This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft File: cxkAeiit4HgdMS2NSUcts2dnBBY.mft (raw, json) Hash identifier: pJUp+ybBPZueBfzviVLKGg+Hnbm1M5kgzBKf02Kzbs0= Subject key identifier: 8F:A8:E4:77:EC:58:F3:A5:24:C6:D6:F7:DC:2E:54:A3:8B:5C:EB:88 Authority key identifier: 73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16 Certificate issuer: /CN=7319007a28ade0781d312d8d49472db367670416 Certificate serial: 019AF1D24E9C844FF6A45508CB2BE463A0A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft Manifest number: 09DD Signing time: Sat 06 Dec 2025 04:01:22 +0000 Manifest this update: Sat 06 Dec 2025 04:01:22 +0000 Manifest next update: Sun 07 Dec 2025 04:01:22 +0000 Files and hashes: 1: cxkAeiit4HgdMS2NSUcts2dnBBY.crl (hash: 8khx8bRHgoMUM3ArsjFH8eJGVK9sRkbojaVoNkZm3Rk=) 2: rOIGMeXF9bxOY5fu4vCOE7NrCP0.roa (hash: 1nU5+mzZGJaibKrLnnLB5qj48GydY1KP7W2pluR6Ujw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:4e:9c:84:4f:f6:a4:55:08:cb:2b:e4:63:a0:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7319007a28ade0781d312d8d49472db367670416 Validity Not Before: Dec 6 04:01:22 2025 GMT Not After : Dec 7 04:01:22 2025 GMT Subject: CN=8fa8e477ec58f3a524c6d6f7dc2e54a38b5ceb88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:20:8f:64:f8:af:85:a8:c1:1a:c1:62:ad:57: 08:59:65:66:dd:49:4f:f9:e4:b2:2f:e7:45:63:00: 05:95:3c:65:23:45:24:f1:60:7a:5a:d1:b7:87:1c: 71:e3:14:53:6a:dd:ed:31:53:ad:e2:c2:7a:76:98: 32:2a:24:a5:a0:70:6b:a0:a3:de:58:7e:ca:93:ac: 38:f4:58:32:d8:11:7c:39:45:1e:34:f6:f4:ad:7a: 71:54:fc:9b:95:8d:b2:a4:0f:69:ca:65:0e:cc:f5: 5d:89:dc:2a:ba:29:df:77:7f:91:ce:f1:c5:8b:62: e0:90:74:7b:53:1c:e7:c2:e5:13:f8:ce:0e:f5:4c: 20:c1:a6:4c:5e:84:8e:c6:bf:da:b7:2a:33:06:19: 64:60:88:47:95:ef:1e:8c:53:46:2d:6a:3b:8b:8c: d1:c5:45:fd:77:ad:ba:44:3f:85:13:bc:51:35:76: e3:ae:d4:e3:f8:59:0c:57:57:af:7d:c6:71:39:b2: 80:60:e8:89:e3:a2:93:78:44:2b:ad:32:84:01:c1: 05:53:7d:a5:d7:5b:a7:f9:df:69:bb:82:89:30:e8: c5:45:df:82:68:08:38:ff:ed:53:db:4a:30:0c:d8: e6:86:9b:a3:dc:b8:5f:5d:24:6b:f9:87:0c:b4:a0: f2:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:A8:E4:77:EC:58:F3:A5:24:C6:D6:F7:DC:2E:54:A3:8B:5C:EB:88 X509v3 Authority Key Identifier: keyid:73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:a1:db:3b:00:cd:26:2a:85:5f:fd:f0:81:59:45:90:7d:34: 20:12:80:dd:f9:cc:b9:ae:20:87:ef:69:dc:e2:03:99:82:a8: 0b:5d:21:ff:be:c6:69:93:03:33:a7:f0:51:b0:01:b1:65:d8: c0:ff:c8:79:6c:ff:f7:9f:f2:23:f9:ac:be:53:d4:84:58:ae: f1:cd:ed:a2:c9:3c:67:c9:d3:94:86:bc:b0:01:56:96:75:59: 04:bb:bb:66:e0:fa:8e:87:cb:6b:6b:38:1f:98:72:39:6e:c3: 49:67:ae:05:c2:a8:07:3e:35:c2:1c:fd:18:af:30:24:48:d3: 2c:2e:20:7c:6c:e0:f0:95:e1:5a:35:4c:b7:a6:ea:bf:4f:9d: 2a:1b:e6:32:9b:92:d8:73:c9:b3:14:54:e9:ec:08:eb:c0:0c: 76:6c:20:a1:40:5f:5a:a3:2a:33:ba:bc:f6:0f:ae:74:5c:3f: 1b:71:20:a9:a9:1c:4e:bb:45:05:c4:11:52:1e:91:8f:3f:e0: 58:f0:b9:81:3d:c7:78:b3:0a:93:d7:a0:4e:41:9a:cf:d9:fd: 0c:aa:d7:56:56:b1:2e:e5:c0:65:59:66:e4:aa:da:c1:2a:21: bd:94:77:36:58:c0:78:6b:67:4c:6b:3c:f9:73:a3:52:ff:28: a4:31:b3:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0k6chE/2pFUIyyvkY6CnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczMTkwMDdhMjhhZGUwNzgxZDMxMmQ4ZDQ5NDcyZGIzNjc2 NzA0MTYwHhcNMjUxMjA2MDQwMTIyWhcNMjUxMjA3MDQwMTIyWjAzMTEwLwYDVQQD Eyg4ZmE4ZTQ3N2VjNThmM2E1MjRjNmQ2ZjdkYzJlNTRhMzhiNWNlYjg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yCPZPivhajBGsFirVcIWWVm3UlP +eSyL+dFYwAFlTxlI0Uk8WB6WtG3hxxx4xRTat3tMVOt4sJ6dpgyKiSloHBroKPe WH7Kk6w49Fgy2BF8OUUeNPb0rXpxVPyblY2ypA9pymUOzPVdidwquinfd3+RzvHF i2LgkHR7UxznwuUT+M4O9UwgwaZMXoSOxr/atyozBhlkYIhHle8ejFNGLWo7i4zR xUX9d626RD+FE7xRNXbjrtTj+FkMV1evfcZxObKAYOiJ46KTeEQrrTKEAcEFU32l 11un+d9pu4KJMOjFRd+CaAg4/+1T20owDNjmhpuj3LhfXSRr+YcMtKDyUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI+o5HfsWPOlJMbW99wuVKOLXOuIMB8GA1UdIwQY MBaAFHMZAHooreB4HTEtjUlHLbNnZwQWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgt OWY5NDk0OTY2YzU0LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgtOWY5NDk0OTY2YzU0 LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqHbOwDN JiqFX/3wgVlFkH00IBKA3fnMua4gh+9p3OIDmYKoC10h/77GaZMDM6fwUbABsWXY wP/IeWz/95/yI/msvlPUhFiu8c3tosk8Z8nTlIa8sAFWlnVZBLu7ZuD6jofLa2s4 H5hyOW7DSWeuBcKoBz41whz9GK8wJEjTLC4gfGzg8JXhWjVMt6bqv0+dKhvmMpuS 2HPJsxRU6ewI68AMdmwgoUBfWqMqM7q89g+udFw/G3EgqakcTrtFBcQRUh6Rjz/g WPC5gT3HeLMKk9egTkGaz9n9DKrXVlaxLuXAZVlm5KrawSohvZR3NljAeGtnTGs8 +XOjUv8opDGzwg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:00:24 2025 by rpki-client