:39:0e:e9:26:a0:8d:2f:66:89:1f: ef:36:4f:4c:aa:02:1a:4e:84:6b:dc:37:db:f5:ef:5e:a4:e5: b4:ac:5a:3d:c2:62:ea:e1:e6:6c:0e:ca:b0:e3:1e:c0:8c:1a: 4f:a5:e2:84:4b:b3:50:02:aa:2c:fa:d4:81:ad:9b:fd:31:30: c9:56:96:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtutKcxMa2ZCnQbCjko6ijWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl MmNjZWQwHhcNMjUxMjMwMTAwMTMxWhcNMjUxMjMxMTAwMTMxWjAzMTEwLwYDVQQD Eyg0ZDUwMjVmNGZjZmRhMDk0MTRlYzFiNzQ4NjJlYzcxZTQ0OWI2NDA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGJ5wfENquOhb8ZoiryhEH5Nqk4x jRFPg6/6EJjeH80e7LQA6WQL03SI2tts2BZksZZjg45BknaFFaX1kzwLnnYxvFfM kNbEkkkmUmxrj4wGR6z7+9MyRLbJgp89ekogxR95KjYUrBvNkcvwnzKb73eLIe6o 73udv01snABlfaOYSnl6KfbihU3o/iwCQTXQXTwnuyQi5mh4DsXI/1HMqybbuVVH XvtwVbGASMUx4cOPCFwvPbd6ivRjFyItON4YRHhB+kSC5hcIIf7gKsZAM/2pg2XH 35UjysV9ziiXEco+0C3XlN19rkr+Z2/gwj5fPlvYgUaiYlIcaKBzn5kxpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1QJfT8/aCUFOwbdIYuxx5Em2QJMB8GA1UdIwQY MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqNnrF4N pF9JH9/N7S5wvXH6iLbMdWwZwWtfYj4Ej78o9MU05d6GSxrUg9+voOEkbV9N7VsE xqf17KgMkDwfzzKm4wA9ODc3++yenbx8IxObehp42Wbv7F+QvzZD11PXOCyJwnQ+ srf3ExtyUrOwsJlAeOENYNcB4zkBMPnyOGyamjJuKO22m3oonOfDSXyd3u6wvOf+ CA0hOW3L7aweGAbwmmCRiShm8/d6mdDNw0FJgiH1yzpekD/VNys5DukmoI0vZokf 7zZPTKoCGk6Ea9w32/XvXqTltKxaPcJi6uHmbA7KsOMewIwaT6XihEuzUAKqLPrU ga2b/TEwyVaWDw== -----END CERTIFICATE-----Generated at Tue Dec 30 18:42:39 2025 by rpki-client