This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft File: 861SH4OIdIPIybDG895f1e1Whck.mft (raw, json) Hash identifier: iVOgH99MGLENsXMDmZl05sRgHEmS3ruSaTHqGSdag00= Subject key identifier: 7B:CE:7E:94:87:16:A1:25:BD:1D:62:0E:E8:F2:4B:6A:8F:B8:F0:22 Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9 Certificate issuer: /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9 Certificate serial: 019AF12CE2D192E8E3B8F765F456DDC580C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft Manifest number: 0CEB Signing time: Sat 06 Dec 2025 01:00:41 +0000 Manifest this update: Sat 06 Dec 2025 01:00:41 +0000 Manifest next update: Sun 07 Dec 2025 01:00:41 +0000 Files and hashes: 1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: H4iPictipK3+bvoM7dandWjO/CFZmJN1tJaAw3g4b8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:e2:d1:92:e8:e3:b8:f7:65:f4:56:dd:c5:80:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9 Validity Not Before: Dec 6 01:00:41 2025 GMT Not After : Dec 7 01:00:41 2025 GMT Subject: CN=7bce7e948716a125bd1d620ee8f24b6a8fb8f022 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:4c:a9:5d:46:91:3e:cb:e3:b6:c6:74:bd:2c: 66:a4:ff:f1:8a:25:22:e5:a5:5d:05:9d:62:3a:a5: d3:d7:4c:bc:47:af:cb:bc:30:2a:6b:de:26:43:2d: 56:4e:eb:cc:7b:3b:bf:68:95:ad:54:14:c0:bc:f5: a7:af:a1:32:06:04:7e:85:4a:52:2b:f6:05:a3:a5: 25:02:82:78:94:18:8d:5f:12:3e:8a:01:80:9a:d3: b4:84:9d:5d:8f:0c:7a:61:72:35:b8:63:06:de:95: bf:e6:08:86:02:17:c7:ad:bc:90:b2:43:09:df:c2: ba:ff:1d:e3:a2:61:f1:b7:d8:da:bd:d1:bf:7a:4c: a4:f1:b3:e9:ce:e2:4b:ed:93:3e:b0:16:26:a5:a3: e3:ba:08:ae:0d:61:bb:0e:15:89:78:5a:88:b5:f2: 1f:0a:bd:d7:a1:eb:06:49:2a:d4:0b:82:45:71:96: d7:c0:90:b3:92:ed:86:b7:1f:20:27:6e:01:e6:ab: 86:d9:4e:ac:e1:3e:21:d8:aa:ff:56:ac:8f:55:77: a8:cb:14:ea:a9:1b:94:68:4c:38:f2:ff:28:b7:06: bf:39:01:cd:01:0c:cb:de:bc:7b:eb:5b:13:17:65: 44:40:fd:3f:5d:99:16:76:f9:0b:4a:5c:18:97:85: 39:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:CE:7E:94:87:16:A1:25:BD:1D:62:0E:E8:F2:4B:6A:8F:B8:F0:22 X509v3 Authority Key Identifier: keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:c3:d8:70:31:f0:81:07:55:ce:86:76:f9:89:e6:fa:82:ec: 97:70:93:d0:b4:8c:b6:95:40:8b:01:dd:da:a2:2e:07:ab:b4: ce:c5:da:57:4c:23:2e:3a:da:5d:76:a1:52:77:fc:81:c9:91: 45:1e:c4:51:aa:96:fa:ea:4d:14:12:56:bd:e6:e7:39:b6:d3: f4:01:e6:f3:ab:1c:aa:ea:0c:45:7a:c2:a5:fe:2a:62:a2:63: b2:b0:89:4e:8e:9a:3a:0c:1e:53:0d:45:c6:06:82:95:1a:97: be:98:1a:7c:4e:32:87:ba:85:80:27:5c:02:0b:5f:ee:26:ee: 47:a8:17:4a:b4:7a:0b:8c:d1:f2:8e:c7:05:60:f7:64:16:6a: 1b:e4:14:5c:b5:0c:e6:b5:6b:30:c2:36:38:61:68:b3:85:67: 84:81:f5:af:18:2d:85:bc:5d:bd:4f:0d:9d:74:51:2e:c2:38: 8f:7c:0a:4d:f0:4c:43:8d:76:b7:30:b6:92:bb:fd:e0:9c:f0: 8f:d0:32:0c:9d:9c:b7:56:fc:7f:cf:3a:c0:29:10:42:11:05: e8:6a:98:49:05:25:69:79:60:c7:af:ed:2f:16:26:4b:e8:86: 9a:8e:06:08:47:12:ad:83:a1:14:cc:0e:34:95:e6:b4:01:85: e4:77:e2:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLOLRkujjuPdl9FbdxYDEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1 Njg1YzkwHhcNMjUxMjA2MDEwMDQxWhcNMjUxMjA3MDEwMDQxWjAzMTEwLwYDVQQD Eyg3YmNlN2U5NDg3MTZhMTI1YmQxZDYyMGVlOGYyNGI2YThmYjhmMDIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUypXUaRPsvjtsZ0vSxmpP/xiiUi 5aVdBZ1iOqXT10y8R6/LvDAqa94mQy1WTuvMezu/aJWtVBTAvPWnr6EyBgR+hUpS K/YFo6UlAoJ4lBiNXxI+igGAmtO0hJ1djwx6YXI1uGMG3pW/5giGAhfHrbyQskMJ 38K6/x3jomHxt9javdG/ekyk8bPpzuJL7ZM+sBYmpaPjugiuDWG7DhWJeFqItfIf Cr3XoesGSSrUC4JFcZbXwJCzku2Gtx8gJ24B5quG2U6s4T4h2Kr/VqyPVXeoyxTq qRuUaEw48v8otwa/OQHNAQzL3rx761sTF2VEQP0/XZkWdvkLSlwYl4U5hwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHvOfpSHFqElvR1iDujyS2qPuPAiMB8GA1UdIwQY MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2 LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKcPYcDHw gQdVzoZ2+Ynm+oLsl3CT0LSMtpVAiwHd2qIuB6u0zsXaV0wjLjraXXahUnf8gcmR RR7EUaqW+upNFBJWvebnObbT9AHm86scquoMRXrCpf4qYqJjsrCJTo6aOgweUw1F xgaClRqXvpgafE4yh7qFgCdcAgtf7ibuR6gXSrR6C4zR8o7HBWD3ZBZqG+QUXLUM 5rVrMMI2OGFos4VnhIH1rxgthbxdvU8NnXRRLsI4j3wKTfBMQ412tzC2krv94Jzw j9AyDJ2ct1b8f886wCkQQhEF6GqYSQUlaXlgx6/tLxYmS+iGmo4GCEcSrYOhFMwO NJXmtAGF5HfiRQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:04:47 2025 by rpki-client