This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft File: ccWe2rmO-wzTdnYPQGnkxouL2iA.mft (raw, json) Hash identifier: 3UB54XU+ReBr+2mIkrXUXB1+1Oq76Xj31KDouABIWPQ= Subject key identifier: 1D:70:1E:0A:C3:DE:82:04:C1:A0:2D:92:60:23:7D:B1:A5:01:53:FC Authority key identifier: 71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20 Certificate issuer: /CN=71c59edab98efb0cd376760f4069e4c68b8bda20 Certificate serial: 019AF31B2D62204FA598A3C3005C228A8BE1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft Manifest number: 08B2 Signing time: Sat 06 Dec 2025 10:00:35 +0000 Manifest this update: Sat 06 Dec 2025 10:00:35 +0000 Manifest next update: Sun 07 Dec 2025 10:00:35 +0000 Files and hashes: 1: ccWe2rmO-wzTdnYPQGnkxouL2iA.crl (hash: K14XikxyQM/vLq6DsG9RCkt+E0qkWi0xiv3mzaumpag=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:2d:62:20:4f:a5:98:a3:c3:00:5c:22:8a:8b:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71c59edab98efb0cd376760f4069e4c68b8bda20 Validity Not Before: Dec 6 10:00:35 2025 GMT Not After : Dec 7 10:00:35 2025 GMT Subject: CN=1d701e0ac3de8204c1a02d9260237db1a50153fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:da:cd:06:77:46:3f:61:ca:b3:c0:e7:cc:7b: f9:6e:ef:1f:86:e9:8a:d7:c2:cd:bc:43:aa:97:ab: ba:2c:b7:9f:24:3a:a4:98:38:1c:22:bb:1f:40:36: fa:6c:05:82:0f:37:35:fe:7e:6e:48:55:3f:be:45: ac:24:74:f3:2a:c9:d2:2a:cb:65:ea:18:f9:11:db: 6f:a9:cf:bb:c0:73:ba:9b:c9:97:15:54:3f:43:10: 73:b8:07:47:d4:fe:6e:c5:36:9d:6f:87:54:ba:ae: 96:ac:ca:02:69:85:c4:02:1b:dc:51:47:c9:fa:96: c9:86:0b:24:31:78:61:f6:9f:46:05:44:e8:87:c2: 62:7e:62:df:e7:5e:33:ae:2b:fe:04:e8:ce:59:31: 72:c0:5b:8d:44:50:2d:28:16:3e:19:08:0f:e4:3b: 32:be:5a:7a:76:ff:b5:15:48:9b:b8:26:8a:14:62: f0:41:ec:58:53:5c:bb:04:b1:8d:dc:99:9a:c9:b6: 1b:4d:92:96:58:9d:6e:e3:5b:67:42:eb:67:06:72: 43:47:96:34:a0:3b:f8:3a:b2:ff:18:10:6e:30:0b: e0:12:3a:96:29:50:2a:67:12:6a:a7:f9:98:cb:54: 17:bc:38:c4:d1:4c:93:9e:62:e8:83:d2:d9:0b:02: fd:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:70:1E:0A:C3:DE:82:04:C1:A0:2D:92:60:23:7D:B1:A5:01:53:FC X509v3 Authority Key Identifier: keyid:71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:df:b4:0d:a4:15:d2:6c:26:7e:ea:0d:99:29:72:13:7f:12: df:7c:95:49:37:e3:e1:49:0d:30:13:23:ca:18:e2:6d:34:5d: 04:8b:ab:11:d1:b9:b3:06:e0:42:79:06:73:2d:bf:94:05:29: 48:2e:12:ba:0d:41:dc:fc:48:4b:a4:0a:06:35:f8:cd:dc:8a: 21:ca:2e:f8:fa:40:24:78:5f:c5:22:2a:3f:da:ff:41:94:ed: e5:dc:77:ff:cd:31:da:88:2a:60:59:b8:98:35:d5:cf:d2:f6: 93:6d:92:de:f4:63:35:87:21:2f:e6:fb:79:67:ed:b6:f8:2b: 77:b3:cf:c2:d1:7b:65:f1:00:81:cd:ed:b8:2d:4e:78:3b:aa: 2a:16:5b:a0:5c:2a:64:62:e2:d3:44:ac:12:e6:4d:8a:e6:ed: 00:5e:ac:48:2b:10:a8:c5:a2:ec:81:94:f3:18:eb:59:a1:4e: 1b:3a:82:c3:a6:d1:75:c8:6c:b8:61:5b:28:a8:c5:82:7d:3e: 2b:74:61:36:17:2d:16:1c:2e:08:44:cb:48:e4:55:03:0b:2d: bb:dc:15:5e:7b:0f:b6:35:cf:1b:47:5a:03:d2:4e:8e:31:02: c4:b9:ba:07:b5:18:32:41:9d:d8:a8:ad:18:da:1a:9c:ee:fb: 73:5e:37:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGy1iIE+lmKPDAFwiiovhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYzU5ZWRhYjk4ZWZiMGNkMzc2NzYwZjQwNjllNGM2OGI4 YmRhMjAwHhcNMjUxMjA2MTAwMDM1WhcNMjUxMjA3MTAwMDM1WjAzMTEwLwYDVQQD EygxZDcwMWUwYWMzZGU4MjA0YzFhMDJkOTI2MDIzN2RiMWE1MDE1M2ZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttrNBndGP2HKs8DnzHv5bu8fhumK 18LNvEOql6u6LLefJDqkmDgcIrsfQDb6bAWCDzc1/n5uSFU/vkWsJHTzKsnSKstl 6hj5Edtvqc+7wHO6m8mXFVQ/QxBzuAdH1P5uxTadb4dUuq6WrMoCaYXEAhvcUUfJ +pbJhgskMXhh9p9GBUToh8JifmLf514zriv+BOjOWTFywFuNRFAtKBY+GQgP5Dsy vlp6dv+1FUibuCaKFGLwQexYU1y7BLGN3JmaybYbTZKWWJ1u41tnQutnBnJDR5Y0 oDv4OrL/GBBuMAvgEjqWKVAqZxJqp/mYy1QXvDjE0UyTnmLog9LZCwL9XwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB1wHgrD3oIEwaAtkmAjfbGlAVP8MB8GA1UdIwQY MBaAFHHFntq5jvsM03Z2D0Bp5MaLi9ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTct NzdlY2JiYjRmN2Q4LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTctNzdlY2JiYjRmN2Q4 LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnt+0DaQV 0mwmfuoNmSlyE38S33yVSTfj4UkNMBMjyhjibTRdBIurEdG5swbgQnkGcy2/lAUp SC4Sug1B3PxIS6QKBjX4zdyKIcou+PpAJHhfxSIqP9r/QZTt5dx3/80x2ogqYFm4 mDXVz9L2k22S3vRjNYchL+b7eWfttvgrd7PPwtF7ZfEAgc3tuC1OeDuqKhZboFwq ZGLi00SsEuZNiubtAF6sSCsQqMWi7IGU8xjrWaFOGzqCw6bRdchsuGFbKKjFgn0+ K3RhNhctFhwuCETLSORVAwstu9wVXnsPtjXPG0daA9JOjjECxLm6B7UYMkGd2Kit GNoanO77c143UA== -----END CERTIFICATE-----Generated at Sat Dec 6 17:22:21 2025 by rpki-client