This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft File: xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json) Hash identifier: nKpiEgw88Goobqdw7XRxNtPrvHDuBIbiSF9ipVldeFY= Subject key identifier: B2:8F:AE:3F:62:A6:33:B0:2B:E1:E3:A0:23:85:87:4B:54:58:28:FE Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C Certificate issuer: /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c Certificate serial: 019AF208C141F9A7FC2CA8FD9B3CFB8D9C27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft Manifest number: 149B Signing time: Sat 06 Dec 2025 05:00:51 +0000 Manifest this update: Sat 06 Dec 2025 05:00:51 +0000 Manifest next update: Sun 07 Dec 2025 05:00:51 +0000 Files and hashes: 1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: reeR7YEyHa2UX2ipUF4CjF0Ibw/6Vjg/ySpnqKv9QZ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:c1:41:f9:a7:fc:2c:a8:fd:9b:3c:fb:8d:9c:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c Validity Not Before: Dec 6 05:00:51 2025 GMT Not After : Dec 7 05:00:51 2025 GMT Subject: CN=b28fae3f62a633b02be1e3a02385874b545828fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:29:e3:e9:f9:2c:4d:89:26:d3:f7:6c:3b:a0: 2c:2e:81:26:69:53:f3:5d:58:ea:0e:99:63:22:80: 2f:9d:9a:23:65:f4:24:0f:c9:d5:9a:13:e3:71:5f: ec:7a:42:55:1d:a1:b7:26:91:08:52:4f:f2:0d:79: e0:29:ff:d3:64:62:27:4e:65:6d:a2:72:96:60:f3: a6:38:a5:a4:af:35:e9:56:b2:cc:ff:07:63:b1:c6: 18:bb:b1:92:33:f6:c8:b9:0f:7e:ab:88:90:4f:f5: e0:82:04:7f:1d:d5:41:fc:ed:8b:e5:f9:62:6e:b8: 7f:54:3e:0d:0b:13:07:e2:5f:e0:02:91:77:47:4e: 24:18:f7:b5:68:54:22:e4:fb:24:3c:45:8c:4e:76: 21:1c:dd:cb:6b:ef:4c:08:90:4a:57:0e:a9:09:ef: 98:a1:4d:7e:17:f0:aa:09:b1:31:c6:ae:36:b0:4a: 02:d2:c8:7b:ae:b1:b1:e2:c3:66:82:1d:f4:ea:9b: 17:08:0d:70:96:72:19:de:ef:57:29:6d:b4:d0:39: 22:49:8a:a2:31:9b:55:c1:4b:7b:63:c9:2f:9f:43: 8e:18:da:b0:88:db:b2:0d:d0:35:4a:74:9d:7b:77: a1:c9:56:6b:f4:b0:c1:57:f0:69:76:20:b9:5b:02: 40:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:8F:AE:3F:62:A6:33:B0:2B:E1:E3:A0:23:85:87:4B:54:58:28:FE X509v3 Authority Key Identifier: keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:9b:e5:8f:95:b8:dc:05:03:5b:41:3f:81:f8:b8:df:96:2a: 40:43:97:26:94:fb:6e:e8:b1:df:19:9a:0b:eb:65:82:94:c9: 0e:4f:05:37:91:5d:51:bc:16:f6:80:91:5d:06:14:1b:89:33: ec:da:14:41:dc:d1:fd:4e:8a:74:ab:86:e4:a9:7e:ea:12:14: 8c:a0:0a:80:08:55:22:96:f1:2c:41:5c:b4:91:ea:36:45:6f: 34:41:fb:0b:3d:cd:07:d0:f2:cf:49:61:3e:fd:29:49:53:05: ac:64:3f:ef:78:39:d3:65:4e:b4:98:a8:8e:11:a4:a0:e7:37: 5b:3c:05:9a:09:8d:69:e2:eb:bf:f8:2d:64:90:47:18:89:fe: ae:93:3b:a3:b9:73:e9:61:c7:f1:4f:ea:3e:5c:ce:2c:e3:ed: 7c:ca:79:79:b5:a5:a6:6b:52:61:cd:b6:93:85:a9:2b:75:17: f3:20:6f:5c:a2:d2:1a:2b:7a:3e:02:1b:64:96:7a:88:f7:37: bb:eb:37:bb:8b:e5:29:44:76:36:59:2e:8c:2e:51:4e:d7:5e: be:33:c9:b0:2b:cc:57:85:d9:c9:f3:1f:00:0e:36:c3:d0:e6: 0c:0f:fd:72:52:36:f9:0c:2a:4f:c3:80:92:0d:4e:28:61:59: 0b:3e:9e:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCMFB+af8LKj9mzz7jZwnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx YTFiN2MwHhcNMjUxMjA2MDUwMDUxWhcNMjUxMjA3MDUwMDUxWjAzMTEwLwYDVQQD EyhiMjhmYWUzZjYyYTYzM2IwMmJlMWUzYTAyMzg1ODc0YjU0NTgyOGZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCnj6fksTYkm0/dsO6AsLoEmaVPz XVjqDpljIoAvnZojZfQkD8nVmhPjcV/sekJVHaG3JpEIUk/yDXngKf/TZGInTmVt onKWYPOmOKWkrzXpVrLM/wdjscYYu7GSM/bIuQ9+q4iQT/XgggR/HdVB/O2L5fli brh/VD4NCxMH4l/gApF3R04kGPe1aFQi5PskPEWMTnYhHN3La+9MCJBKVw6pCe+Y oU1+F/CqCbExxq42sEoC0sh7rrGx4sNmgh306psXCA1wlnIZ3u9XKW200DkiSYqi MZtVwUt7Y8kvn0OOGNqwiNuyDdA1SnSde3ehyVZr9LDBV/BpdiC5WwJAZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKPrj9ipjOwK+HjoCOFh0tUWCj+MB8GA1UdIwQY MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2 LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdpvlj5W4 3AUDW0E/gfi435YqQEOXJpT7buix3xmaC+tlgpTJDk8FN5FdUbwW9oCRXQYUG4kz 7NoUQdzR/U6KdKuG5Kl+6hIUjKAKgAhVIpbxLEFctJHqNkVvNEH7Cz3NB9Dyz0lh Pv0pSVMFrGQ/73g502VOtJiojhGkoOc3WzwFmgmNaeLrv/gtZJBHGIn+rpM7o7lz 6WHH8U/qPlzOLOPtfMp5ebWlpmtSYc22k4WpK3UX8yBvXKLSGit6PgIbZJZ6iPc3 u+s3u4vlKUR2NlkujC5RTtdevjPJsCvMV4XZyfMfAA42w9DmDA/9clI2+QwqT8OA kg1OKGFZCz6emA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:05:29 2025 by rpki-client