This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File: xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier: 06EKuTBuSm1P658fxe5jLL31EoZwKeX7eo34W78F1PQ=
Subject key identifier: FE:79:E8:D9:06:77:32:C7:FF:A5:CF:14:73:27:11:3B:70:57:2C:C5
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer: /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial: 019B281BD55C94106E7030D6B4E2F823C59E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number: 14B7
Signing time: Tue 16 Dec 2025 17:01:11 +0000
Manifest this update: Tue 16 Dec 2025 17:01:11 +0000
Manifest next update: Wed 17 Dec 2025 17:01:11 +0000
Files and hashes: 1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: BmPbzS3sjImXbwj6bjpe215DNLy0Pw91FPIzs1AEAOc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Dec 2025 14:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:28:1b:d5:5c:94:10:6e:70:30:d6:b4:e2:f8:23:c5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Validity
Not Before: Dec 16 17:01:11 2025 GMT
Not After : Dec 17 17:01:11 2025 GMT
Subject: CN=fe79e8d9067732c7ffa5cf147327113b70572cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c7:f9:4f:6c:0b:f4:91:8d:31:84:39:b8:0c:
d6:c4:cb:19:b1:1f:64:7a:d6:61:34:25:22:8a:15:
dc:f2:d3:79:d3:a9:fa:df:d0:bd:82:51:d7:ee:82:
c1:83:11:ab:14:7d:cf:e6:94:89:49:0e:df:58:f1:
32:1e:6f:3b:3d:3d:d1:2e:06:2b:55:bf:6b:a7:bd:
e4:ac:6c:9f:1f:78:83:cb:2f:b3:f1:84:bf:26:2c:
48:5a:e4:df:69:ab:cd:b5:3a:05:f4:ff:a9:df:5c:
3f:e3:f3:04:d6:f7:b1:fd:91:5e:6a:52:38:c4:c9:
21:b5:93:66:88:49:ba:ac:61:1b:b9:bc:cd:a1:1e:
7c:f6:00:16:be:89:d3:5c:f9:d5:e4:6e:9a:91:e5:
51:34:b3:63:36:b9:4b:ab:b8:08:e6:3c:41:c2:07:
03:6d:cd:07:d6:a9:1a:70:4d:8c:a1:46:3a:f8:30:
6b:49:e4:9c:b1:59:27:11:3a:2b:04:b2:cf:2a:9c:
5c:c6:0f:4e:7b:1a:94:43:b6:58:7a:99:c1:d7:7e:
9e:22:ae:2c:74:cc:b2:8e:02:ee:9c:9a:e1:2f:e4:
c0:74:e5:a0:88:b6:90:88:31:64:8f:15:f9:9b:b1:
03:a5:32:3d:22:16:b3:c9:8c:7a:0e:08:ac:6b:c4:
f8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:79:E8:D9:06:77:32:C7:FF:A5:CF:14:73:27:11:3B:70:57:2C:C5
X509v3 Authority Key Identifier:
keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:92:e2:71:16:ca:33:b2:01:d0:35:02:73:76:d2:03:b6:c3:
86:8c:f9:9b:fa:bd:1d:b9:4e:4b:d7:fc:0c:d2:0d:b8:b7:58:
ce:31:c9:ac:78:cb:80:cc:2b:58:b1:ff:50:86:14:d4:b8:67:
a8:31:85:3e:b6:fd:bd:9a:e1:c6:df:60:61:4c:1d:60:db:52:
d0:79:51:41:a2:6a:a3:ee:e9:ce:3f:d2:46:85:fd:b9:07:23:
ec:7f:60:6f:4a:f3:8a:ef:72:a4:47:2f:46:ff:9a:f4:c8:de:
57:f4:13:a0:ae:fd:ec:86:8b:c6:0d:4f:7a:39:03:17:58:21:
b6:38:92:18:8a:d4:89:4f:e7:4b:4c:f3:ab:6e:58:a7:e0:80:
94:2d:2d:c9:7f:42:5a:2a:1a:15:06:c8:65:35:4a:a9:44:dc:
a3:9a:65:9a:7f:20:3a:ba:e5:c9:60:83:9b:f6:ab:c8:02:84:
1c:62:c4:71:85:81:1c:eb:b1:b3:5b:81:ec:66:e1:c4:4d:4f:
81:d7:e0:4a:16:90:04:c2:df:f1:8d:93:4d:72:7b:f1:a0:be:
02:64:b3:17:81:14:03:7b:f4:87:92:ca:69:84:0c:54:54:e4:
6c:0d:1c:30:81:1d:f4:da:21:e2:f7:7e:22:26:22:75:ba:bd:
70:7e:61:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsoG9VclBBucDDWtOL4I8WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjUxMjE2MTcwMTExWhcNMjUxMjE3MTcwMTExWjAzMTEwLwYDVQQD
EyhmZTc5ZThkOTA2NzczMmM3ZmZhNWNmMTQ3MzI3MTEzYjcwNTcyY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMf5T2wL9JGNMYQ5uAzWxMsZsR9k
etZhNCUiihXc8tN506n639C9glHX7oLBgxGrFH3P5pSJSQ7fWPEyHm87PT3RLgYr
Vb9rp73krGyfH3iDyy+z8YS/JixIWuTfaavNtToF9P+p31w/4/ME1vex/ZFealI4
xMkhtZNmiEm6rGEbubzNoR589gAWvonTXPnV5G6akeVRNLNjNrlLq7gI5jxBwgcD
bc0H1qkacE2MoUY6+DBrSeScsVknETorBLLPKpxcxg9OexqUQ7ZYepnB136eIq4s
dMyyjgLunJrhL+TAdOWgiLaQiDFkjxX5m7EDpTI9IhazyYx6Dgisa8T47QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP556NkGdzLH/6XPFHMnETtwVyzFMB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5LicRbK
M7IB0DUCc3bSA7bDhoz5m/q9HblOS9f8DNINuLdYzjHJrHjLgMwrWLH/UIYU1Lhn
qDGFPrb9vZrhxt9gYUwdYNtS0HlRQaJqo+7pzj/SRoX9uQcj7H9gb0rziu9ypEcv
Rv+a9MjeV/QToK797IaLxg1PejkDF1ghtjiSGIrUiU/nS0zzq25Yp+CAlC0tyX9C
WioaFQbIZTVKqUTco5plmn8gOrrlyWCDm/aryAKEHGLEcYWBHOuxs1uB7GbhxE1P
gdfgShaQBMLf8Y2TTXJ78aC+AmSzF4EUA3v0h5LKaYQMVFTkbA0cMIEd9Noh4vd+
IiYidbq9cH5heQ==
-----END CERTIFICATE-----
Generated at Tue Dec 16 20:57:40 2025 by rpki-client