This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft File: 249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json) Hash identifier: xbu7v9bSRb67XIDY5te8fT7vjYlmflTaylH+6FqAlH0= Subject key identifier: 18:65:04:0E:A6:18:30:DB:36:7C:BA:7E:C2:00:12:D5:35:E8:CC:A5 Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6 Certificate issuer: /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6 Certificate serial: 019AF2767C636C5AABF3E83808021245EAB4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft Manifest number: 0856 Signing time: Sat 06 Dec 2025 07:00:42 +0000 Manifest this update: Sat 06 Dec 2025 07:00:42 +0000 Manifest next update: Sun 07 Dec 2025 07:00:42 +0000 Files and hashes: 1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: YQPstcNRUKqxbAwEHoQiCvi/wQ/A1vSLJvf4RMqScKA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:7c:63:6c:5a:ab:f3:e8:38:08:02:12:45:ea:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6 Validity Not Before: Dec 6 07:00:42 2025 GMT Not After : Dec 7 07:00:42 2025 GMT Subject: CN=1865040ea61830db367cba7ec20012d535e8cca5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:45:e3:d9:43:81:94:c9:b9:f7:bd:87:68:c0: ab:69:80:13:09:a6:da:c2:8f:9e:7d:0e:8c:d5:b3: 63:78:06:e3:1f:dc:63:ed:d3:04:b1:60:b7:06:d7: d1:bc:8b:45:30:5e:fd:07:86:7d:87:35:73:e7:0f: 47:94:25:ba:fa:f6:42:56:69:68:85:63:86:d2:e5: 3f:a3:77:85:20:b0:62:a2:9e:ea:7d:a7:ba:85:42: cf:8c:b0:91:77:33:53:6b:c7:2d:d1:2c:b8:52:dd: f4:47:f0:68:9f:a5:bb:31:1a:4f:38:49:25:3a:54: cb:c6:d4:59:f6:f9:30:e0:34:d9:ce:e6:5b:9c:d0: 4c:10:1c:4d:b8:10:1b:8c:56:c7:22:bc:4f:a9:68: 6c:56:79:e3:7e:54:42:77:46:9b:66:69:86:81:08: 13:7d:ea:2c:2a:62:41:9d:10:18:6f:80:e2:74:ea: 6f:76:dc:bb:4d:5a:5c:48:df:e0:7e:93:8c:e2:77: 49:d0:8d:4c:bf:29:35:94:bb:63:d9:fc:20:07:49: 90:eb:02:31:6d:ac:77:6c:34:c3:a9:d0:30:91:20: 8f:1c:28:16:cc:47:7d:c8:26:15:0e:22:33:ff:18: 22:e0:7f:76:53:7d:06:ab:2c:a3:1a:fc:c9:32:1c: 4e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:65:04:0E:A6:18:30:DB:36:7C:BA:7E:C2:00:12:D5:35:E8:CC:A5 X509v3 Authority Key Identifier: keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:49:53:4c:37:cb:f4:ca:c2:0b:d0:4e:95:90:73:95:cc:0c: 51:92:23:1d:dc:0a:bd:16:6a:4f:05:b3:18:bd:4d:4d:9f:40: 1c:03:94:bb:e9:6d:be:b7:82:5d:b7:9e:f7:ba:ea:bc:d2:27: 40:57:d2:4c:dc:91:9c:e7:a4:e2:ca:fc:95:a6:a2:16:4c:3b: 49:39:98:b2:c2:b9:c1:62:99:c3:da:fd:8c:0b:f1:a6:75:b9: c7:69:49:5a:c2:a1:58:23:64:80:a2:8c:b6:8d:8f:96:13:92: b4:fe:6e:5d:66:e3:39:3a:a7:5a:68:17:2c:e6:9d:e8:c6:35: bc:d1:ef:ed:a0:7c:5d:17:96:64:6f:01:3f:5b:05:41:59:05: 62:f3:1b:7b:6b:20:86:ad:80:45:29:e2:7e:21:4a:f4:5d:1a: a3:e7:df:8a:94:a0:26:8c:eb:2b:73:31:42:c6:e7:96:2f:32: 11:a1:65:81:01:77:2c:8e:d1:59:a2:d1:40:45:17:82:07:0c: 14:2a:a4:a8:22:d9:23:61:1a:fc:29:d1:a3:ce:2f:28:ab:32: d5:7c:13:ba:93:d1:b6:ec:77:86:36:57:f5:9f:e2:31:be:58: 6c:c3:9f:9b:db:37:24:21:19:e5:c5:37:59:f8:9e:7a:a0:7d: fa:be:b8:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydnxjbFqr8+g4CAISReq0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy ZjY3ZjYwHhcNMjUxMjA2MDcwMDQyWhcNMjUxMjA3MDcwMDQyWjAzMTEwLwYDVQQD EygxODY1MDQwZWE2MTgzMGRiMzY3Y2JhN2VjMjAwMTJkNTM1ZThjY2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUXj2UOBlMm5972HaMCraYATCaba wo+efQ6M1bNjeAbjH9xj7dMEsWC3BtfRvItFMF79B4Z9hzVz5w9HlCW6+vZCVmlo hWOG0uU/o3eFILBiop7qfae6hULPjLCRdzNTa8ct0Sy4Ut30R/Bon6W7MRpPOEkl OlTLxtRZ9vkw4DTZzuZbnNBMEBxNuBAbjFbHIrxPqWhsVnnjflRCd0abZmmGgQgT feosKmJBnRAYb4DidOpvdty7TVpcSN/gfpOM4ndJ0I1Mvyk1lLtj2fwgB0mQ6wIx bax3bDTDqdAwkSCPHCgWzEd9yCYVDiIz/xgi4H92U30GqyyjGvzJMhxOEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBhlBA6mGDDbNny6fsIAEtU16MylMB8GA1UdIwQY MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArklTTDfL 9MrCC9BOlZBzlcwMUZIjHdwKvRZqTwWzGL1NTZ9AHAOUu+ltvreCXbee97rqvNIn QFfSTNyRnOek4sr8laaiFkw7STmYssK5wWKZw9r9jAvxpnW5x2lJWsKhWCNkgKKM to2PlhOStP5uXWbjOTqnWmgXLOad6MY1vNHv7aB8XReWZG8BP1sFQVkFYvMbe2sg hq2ARSnifiFK9F0ao+ffipSgJozrK3MxQsbnli8yEaFlgQF3LI7RWaLRQEUXggcM FCqkqCLZI2Ea/CnRo84vKKsy1XwTupPRtux3hjZX9Z/iMb5YbMOfm9s3JCEZ5cU3 WfieeqB9+r64pA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:38:48 2025 by rpki-client