This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft File: 1MiI65YKABkAwnleiq-iaPYC2EI.mft (raw, json) Hash identifier: R7yaJYIZ5p0eWRI21qejBTRAXEt12a9mN/8WPKVW+o0= Subject key identifier: AA:43:CC:3F:1B:24:F7:F7:2A:7A:80:DB:F4:49:2C:3B:20:EE:5F:65 Authority key identifier: D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42 Certificate issuer: /CN=d4c888eb960a001900c2795e8aafa268f602d842 Certificate serial: 019AF12EC2E8088DDC7A8759BDEC6E3F0433 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft Manifest number: 0C6D Signing time: Sat 06 Dec 2025 01:02:44 +0000 Manifest this update: Sat 06 Dec 2025 01:02:44 +0000 Manifest next update: Sun 07 Dec 2025 01:02:44 +0000 Files and hashes: 1: 1MiI65YKABkAwnleiq-iaPYC2EI.crl (hash: x6rvtWP2Kz0wgdvzgLjYIUCOBNYedxjEq/aIZkBrP1Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:c2:e8:08:8d:dc:7a:87:59:bd:ec:6e:3f:04:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4c888eb960a001900c2795e8aafa268f602d842 Validity Not Before: Dec 6 01:02:44 2025 GMT Not After : Dec 7 01:02:44 2025 GMT Subject: CN=aa43cc3f1b24f7f72a7a80dbf4492c3b20ee5f65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:7d:d6:40:81:b2:67:82:4e:a8:de:3f:0a:9c: cc:2c:e5:53:48:a4:fd:a2:d4:5c:a2:48:f6:99:47: e0:5c:4a:d5:6f:21:e6:8d:44:70:4a:08:70:57:de: 09:25:d6:07:b3:d9:38:4c:26:85:c8:59:50:1e:13: 5f:62:4d:35:64:b3:03:70:d9:db:d3:e7:b2:b8:7a: 45:62:ba:09:80:7d:d3:bb:1f:38:51:62:db:a1:50: f0:ba:86:95:87:d4:3b:1f:61:35:59:cf:da:8b:0d: 1a:a0:f8:4a:3e:6d:75:e7:a0:b6:04:e8:a4:ce:8a: 03:3f:6e:97:8a:8e:f5:38:51:9c:ce:18:e8:52:e6: 3e:ad:14:a0:1b:3e:4f:34:d8:53:a3:33:36:d4:26: 65:91:cb:b4:c1:3c:59:8a:93:f2:e0:09:37:0c:03: 03:08:35:98:8e:25:4c:d2:2e:ca:45:f6:79:0d:20: c4:50:6f:2b:88:9d:1e:eb:f6:53:52:ad:83:cb:0d: dc:03:4e:96:0c:6e:0a:0b:fc:f8:b8:d6:3e:cf:45: b6:56:07:61:24:0c:0b:f9:b9:f6:f6:17:e0:a6:1f: 31:ad:49:fa:f7:3c:22:4b:03:bc:0f:14:20:c3:f8: 7e:51:99:18:06:7f:2b:92:6e:d6:c6:b8:6c:fe:88: 5b:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:43:CC:3F:1B:24:F7:F7:2A:7A:80:DB:F4:49:2C:3B:20:EE:5F:65 X509v3 Authority Key Identifier: keyid:D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c2:f7:40:44:27:8a:f1:0e:c7:6a:ec:0a:1f:44:77:00:69:6a: fa:30:53:d9:07:c1:5e:d8:75:32:6b:1c:ec:26:f8:86:af:af: ca:45:f5:f5:ea:10:28:ec:9a:23:8d:7b:6a:ea:76:88:21:61: d3:ec:7a:41:a6:1a:31:a6:69:6d:64:2a:86:c1:49:c9:77:29: af:80:1f:89:d4:3a:8d:ea:79:5f:95:e2:00:65:27:ab:46:94: 13:14:10:e5:49:4d:22:89:ac:c3:7d:ee:0b:d3:c4:68:4e:fc: 37:c4:7a:e6:05:dd:c3:66:a4:be:a0:99:c4:b2:b2:40:a1:9c: 7c:62:04:7c:7e:de:ae:d0:fe:c9:45:3c:ab:d8:27:e3:9d:52: bd:27:11:80:ad:96:af:7a:33:78:51:4b:2d:60:79:9d:77:52: c3:d1:c1:f7:53:1d:48:42:d8:dc:e5:d8:bd:ab:fb:2e:1d:f8: d5:bf:93:c7:16:10:e3:21:3c:62:5e:5f:66:1b:43:71:2d:28: 10:b5:87:cb:db:48:d5:30:5b:c8:fa:f3:63:17:07:7d:c5:93: c6:3e:9e:7f:1f:a3:e5:ba:0f:56:7c:77:91:01:2c:71:5d:ad: 2c:13:0c:73:38:39:38:ea:8b:11:8a:5a:f7:41:5e:3c:15:80: 78:5d:d5:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLsLoCI3ceodZvexuPwQzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0Yzg4OGViOTYwYTAwMTkwMGMyNzk1ZThhYWZhMjY4ZjYw MmQ4NDIwHhcNMjUxMjA2MDEwMjQ0WhcNMjUxMjA3MDEwMjQ0WjAzMTEwLwYDVQQD EyhhYTQzY2MzZjFiMjRmN2Y3MmE3YTgwZGJmNDQ5MmMzYjIwZWU1ZjY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg33WQIGyZ4JOqN4/CpzMLOVTSKT9 otRcokj2mUfgXErVbyHmjURwSghwV94JJdYHs9k4TCaFyFlQHhNfYk01ZLMDcNnb 0+eyuHpFYroJgH3Tux84UWLboVDwuoaVh9Q7H2E1Wc/aiw0aoPhKPm1156C2BOik zooDP26Xio71OFGczhjoUuY+rRSgGz5PNNhTozM21CZlkcu0wTxZipPy4Ak3DAMD CDWYjiVM0i7KRfZ5DSDEUG8riJ0e6/ZTUq2Dyw3cA06WDG4KC/z4uNY+z0W2Vgdh JAwL+bn29hfgph8xrUn69zwiSwO8DxQgw/h+UZkYBn8rkm7Wxrhs/ohbvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKpDzD8bJPf3KnqA2/RJLDsg7l9lMB8GA1UdIwQY MBaAFNTIiOuWCgAZAMJ5Xoqvomj2AthCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEt MTVkNzY5MWY0YTJhLzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEtMTVkNzY5MWY0YTJh LzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwvdARCeK 8Q7HauwKH0R3AGlq+jBT2QfBXth1Mmsc7Cb4hq+vykX19eoQKOyaI417aup2iCFh 0+x6QaYaMaZpbWQqhsFJyXcpr4AfidQ6jep5X5XiAGUnq0aUExQQ5UlNIomsw33u C9PEaE78N8R65gXdw2akvqCZxLKyQKGcfGIEfH7ertD+yUU8q9gn451SvScRgK2W r3ozeFFLLWB5nXdSw9HB91MdSELY3OXYvav7Lh341b+TxxYQ4yE8Yl5fZhtDcS0o ELWHy9tI1TBbyPrzYxcHfcWTxj6efx+j5boPVnx3kQEscV2tLBMMczg5OOqLEYpa 90FePBWAeF3V8g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:43 2025 by rpki-client