This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft File: RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json) Hash identifier: 6uKg0er1h6R/YfYS9e2I2A0zuVg66DZu0I7T/+rrACw= Subject key identifier: 3E:24:99:A3:60:75:8E:E0:B9:CA:FF:3B:65:C8:14:BF:7C:05:B0:76 Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C Certificate issuer: /CN=44f5ceb34bb77228982ecf41a400fab1046d966c Certificate serial: 019AF163E37050ECC84286E9750E820F177B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft Manifest number: 0FE1 Signing time: Sat 06 Dec 2025 02:00:46 +0000 Manifest this update: Sat 06 Dec 2025 02:00:46 +0000 Manifest next update: Sun 07 Dec 2025 02:00:46 +0000 Files and hashes: 1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: 0BaB2H4DViKl/nvoqzX0jY68xYDCnhuou/xqsek2x7Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:63:e3:70:50:ec:c8:42:86:e9:75:0e:82:0f:17:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c Validity Not Before: Dec 6 02:00:46 2025 GMT Not After : Dec 7 02:00:46 2025 GMT Subject: CN=3e2499a360758ee0b9caff3b65c814bf7c05b076 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:09:6d:60:29:f0:4d:fb:43:5f:05:b9:59:7b: c4:6b:71:11:c4:c1:ae:d5:87:d1:6e:d1:35:6a:b6: 5f:cc:f2:7f:28:c2:64:fb:72:bd:50:99:de:2c:21: a3:f9:cb:c9:ee:ba:8e:56:ca:ce:6c:5d:1f:b4:5c: c8:9c:e9:79:6b:04:43:0c:38:99:74:7e:6e:bd:c5: 1a:82:b6:41:a3:f9:54:61:d0:8f:06:25:5b:f0:ce: da:3d:6b:61:91:de:7c:c8:e0:14:8b:c7:e6:c1:79: a9:6d:58:9e:6a:2a:a7:4f:2a:39:f1:a1:c3:3a:03: 42:59:52:63:78:6b:e3:63:bc:d7:4c:f0:40:f1:01: 7c:3d:84:f4:3d:85:6d:18:49:c2:87:24:32:8f:cc: 64:8b:77:49:57:6b:13:1d:ee:78:23:49:e9:d6:0f: 4e:5c:cf:c5:d6:e0:0d:b2:62:e3:03:a2:32:7d:62: 55:1e:ec:08:a5:07:a6:0e:85:20:37:da:0c:08:38: 79:4b:40:21:5c:45:64:24:42:e4:b5:8f:17:2f:9b: c9:96:ae:1e:34:ef:c4:14:be:ad:31:5d:d9:f1:5e: ed:5f:82:b2:63:99:5a:5c:d7:98:50:9b:ef:4f:3c: 7c:a0:f9:8e:38:57:91:1e:89:a1:3f:46:03:10:fc: 90:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:24:99:A3:60:75:8E:E0:B9:CA:FF:3B:65:C8:14:BF:7C:05:B0:76 X509v3 Authority Key Identifier: keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:f0:83:10:d1:e9:62:d9:23:bd:be:5b:ff:8a:a0:a6:71:cb: 44:5d:9d:c4:8c:99:9e:3e:04:6f:04:e3:c2:7a:c0:88:03:36: 71:c6:1b:7b:43:ac:18:67:5d:3b:b3:de:13:7e:49:63:44:61: 82:0f:67:45:55:54:74:97:07:65:a7:89:70:e0:d6:30:6e:ed: d2:54:8e:6e:81:c9:1b:e1:09:50:93:a8:fd:8c:8c:66:cb:db: 32:74:9c:7e:30:31:b9:a2:df:a8:70:f3:ce:4f:0e:a4:ec:a0: 63:00:3e:0e:8a:f4:b1:58:7a:a2:d8:c7:b6:5b:16:25:32:b7: 63:d5:9e:ce:53:5c:90:66:16:34:b8:f8:93:58:68:7b:97:ed: 96:e9:14:79:b6:ec:ed:e4:9f:fb:03:57:1d:0f:89:04:ad:53: 9c:8e:64:63:8d:e6:05:8a:73:76:7c:d1:17:2e:4a:ae:06:3a: 24:cb:5e:9f:8c:0b:df:d8:77:1d:0d:2a:63:52:03:55:c0:97: ab:64:59:81:43:8e:36:38:15:bc:77:41:54:a7:d9:9d:26:6e: d8:02:94:64:95:3e:d0:31:d2:13:11:42:4c:77:7d:32:b4:2b: 5d:b8:83:77:24:04:3c:be:00:d8:2e:2d:36:f6:02:6b:01:a7: 86:1b:f8:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxY+NwUOzIQobpdQ6CDxd7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2 ZDk2NmMwHhcNMjUxMjA2MDIwMDQ2WhcNMjUxMjA3MDIwMDQ2WjAzMTEwLwYDVQQD EygzZTI0OTlhMzYwNzU4ZWUwYjljYWZmM2I2NWM4MTRiZjdjMDViMDc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QltYCnwTftDXwW5WXvEa3ERxMGu 1YfRbtE1arZfzPJ/KMJk+3K9UJneLCGj+cvJ7rqOVsrObF0ftFzInOl5awRDDDiZ dH5uvcUagrZBo/lUYdCPBiVb8M7aPWthkd58yOAUi8fmwXmpbVieaiqnTyo58aHD OgNCWVJjeGvjY7zXTPBA8QF8PYT0PYVtGEnChyQyj8xki3dJV2sTHe54I0np1g9O XM/F1uANsmLjA6IyfWJVHuwIpQemDoUgN9oMCDh5S0AhXEVkJELktY8XL5vJlq4e NO/EFL6tMV3Z8V7tX4KyY5laXNeYUJvvTzx8oPmOOFeRHomhP0YDEPyQfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD4kmaNgdY7gucr/O2XIFL98BbB2MB8GA1UdIwQY MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2 LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvCDENHp Ytkjvb5b/4qgpnHLRF2dxIyZnj4EbwTjwnrAiAM2ccYbe0OsGGddO7PeE35JY0Rh gg9nRVVUdJcHZaeJcODWMG7t0lSOboHJG+EJUJOo/YyMZsvbMnScfjAxuaLfqHDz zk8OpOygYwA+Dor0sVh6otjHtlsWJTK3Y9WezlNckGYWNLj4k1hoe5ftlukUebbs 7eSf+wNXHQ+JBK1TnI5kY43mBYpzdnzRFy5KrgY6JMten4wL39h3HQ0qY1IDVcCX q2RZgUOONjgVvHdBVKfZnSZu2AKUZJU+0DHSExFCTHd9MrQrXbiDdyQEPL4A2C4t NvYCawGnhhv4Mg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:06:36 2025 by rpki-client