This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft File: xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json) Hash identifier: 3+lgU7ZGk0t4kkt5KW2mBOt50mk5MCwffubun7lFWLo= Subject key identifier: D4:EB:9F:1F:BB:5B:35:DE:B0:CD:0E:FC:E8:6F:C5:C1:EA:11:E2:83 Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C Certificate issuer: /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c Certificate serial: 019B262D5F095F6B3AC652D7E9E6057D73D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft Manifest number: 14B6 Signing time: Tue 16 Dec 2025 08:01:06 +0000 Manifest this update: Tue 16 Dec 2025 08:01:06 +0000 Manifest next update: Wed 17 Dec 2025 08:01:06 +0000 Files and hashes: 1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: Z5PFtr3BW3AR/vJhYgnJaUahzpbLmwKOzNLtdFACjgc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 08:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:2d:5f:09:5f:6b:3a:c6:52:d7:e9:e6:05:7d:73:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c Validity Not Before: Dec 16 08:01:06 2025 GMT Not After : Dec 17 08:01:06 2025 GMT Subject: CN=d4eb9f1fbb5b35deb0cd0efce86fc5c1ea11e283 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:56:43:d5:18:59:1e:dc:5e:d8:a3:d8:83:3e: 2d:c1:a8:53:16:36:37:28:d6:89:03:97:49:ef:76: bc:64:38:b4:a5:9d:2a:30:8d:a3:1d:00:39:81:3e: 1a:1c:39:0c:41:f1:98:f2:63:d4:3d:99:7d:7e:cd: 91:87:7d:26:9a:4f:70:05:d4:c3:20:ab:a7:aa:df: 75:dc:5c:20:c0:40:a8:5b:ea:16:63:8a:b2:64:d2: ff:bf:71:2f:7d:c7:9b:17:43:79:da:eb:c8:6d:ab: f7:84:38:b9:0a:cd:eb:c0:2c:1f:70:54:8d:28:ad: 4e:3a:11:4e:da:50:db:d0:12:ca:80:48:d2:51:c9: 7c:b9:f4:d3:e7:9f:6a:6b:c7:18:7a:6d:c6:cb:ec: 4e:70:7a:2d:d1:7b:e7:94:b9:4b:fe:61:c9:16:12: c0:f2:f9:2c:00:6c:2b:4b:53:11:55:3f:cc:cd:67: 3b:d3:c2:67:bf:4d:66:bb:71:72:31:ab:82:2f:a8: 16:c3:c2:63:a5:56:e3:92:a3:0b:4b:62:88:24:53: 56:5d:cb:fe:64:ea:88:91:4c:a1:b8:43:3c:ed:95: e6:a9:ef:76:6f:25:46:d6:39:c8:5e:08:4b:0c:5d: bf:5e:14:e4:e9:28:33:4c:fc:49:d9:fc:13:d5:c7: 52:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:EB:9F:1F:BB:5B:35:DE:B0:CD:0E:FC:E8:6F:C5:C1:EA:11:E2:83 X509v3 Authority Key Identifier: keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:d8:7e:57:6a:e1:c9:22:6f:68:d5:4f:58:39:48:c7:81:d5: 6a:59:2a:08:9e:24:e4:53:ee:70:fd:02:00:f1:62:38:10:4b: d4:45:d1:01:11:da:57:6a:ea:09:1c:5e:9c:df:59:9c:be:d7: 82:97:25:ac:1b:05:0d:c1:a6:bb:85:fa:10:82:85:ad:b9:5b: d6:a8:19:26:6d:fa:eb:bc:22:22:12:8a:68:86:29:85:54:69: 27:60:0a:25:07:52:07:f1:d7:17:00:f7:4f:07:87:63:1c:61: ee:c3:82:30:9e:aa:fb:05:81:25:7f:e3:bc:a0:4e:91:62:1f: a6:76:f9:f6:eb:99:4e:18:4e:a0:ca:b8:88:9d:43:57:97:a1: c7:f1:a2:73:eb:61:58:4d:9f:f0:d9:ed:8f:de:00:0d:ce:fa: 8f:b1:87:0f:af:52:92:db:ee:9c:bf:ed:2c:d3:c0:9e:3e:ef: c7:fc:e7:60:21:81:3e:3e:4d:2d:b9:da:3f:6f:02:5c:d0:2e: b4:be:29:78:ee:c7:94:67:e8:38:f4:41:8f:9d:e3:dc:6a:f2: 8b:f2:c8:a3:71:7c:a5:85:14:94:b3:cd:2f:17:e7:0c:d6:b0: 91:35:6b:ac:28:8c:7c:30:ae:49:bd:7f:b7:58:b0:a2:23:3b: 93:70:33:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmLV8JX2s6xlLX6eYFfXPQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx YTFiN2MwHhcNMjUxMjE2MDgwMTA2WhcNMjUxMjE3MDgwMTA2WjAzMTEwLwYDVQQD EyhkNGViOWYxZmJiNWIzNWRlYjBjZDBlZmNlODZmYzVjMWVhMTFlMjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1ZD1RhZHtxe2KPYgz4twahTFjY3 KNaJA5dJ73a8ZDi0pZ0qMI2jHQA5gT4aHDkMQfGY8mPUPZl9fs2Rh30mmk9wBdTD IKunqt913FwgwECoW+oWY4qyZNL/v3EvfcebF0N52uvIbav3hDi5Cs3rwCwfcFSN KK1OOhFO2lDb0BLKgEjSUcl8ufTT559qa8cYem3Gy+xOcHot0XvnlLlL/mHJFhLA 8vksAGwrS1MRVT/MzWc708Jnv01mu3FyMauCL6gWw8JjpVbjkqMLS2KIJFNWXcv+ ZOqIkUyhuEM87ZXmqe92byVG1jnIXghLDF2/XhTk6SgzTPxJ2fwT1cdScwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNTrnx+7WzXesM0O/OhvxcHqEeKDMB8GA1UdIwQY MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2 LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArth+V2rh ySJvaNVPWDlIx4HValkqCJ4k5FPucP0CAPFiOBBL1EXRARHaV2rqCRxenN9ZnL7X gpclrBsFDcGmu4X6EIKFrblb1qgZJm3667wiIhKKaIYphVRpJ2AKJQdSB/HXFwD3 TweHYxxh7sOCMJ6q+wWBJX/jvKBOkWIfpnb59uuZThhOoMq4iJ1DV5ehx/Gic+th WE2f8Nntj94ADc76j7GHD69SktvunL/tLNPAnj7vx/znYCGBPj5NLbnaP28CXNAu tL4peO7HlGfoOPRBj53j3Gryi/LIo3F8pYUUlLPNLxfnDNawkTVrrCiMfDCuSb1/ t1iwoiM7k3AzUA== -----END CERTIFICATE-----Generated at Tue Dec 16 17:58:44 2025 by rpki-client