This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft File: RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json) Hash identifier: s4yTrjNeCf3UI1bNBdp4LJuHJDBWsdqvyXCh776h0sg= Subject key identifier: 95:90:FE:03:CC:A3:B2:9D:44:4F:18:4E:75:9E:FF:7B:95:0A:00:1F Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F Certificate issuer: /CN=44dbe3626a76b04a120889704958863d42632f0f Certificate serial: 019AF352C67B6722219EF0FD1564A0DC9E90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft Manifest number: 0571 Signing time: Sat 06 Dec 2025 11:01:19 +0000 Manifest this update: Sat 06 Dec 2025 11:01:19 +0000 Manifest next update: Sun 07 Dec 2025 11:01:19 +0000 Files and hashes: 1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: tip64zCH35vBdMiQ5YLhHyfZo0XzTeVAyYHSFC7/xSc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:c6:7b:67:22:21:9e:f0:fd:15:64:a0:dc:9e:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f Validity Not Before: Dec 6 11:01:19 2025 GMT Not After : Dec 7 11:01:19 2025 GMT Subject: CN=9590fe03cca3b29d444f184e759eff7b950a001f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:88:b7:ed:4a:af:83:70:21:dc:de:48:53:d3: de:2d:eb:d5:b0:4c:51:22:fc:d3:cd:47:9e:a5:a2: 57:93:59:54:3f:b6:33:2f:a1:bb:15:c5:77:f0:2b: 0f:68:e6:e5:16:97:1e:ca:e0:a7:dd:b0:39:c0:30: a8:7d:2c:f3:eb:c9:c8:be:f5:67:51:22:19:de:51: 49:f1:a1:fa:75:cb:d3:7b:1f:b2:2a:e0:60:a4:eb: 2c:1c:9c:58:83:cc:5e:fe:29:09:16:0a:dc:20:ab: 8d:bc:cd:29:a2:fc:10:4e:a5:7c:4a:c8:e6:54:7d: d6:52:0d:79:7b:68:d2:ba:e4:d9:1b:7c:f7:9c:b9: 02:eb:ca:fb:3a:5c:7f:d7:11:4e:2c:28:c4:3f:61: 12:d8:82:47:74:2a:7b:cb:24:ba:9e:95:08:43:7a: 7f:26:a4:aa:b7:6e:e8:7e:b2:c8:b2:35:c1:fc:ba: ae:8c:e7:7c:02:09:d6:dc:2d:17:8c:07:0f:73:6c: 81:d2:08:20:3d:1d:04:8e:48:57:4d:97:bd:ff:d2: 8a:5d:f1:27:ae:7f:8f:a9:af:8f:2d:10:0a:58:6a: 16:d2:97:cd:d4:97:4a:bb:32:9c:3a:12:70:1c:76: af:e5:08:fc:2d:48:1c:58:ba:86:89:59:17:8a:a2: 64:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:90:FE:03:CC:A3:B2:9D:44:4F:18:4E:75:9E:FF:7B:95:0A:00:1F X509v3 Authority Key Identifier: keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:c5:9a:1b:68:a6:95:6e:72:cd:22:87:a6:4c:2d:3e:5e:e4: 4b:db:de:55:d5:fd:e0:1d:b9:63:bf:cd:ba:ed:5b:e6:b6:33: 9f:57:13:ab:28:10:cc:bf:f8:44:a8:a2:bb:e5:a1:70:97:f9: a2:6b:8b:e2:f7:c8:ae:f4:1f:b6:2a:71:bf:39:f2:b3:27:4e: 32:5e:6d:73:5a:15:e1:99:ac:ff:44:77:cb:49:ec:54:8b:55: 57:ce:02:18:af:0c:5f:89:d2:2b:ce:a2:06:d7:27:eb:ae:35: 29:35:20:13:8d:f5:71:35:ff:bd:a1:50:75:ad:28:3c:b4:5f: 2f:aa:33:e4:67:f7:a0:7e:0c:03:8d:14:8f:27:f9:00:71:de: a6:f5:c8:00:86:28:2a:35:fe:51:b1:7c:75:42:20:72:cd:df: bf:02:26:12:59:a8:7f:9b:02:bc:18:ae:bd:2e:11:f8:19:2c: 16:e9:47:25:3a:fb:4f:aa:bf:f0:6e:3b:0e:60:aa:79:b3:bd: 2f:6d:6f:e2:40:84:e4:c2:07:e9:6e:a7:f6:96:3c:b1:f5:3e: 5c:3c:0e:66:b8:57:19:e5:7f:41:2a:98:a0:5e:df:0d:7b:3d: c1:91:b1:ba:50:9c:b1:ff:12:0b:dd:09:05:16:e0:9a:cc:ab: d1:42:72:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUsZ7ZyIhnvD9FWSg3J6QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2 MzJmMGYwHhcNMjUxMjA2MTEwMTE5WhcNMjUxMjA3MTEwMTE5WjAzMTEwLwYDVQQD Eyg5NTkwZmUwM2NjYTNiMjlkNDQ0ZjE4NGU3NTllZmY3Yjk1MGEwMDFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ii37Uqvg3Ah3N5IU9PeLevVsExR IvzTzUeepaJXk1lUP7YzL6G7FcV38CsPaOblFpceyuCn3bA5wDCofSzz68nIvvVn USIZ3lFJ8aH6dcvTex+yKuBgpOssHJxYg8xe/ikJFgrcIKuNvM0povwQTqV8Ssjm VH3WUg15e2jSuuTZG3z3nLkC68r7Olx/1xFOLCjEP2ES2IJHdCp7yyS6npUIQ3p/ JqSqt27ofrLIsjXB/LqujOd8AgnW3C0XjAcPc2yB0gggPR0EjkhXTZe9/9KKXfEn rn+Pqa+PLRAKWGoW0pfN1JdKuzKcOhJwHHav5Qj8LUgcWLqGiVkXiqJkZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJWQ/gPMo7KdRE8YTnWe/3uVCgAfMB8GA1UdIwQY MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvMWaG2im lW5yzSKHpkwtPl7kS9veVdX94B25Y7/Nuu1b5rYzn1cTqygQzL/4RKiiu+WhcJf5 omuL4vfIrvQftipxvznysydOMl5tc1oV4Zms/0R3y0nsVItVV84CGK8MX4nSK86i Btcn6641KTUgE431cTX/vaFQda0oPLRfL6oz5Gf3oH4MA40Ujyf5AHHepvXIAIYo KjX+UbF8dUIgcs3fvwImElmof5sCvBiuvS4R+BksFulHJTr7T6q/8G47DmCqebO9 L21v4kCE5MIH6W6n9pY8sfU+XDwOZrhXGeV/QSqYoF7fDXs9wZGxulCcsf8SC90J BRbgmsyr0UJycQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:55:18 2025 by rpki-client