This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft File: EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json) Hash identifier: rBCXvNSe/pjXeZnoVlX4C0HxgEhUNjkP1vS6aa4QEQY= Subject key identifier: 54:D7:16:B4:C0:34:9A:BB:C3:74:4F:42:A9:D8:23:D5:5B:2C:8B:32 Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0 Certificate issuer: /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0 Certificate serial: 019AF24023606FD2BDF2EB7EA495E60402C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft Manifest number: 0420 Signing time: Sat 06 Dec 2025 06:01:20 +0000 Manifest this update: Sat 06 Dec 2025 06:01:20 +0000 Manifest next update: Sun 07 Dec 2025 06:01:20 +0000 Files and hashes: 1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: mKKsE63ls7AY+7voBS4LSor3egAZTOznsIWO+DFkxfw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:23:60:6f:d2:bd:f2:eb:7e:a4:95:e6:04:02:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0 Validity Not Before: Dec 6 06:01:20 2025 GMT Not After : Dec 7 06:01:20 2025 GMT Subject: CN=54d716b4c0349abbc3744f42a9d823d55b2c8b32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d3:75:4f:79:dc:a2:a2:6f:35:e6:c0:46:2a: 2a:e0:4c:93:16:98:0b:aa:a8:20:f2:82:55:53:05: f4:00:01:e9:32:1d:9d:4c:51:64:db:58:45:b7:c0: 25:ca:63:a8:78:e1:c9:a2:73:ec:20:b2:cc:90:c1: bd:ac:53:26:43:2d:01:7f:3a:5b:06:af:1c:19:a9: 67:00:15:fe:05:42:e2:99:86:e6:5c:5f:39:5d:57: 81:ef:a6:90:c7:ee:f5:c4:13:29:56:df:54:56:1f: 82:f0:01:2d:db:97:fa:6c:41:dd:ce:23:57:3f:f6: 48:d4:e3:2f:17:d4:91:2c:40:97:5e:67:2a:58:54: bc:3e:20:f4:96:f7:4a:fc:43:a4:6a:1e:f8:50:8b: 53:df:53:24:3d:f6:79:f0:e7:68:be:51:e4:aa:43: 19:cf:cb:b5:7c:68:b7:9b:f7:a2:9a:9a:10:aa:37: 50:d5:50:59:7d:d2:1f:41:ea:71:e8:10:0a:7e:d0: 79:76:cd:52:db:09:04:40:4c:7f:54:e6:b0:4f:cc: 0a:41:3d:b9:f8:c7:0c:db:d4:dd:45:e5:f8:a8:a0: ea:e6:81:7c:0e:aa:8a:c7:75:58:91:7b:2e:e9:48: b2:bb:2e:d8:7a:24:84:0b:29:f8:01:58:c6:27:33: 06:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:D7:16:B4:C0:34:9A:BB:C3:74:4F:42:A9:D8:23:D5:5B:2C:8B:32 X509v3 Authority Key Identifier: keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:93:8f:e6:f1:4b:73:60:9d:e4:a5:01:c6:a1:68:29:ee:ea: 9d:59:9b:79:75:e7:62:64:b7:cf:39:16:71:84:1c:25:82:b6: 86:a4:f8:41:2f:c3:3c:69:1a:24:5b:fd:60:a4:1e:66:8e:ce: 8b:47:59:1f:52:67:03:27:fb:fc:ed:1c:c7:c9:02:33:03:94: d6:5c:a5:7b:df:ff:26:85:11:e5:09:a3:e0:cb:00:c3:44:d7: 4e:cc:fb:b4:75:58:26:54:93:62:16:0c:84:94:5c:c9:73:d1: 56:a1:80:42:ad:0c:b0:87:c2:4a:8b:16:8f:31:4f:5c:44:54: b9:55:ab:a7:e7:25:68:3c:36:1d:f0:fd:fe:a9:3a:b4:36:d1: f6:25:2a:1d:09:03:3d:4d:ab:c7:ac:b8:34:47:a7:bb:cd:2f: ba:9a:bf:3e:59:0f:f0:f5:f5:fc:a2:79:7a:bb:f3:17:29:a8: aa:94:0d:97:da:2e:e6:c0:c2:62:ed:1b:2d:04:a9:ec:fe:be: c4:e1:5c:ec:8a:d6:fd:a2:3c:77:6c:ec:7f:fd:1a:8b:1a:4e: b9:33:fb:66:85:22:b7:7e:d9:37:7d:36:8d:45:7b:f7:fe:1b: 7d:4d:5b:4e:92:52:19:20:69:de:da:30:74:11:bb:02:d3:d3: 61:06:4d:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQCNgb9K98ut+pJXmBALAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1 NzdhZDAwHhcNMjUxMjA2MDYwMTIwWhcNMjUxMjA3MDYwMTIwWjAzMTEwLwYDVQQD Eyg1NGQ3MTZiNGMwMzQ5YWJiYzM3NDRmNDJhOWQ4MjNkNTViMmM4YjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9N1T3ncoqJvNebARioq4EyTFpgL qqgg8oJVUwX0AAHpMh2dTFFk21hFt8AlymOoeOHJonPsILLMkMG9rFMmQy0Bfzpb Bq8cGalnABX+BULimYbmXF85XVeB76aQx+71xBMpVt9UVh+C8AEt25f6bEHdziNX P/ZI1OMvF9SRLECXXmcqWFS8PiD0lvdK/EOkah74UItT31MkPfZ58OdovlHkqkMZ z8u1fGi3m/eimpoQqjdQ1VBZfdIfQepx6BAKftB5ds1S2wkEQEx/VOawT8wKQT25 +McM29TdReX4qKDq5oF8DqqKx3VYkXsu6Uiyuy7YeiSECyn4AVjGJzMGfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFTXFrTANJq7w3RPQqnYI9VbLIsyMB8GA1UdIwQY MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZOP5vFL c2Cd5KUBxqFoKe7qnVmbeXXnYmS3zzkWcYQcJYK2hqT4QS/DPGkaJFv9YKQeZo7O i0dZH1JnAyf7/O0cx8kCMwOU1lyle9//JoUR5Qmj4MsAw0TXTsz7tHVYJlSTYhYM hJRcyXPRVqGAQq0MsIfCSosWjzFPXERUuVWrp+claDw2HfD9/qk6tDbR9iUqHQkD PU2rx6y4NEenu80vupq/PlkP8PX1/KJ5ervzFymoqpQNl9ou5sDCYu0bLQSp7P6+ xOFc7IrW/aI8d2zsf/0aixpOuTP7ZoUit37ZN302jUV79/4bfU1bTpJSGSBp3tow dBG7AtPTYQZNDA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:06:50 2025 by rpki-client