This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft File: 21LN5wkMV9jpwx1Rh0jfkiueBM4.mft (raw, json) Hash identifier: GEEiLkg2PATM9zZuijDdXI8SNLdOsg7iHq0mq9PQTOw= Subject key identifier: A7:11:D3:28:45:2F:9A:A3:5E:22:47:EC:0F:AB:DE:57:1D:28:77:82 Authority key identifier: DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE Certificate issuer: /CN=db52cde7090c57d8e9c31d518748df922b9e04ce Certificate serial: 019AF27683719512C3040BBB0482CAB929F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft Manifest number: 15D5 Signing time: Sat 06 Dec 2025 07:00:44 +0000 Manifest this update: Sat 06 Dec 2025 07:00:44 +0000 Manifest next update: Sun 07 Dec 2025 07:00:44 +0000 Files and hashes: 1: 21LN5wkMV9jpwx1Rh0jfkiueBM4.crl (hash: SzQUNlYxjOpg68Q1sA3XEeVcpt2ruFDlwpllHdH2SFs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:83:71:95:12:c3:04:0b:bb:04:82:ca:b9:29:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db52cde7090c57d8e9c31d518748df922b9e04ce Validity Not Before: Dec 6 07:00:44 2025 GMT Not After : Dec 7 07:00:44 2025 GMT Subject: CN=a711d328452f9aa35e2247ec0fabde571d287782 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f4:f9:a5:6b:aa:9e:cb:ab:1a:0c:28:85:a6: 15:c0:fe:5c:4e:4b:97:ed:94:2c:35:57:cc:36:09: 38:61:4e:eb:63:f2:40:65:a2:f3:61:26:c5:22:7d: 08:0d:4b:70:e8:3e:ba:1f:f5:43:1f:cf:15:4e:9d: 95:8e:7f:09:b8:fb:47:c5:1c:46:c8:96:be:dd:4a: c6:53:cc:66:85:ec:5e:b9:f2:21:14:aa:f6:c9:b2: 82:07:d9:ce:9f:d1:0e:7b:0e:7f:60:6d:46:50:9f: 62:7d:a0:dc:4a:54:20:68:2c:4f:a2:bd:48:e2:5a: a6:0a:4b:76:d0:59:03:31:80:e7:03:37:2e:6b:9c: 37:90:ea:72:ed:fc:f7:7d:93:09:f2:2a:0a:a6:57: f2:82:85:50:f0:ac:e6:36:f8:a9:12:31:61:8a:ef: 54:3c:fb:0b:5a:46:54:26:61:f9:7e:2b:68:88:6f: 61:f3:95:cf:b8:bf:7c:a8:32:ce:7f:c7:25:70:63: 43:a9:92:f3:1e:dd:ab:37:2a:95:45:9b:44:f5:47: f7:c9:8c:64:89:64:75:f8:1c:b2:e1:2c:b5:e9:ea: ca:7e:bf:09:97:dd:ed:2c:15:21:1d:63:01:8e:ec: 0d:be:ac:d7:23:85:04:5c:f4:da:82:48:92:ca:c6: 91:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:11:D3:28:45:2F:9A:A3:5E:22:47:EC:0F:AB:DE:57:1D:28:77:82 X509v3 Authority Key Identifier: keyid:DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:13:7a:59:17:ab:92:6e:2e:27:08:eb:c2:6c:2e:96:5d:51: 70:0d:51:9f:bb:4d:3c:85:a1:2a:0b:4c:ff:cc:a5:8d:9a:fb: c0:01:70:96:a9:bf:03:a6:a9:be:29:51:bd:7c:4b:e6:6b:e1: d4:10:d2:ef:24:22:94:64:ff:ac:5c:fd:c4:26:dc:95:67:33: 9b:83:9c:f4:d3:9d:aa:b7:dd:ce:3b:d0:7a:b4:6c:4a:fa:ce: 0b:8a:3e:76:71:a6:e5:c5:e2:e7:3d:71:a7:ba:41:61:e5:0c: 4d:08:dd:67:09:2e:54:b5:da:0c:6e:83:77:fe:5f:b4:a1:ce: 05:7f:8f:36:36:71:43:94:5a:38:a9:12:74:28:2e:e7:dd:ce: 48:f6:d1:56:68:9f:88:4f:4f:26:88:6a:4c:fc:29:13:00:b1: 2d:ef:92:c3:cc:58:df:f5:4f:a5:38:dd:b4:d2:5e:51:54:6e: b0:3d:36:aa:b4:d9:41:10:d9:96:af:fb:21:35:ec:43:c6:d9: 2d:29:d1:fe:42:59:a9:d5:e1:35:c5:e3:2a:bb:cb:9f:dc:24: 1c:f0:dd:f9:1f:6a:59:c1:e6:e4:d5:df:bb:68:2d:26:ab:d4: 3b:cf:ed:e7:37:52:d7:b1:fa:38:6e:dd:f1:fe:51:36:9c:38: 14:f7:97:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydoNxlRLDBAu7BILKuSnwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNTJjZGU3MDkwYzU3ZDhlOWMzMWQ1MTg3NDhkZjkyMmI5 ZTA0Y2UwHhcNMjUxMjA2MDcwMDQ0WhcNMjUxMjA3MDcwMDQ0WjAzMTEwLwYDVQQD EyhhNzExZDMyODQ1MmY5YWEzNWUyMjQ3ZWMwZmFiZGU1NzFkMjg3NzgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfT5pWuqnsurGgwohaYVwP5cTkuX 7ZQsNVfMNgk4YU7rY/JAZaLzYSbFIn0IDUtw6D66H/VDH88VTp2Vjn8JuPtHxRxG yJa+3UrGU8xmhexeufIhFKr2ybKCB9nOn9EOew5/YG1GUJ9ifaDcSlQgaCxPor1I 4lqmCkt20FkDMYDnAzcua5w3kOpy7fz3fZMJ8ioKplfygoVQ8KzmNvipEjFhiu9U PPsLWkZUJmH5fitoiG9h85XPuL98qDLOf8clcGNDqZLzHt2rNyqVRZtE9Uf3yYxk iWR1+Byy4Sy16erKfr8Jl93tLBUhHWMBjuwNvqzXI4UEXPTagkiSysaRAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKcR0yhFL5qjXiJH7A+r3lcdKHeCMB8GA1UdIwQY MBaAFNtSzecJDFfY6cMdUYdI35IrngTOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2Mt ZDBjYWRmZTg0YjE5LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2MtZDBjYWRmZTg0YjE5 LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARBN6WRer km4uJwjrwmwull1RcA1Rn7tNPIWhKgtM/8yljZr7wAFwlqm/A6apvilRvXxL5mvh 1BDS7yQilGT/rFz9xCbclWczm4Oc9NOdqrfdzjvQerRsSvrOC4o+dnGm5cXi5z1x p7pBYeUMTQjdZwkuVLXaDG6Dd/5ftKHOBX+PNjZxQ5RaOKkSdCgu593OSPbRVmif iE9PJohqTPwpEwCxLe+Sw8xY3/VPpTjdtNJeUVRusD02qrTZQRDZlq/7ITXsQ8bZ LSnR/kJZqdXhNcXjKrvLn9wkHPDd+R9qWcHm5NXfu2gtJqvUO8/t5zdS17H6OG7d 8f5RNpw4FPeXEQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:30:10 2025 by rpki-client