This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft File: vFxHuPnkKkkot2dDFqcap21AHjw.mft (raw, json) Hash identifier: yRQvQ+H7tjMKbaBa+mHbVfDz5u31AdLnYg6bLbhd6+Y= Subject key identifier: 23:D2:D7:B2:8B:DC:D8:01:81:D4:A0:0B:5B:3A:32:78:36:BD:5B:59 Authority key identifier: BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C Certificate issuer: /CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c Certificate serial: 019AF31D4CC322991F5C7C960C0316555CF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft Manifest number: 0CF3 Signing time: Sat 06 Dec 2025 10:02:54 +0000 Manifest this update: Sat 06 Dec 2025 10:02:54 +0000 Manifest next update: Sun 07 Dec 2025 10:02:54 +0000 Files and hashes: 1: vFxHuPnkKkkot2dDFqcap21AHjw.crl (hash: Yl6BLCLc42YsUNP8pPbtQSAeVeAVj5frtzS33fXDM/I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:4c:c3:22:99:1f:5c:7c:96:0c:03:16:55:5c:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c Validity Not Before: Dec 6 10:02:54 2025 GMT Not After : Dec 7 10:02:54 2025 GMT Subject: CN=23d2d7b28bdcd80181d4a00b5b3a327836bd5b59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:aa:4b:d6:30:78:42:82:86:1b:a4:cb:e1:12: b1:4d:94:da:79:28:65:25:f6:5e:27:ee:14:1a:a3: 0a:de:5b:1a:94:30:54:2e:e2:62:66:11:6c:83:f3: f8:2e:80:58:01:3c:84:3e:69:43:28:5c:60:b8:5d: d3:c9:46:90:80:f6:f8:dc:32:e6:75:e9:24:f0:aa: b8:42:ff:3d:07:25:e6:4b:b0:48:3b:e2:53:af:da: da:51:2a:51:38:7b:c7:f5:6e:de:4a:5a:16:05:32: b0:5f:eb:00:0d:31:89:90:1b:ec:96:53:68:03:c7: 3e:b8:9b:6b:54:ac:86:d4:30:ba:bb:59:1c:8f:bb: 1f:56:45:a5:37:7b:24:8b:2b:58:67:2b:53:90:ae: 0e:4f:cc:be:a2:a0:2d:83:e4:e4:2b:2f:59:c4:b1: 3d:a4:25:ff:ea:e4:f6:b4:5b:3c:1c:d5:7e:38:b2: 62:4b:13:a1:46:f1:d0:27:db:6a:fa:73:3b:b1:47: fc:5c:b4:d1:19:1f:a1:0e:c5:65:60:49:f3:37:68: f9:f6:fa:5f:a9:45:78:28:3b:2e:7d:81:a4:2f:6a: ec:e1:24:4a:96:ea:30:73:53:66:3a:c8:79:f5:78: 1d:31:2e:13:aa:b3:3d:3e:a4:c0:c3:8d:47:a3:e8: f5:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D2:D7:B2:8B:DC:D8:01:81:D4:A0:0B:5B:3A:32:78:36:BD:5B:59 X509v3 Authority Key Identifier: keyid:BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:79:d3:b6:07:05:e7:ff:eb:43:80:f8:4e:aa:e2:fd:07:ac: 6a:93:ff:ca:b1:b3:07:e0:1d:11:59:1c:dd:cb:46:c3:75:25: 0a:86:ec:c1:d9:22:06:7b:d8:47:3b:9d:66:46:4e:c4:eb:ad: 14:38:63:9c:60:4f:b1:5d:52:94:a5:b9:f3:a9:d4:77:53:5c: e1:1e:79:2a:1e:48:3b:66:dd:b4:4b:80:f9:a2:cc:bf:8b:1e: aa:e3:ad:82:20:e5:44:a8:16:42:82:f7:5b:d5:8f:0e:3d:d1: dd:85:b1:de:7e:4f:01:dd:5d:28:b8:b2:44:2c:b9:bb:2b:52: 80:a6:16:af:a1:f4:a9:c4:03:13:0e:c5:bb:a0:49:c4:b7:01: d5:25:e3:18:02:d4:14:47:f8:f4:71:ae:17:34:62:49:6e:3b: 56:f1:48:22:30:c8:f7:e2:9a:8f:5a:f7:af:2b:ee:9f:06:6e: eb:d7:2a:07:d6:ec:16:db:25:91:7c:74:15:dc:c9:a3:b1:10: c8:9e:21:0f:b1:ce:f6:78:f2:3e:84:b9:a3:cc:50:ba:96:fb: 8e:7c:44:c2:cf:2a:7f:84:3c:cf:8e:04:10:92:0e:a8:7b:27: 3d:cd:9b:79:c9:d5:11:2f:c1:1e:a2:5d:62:96:77:ba:6b:e9: 5f:40:c4:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHUzDIpkfXHyWDAMWVVzxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjNWM0N2I4ZjllNDJhNDkyOGI3Njc0MzE2YTcxYWE3NmQ0 MDFlM2MwHhcNMjUxMjA2MTAwMjU0WhcNMjUxMjA3MTAwMjU0WjAzMTEwLwYDVQQD EygyM2QyZDdiMjhiZGNkODAxODFkNGEwMGI1YjNhMzI3ODM2YmQ1YjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqpL1jB4QoKGG6TL4RKxTZTaeShl JfZeJ+4UGqMK3lsalDBULuJiZhFsg/P4LoBYATyEPmlDKFxguF3TyUaQgPb43DLm dekk8Kq4Qv89ByXmS7BIO+JTr9raUSpROHvH9W7eSloWBTKwX+sADTGJkBvsllNo A8c+uJtrVKyG1DC6u1kcj7sfVkWlN3skiytYZytTkK4OT8y+oqAtg+TkKy9ZxLE9 pCX/6uT2tFs8HNV+OLJiSxOhRvHQJ9tq+nM7sUf8XLTRGR+hDsVlYEnzN2j59vpf qUV4KDsufYGkL2rs4SRKluowc1NmOsh59XgdMS4TqrM9PqTAw41Ho+j1CQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCPS17KL3NgBgdSgC1s6Mng2vVtZMB8GA1UdIwQY MBaAFLxcR7j55CpJKLdnQxanGqdtQB48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUt N2ExOGMxNzkwNzZkLzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUtN2ExOGMxNzkwNzZk LzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfHnTtgcF 5//rQ4D4Tqri/QesapP/yrGzB+AdEVkc3ctGw3UlCobswdkiBnvYRzudZkZOxOut FDhjnGBPsV1SlKW586nUd1Nc4R55Kh5IO2bdtEuA+aLMv4sequOtgiDlRKgWQoL3 W9WPDj3R3YWx3n5PAd1dKLiyRCy5uytSgKYWr6H0qcQDEw7Fu6BJxLcB1SXjGALU FEf49HGuFzRiSW47VvFIIjDI9+Kaj1r3ryvunwZu69cqB9bsFtslkXx0FdzJo7EQ yJ4hD7HO9njyPoS5o8xQupb7jnxEws8qf4Q8z44EEJIOqHsnPc2becnVES/BHqJd YpZ3umvpX0DECw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:13:25 2025 by rpki-client