This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft File: aBHhJcs1cHby-jE4yT6aJoGxeJM.mft (raw, json) Hash identifier: 2wJNtWBPubvH46Z9M85zhEf+Rm2IuSn2818LPNjTftY= Subject key identifier: 99:B2:09:A5:8F:A8:55:24:BF:0F:E3:09:63:E1:4B:BB:90:2B:58:A3 Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93 Certificate issuer: /CN=6811e125cb357076f2fa3138c93e9a2681b17893 Certificate serial: 019B3E6C6A47806CC6BDBB3DD70ABD2B33FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 01:00:51 +0000 Manifest this update: Sun 21 Dec 2025 01:00:51 +0000 Manifest next update: Mon 22 Dec 2025 01:00:51 +0000 Files and hashes: 1: aBHhJcs1cHby-jE4yT6aJoGxeJM.crl (hash: 3s1tksdnArqJpPWQcGRIBkZarhOTzCr8Is52xTfj774=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6c:6a:47:80:6c:c6:bd:bb:3d:d7:0a:bd:2b:33:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893 Validity Not Before: Dec 21 01:00:51 2025 GMT Not After : Dec 22 01:00:51 2025 GMT Subject: CN=99b209a58fa85524bf0fe30963e14bbb902b58a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:d0:9f:f8:38:4d:fd:e6:a6:06:b5:84:2a:e8: c3:3b:da:6d:11:73:95:47:f9:d6:c4:33:48:99:aa: 41:ee:55:3e:f5:b3:21:0d:2a:f0:cf:5b:cb:7a:72: 69:5a:cc:ff:39:48:2b:21:e8:66:8d:58:af:b5:fe: 4d:17:60:01:7b:5b:54:81:21:a6:d1:15:74:13:be: 3a:26:f6:a5:39:ed:c9:02:d7:62:59:e4:a7:76:7f: 57:92:e2:c9:a2:50:9b:62:5d:eb:0b:fe:dd:63:54: 21:f8:5e:63:83:af:b5:74:6b:96:17:7b:97:78:7c: 91:52:d2:c0:a4:7b:1e:d9:ad:86:f0:01:15:ca:1b: 86:f4:c7:2a:19:53:10:55:1c:6f:66:6a:b4:91:6c: fb:fe:2f:95:7a:07:24:27:46:4d:56:90:8f:75:72: 9a:38:41:3b:bc:5f:0a:87:56:6e:a4:ab:83:e5:e4: fc:8f:a4:46:18:2e:e4:02:c5:24:4d:b2:a3:8f:d4: 61:94:eb:a4:4d:65:14:26:ec:eb:1e:aa:58:e4:71: 5a:75:80:bc:3a:df:ee:e5:ad:6e:74:13:d4:84:1a: f4:4b:25:b4:2d:29:c6:b9:f1:5d:be:bb:2c:9b:a6: 2f:86:8b:8d:c8:f2:02:cf:a2:c7:36:5b:43:af:ac: fe:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:B2:09:A5:8F:A8:55:24:BF:0F:E3:09:63:E1:4B:BB:90:2B:58:A3 X509v3 Authority Key Identifier: keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:95:da:f4:ca:a5:d5:82:98:b8:60:8d:21:ee:2a:05:5e:a2: b4:a3:60:57:93:f1:b4:7c:ec:c0:c0:ca:9a:fd:49:b8:ea:6c: eb:80:e4:e2:97:4c:e0:ee:43:09:34:23:4a:07:b7:11:e3:a4: db:ba:f5:2e:aa:e0:66:7a:3b:37:a0:1e:1e:f6:67:bb:45:b8: 3b:e3:16:ec:8e:1a:3f:99:8f:7b:c1:3c:f9:ec:7b:ee:2f:36: 66:50:5f:91:00:ca:ea:b3:bd:9e:83:7b:22:fc:b7:e9:20:8b: 8a:92:32:ad:5f:39:e5:24:84:c0:6a:a9:71:93:29:5d:72:a7: 5f:41:c2:5d:c2:54:ef:cd:0d:1b:3f:9c:9e:88:65:db:78:74: 17:d7:e1:22:ba:aa:d5:8d:05:c8:d5:6a:c8:4b:da:df:d3:04: 96:57:7d:64:9e:22:7f:6e:ee:35:77:95:a0:2d:ba:55:85:50: 17:37:91:7a:7b:97:b4:bc:42:cd:3a:a0:02:d8:40:e9:c5:74: 0f:ae:d3:7b:52:80:5d:d9:ce:9e:b3:3a:23:bd:67:4f:50:81: 82:84:2d:70:9e:1f:85:56:fb:1d:74:6e:68:a2:50:4a:4f:d3: d2:5a:c6:26:12:9f:51:b3:82:3d:77:18:40:63:fa:b3:6f:0f: a0:f5:8c:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bGpHgGzGvbs91wq9KzP8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi MTc4OTMwHhcNMjUxMjIxMDEwMDUxWhcNMjUxMjIyMDEwMDUxWjAzMTEwLwYDVQQD Eyg5OWIyMDlhNThmYTg1NTI0YmYwZmUzMDk2M2UxNGJiYjkwMmI1OGEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotCf+DhN/eamBrWEKujDO9ptEXOV R/nWxDNImapB7lU+9bMhDSrwz1vLenJpWsz/OUgrIehmjVivtf5NF2ABe1tUgSGm 0RV0E746JvalOe3JAtdiWeSndn9XkuLJolCbYl3rC/7dY1Qh+F5jg6+1dGuWF3uX eHyRUtLApHse2a2G8AEVyhuG9McqGVMQVRxvZmq0kWz7/i+VegckJ0ZNVpCPdXKa OEE7vF8Kh1ZupKuD5eT8j6RGGC7kAsUkTbKjj9RhlOukTWUUJuzrHqpY5HFadYC8 Ot/u5a1udBPUhBr0SyW0LSnGufFdvrssm6YvhouNyPICz6LHNltDr6z++QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJmyCaWPqFUkvw/jCWPhS7uQK1ijMB8GA1UdIwQY MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et Y2Q0Mzk0OTJiN2FlLzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5Xa9Mql 1YKYuGCNIe4qBV6itKNgV5PxtHzswMDKmv1JuOps64Dk4pdM4O5DCTQjSge3EeOk 27r1LqrgZno7N6AeHvZnu0W4O+MW7I4aP5mPe8E8+ex77i82ZlBfkQDK6rO9noN7 Ivy36SCLipIyrV855SSEwGqpcZMpXXKnX0HCXcJU780NGz+cnohl23h0F9fhIrqq 1Y0FyNVqyEva39MElld9ZJ4if27uNXeVoC26VYVQFzeRenuXtLxCzTqgAthA6cV0 D67Te1KAXdnOnrM6I71nT1CBgoQtcJ4fhVb7HXRuaKJQSk/T0lrGJhKfUbOCPXcY QGP6s28PoPWMhQ== -----END CERTIFICATE-----Generated at Sun Dec 21 06:16:51 2025 by rpki-client