This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft File: 41wFcLO3dz0eEYgufdLGJVN-sJw.mft (raw, json) Hash identifier: +a6Oxz/g7D8REiGtic5LD5Y008l1Ibc1g7Q/O41cl/k= Subject key identifier: E4:36:BA:02:65:A3:DD:AA:68:6F:41:AA:A6:5C:26:6A:72:CB:79:AF Authority key identifier: E3:5C:05:70:B3:B7:77:3D:1E:11:88:2E:7D:D2:C6:25:53:7E:B0:9C Certificate issuer: /CN=e35c0570b3b7773d1e11882e7dd2c625537eb09c Certificate serial: 019AF6F8A7A6B15364A67104BD369C6D730E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft Manifest number: 149C Signing time: Sun 07 Dec 2025 04:01:22 +0000 Manifest this update: Sun 07 Dec 2025 04:01:22 +0000 Manifest next update: Mon 08 Dec 2025 04:01:22 +0000 Files and hashes: 1: 41wFcLO3dz0eEYgufdLGJVN-sJw.crl (hash: uRGYSSpFml3JGGkPryhJ1n/PjY8LvbAQBMpFQl8bbtw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.crl rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:f8:a7:a6:b1:53:64:a6:71:04:bd:36:9c:6d:73:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e35c0570b3b7773d1e11882e7dd2c625537eb09c Validity Not Before: Dec 7 04:01:22 2025 GMT Not After : Dec 8 04:01:22 2025 GMT Subject: CN=e436ba0265a3ddaa686f41aaa65c266a72cb79af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:cc:0b:0e:85:c5:a6:8d:b2:67:6d:4c:7f:a0: e8:88:eb:8b:ac:b9:3e:21:f5:4c:51:69:04:4e:0f: 68:f6:e4:44:45:c8:42:4a:f6:96:92:16:18:9a:29: d5:d3:ab:b3:a9:ff:01:54:de:58:ab:20:40:4f:49: 1a:9b:61:9f:f2:19:8f:b8:c3:0d:a6:1c:36:a8:67: 10:dc:6b:72:8b:66:35:94:8f:4f:31:5b:a2:53:0c: 22:45:9d:06:03:68:68:fc:27:2d:06:c6:a1:cd:a4: 19:84:e9:a1:e3:5d:c6:76:c4:f6:ae:12:4f:6e:89: 26:d3:00:18:9f:cf:8d:0b:b7:e5:eb:e2:12:2d:ae: 7b:c6:15:64:b8:d7:4c:2d:35:f1:60:57:ff:11:9b: c4:c4:4d:85:c2:f3:d9:9b:59:ec:fa:77:26:51:3b: b1:51:04:c0:ac:d0:62:17:ba:07:57:83:70:f8:ac: 96:54:9a:28:c4:e4:4e:9f:7e:ba:21:69:8d:a7:41: 11:86:0e:22:ba:8d:7e:07:75:fe:de:bd:4c:d2:07: 4f:94:db:44:61:bb:41:ea:c0:07:89:3f:be:42:1d: 67:a2:5e:d8:5e:3d:ea:65:d3:d0:2c:17:5a:c4:ca: 71:c4:10:a1:47:f8:3f:3d:2b:b2:6a:a0:a9:16:a7: e3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:36:BA:02:65:A3:DD:AA:68:6F:41:AA:A6:5C:26:6A:72:CB:79:AF X509v3 Authority Key Identifier: keyid:E3:5C:05:70:B3:B7:77:3D:1E:11:88:2E:7D:D2:C6:25:53:7E:B0:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/41wFcLO3dz0eEYgufdLGJVN-sJw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/c2f579-7501-4a5b-8dd7-f69128a91983/1/41wFcLO3dz0eEYgufdLGJVN-sJw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:97:72:a2:b2:31:8a:fb:29:e1:0d:89:f9:e9:01:d9:a7:92: 6e:7e:73:ba:1e:d3:07:c7:b6:3e:39:df:39:ba:7a:65:ce:23: 3a:22:1a:73:ec:89:bb:75:0a:c4:c4:6f:0c:0c:f0:83:ab:f1: bd:f0:c8:ea:b4:17:78:a9:ea:03:1a:d1:43:8f:11:fd:70:4d: 00:9f:c6:ef:9b:56:7c:65:e8:f6:b6:bc:f5:40:ca:5f:4a:a4: c4:d4:7a:9a:dc:8c:80:24:43:34:ad:94:9b:8f:73:2a:48:64: c0:76:a1:ae:ad:7d:09:06:da:9e:78:07:52:cb:92:7c:dd:ea: 0d:a1:08:1e:9a:b2:8f:be:a6:ba:d4:1f:7e:7c:33:96:ab:0a: b0:d9:44:f0:a2:d1:06:1b:0f:a0:78:b3:11:6d:ad:e0:6a:8b: af:b5:73:38:13:49:6a:4a:af:69:df:2f:90:23:79:e6:b7:c0: a2:0e:16:5f:19:97:c1:76:e4:61:03:25:fd:7c:b3:95:e8:3c: 9b:30:62:4d:41:87:cd:eb:aa:a5:a1:30:d1:33:63:a8:62:19: 02:07:6a:c9:f3:49:cb:9b:60:42:cd:88:22:ae:4e:46:a1:60: 2e:02:c8:19:6b:cd:3a:5a:9b:8d:24:9d:76:a5:46:8c:2e:cc: 39:ab:cb:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2+KemsVNkpnEEvTacbXMOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzNWMwNTcwYjNiNzc3M2QxZTExODgyZTdkZDJjNjI1NTM3 ZWIwOWMwHhcNMjUxMjA3MDQwMTIyWhcNMjUxMjA4MDQwMTIyWjAzMTEwLwYDVQQD EyhlNDM2YmEwMjY1YTNkZGFhNjg2ZjQxYWFhNjVjMjY2YTcyY2I3OWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocwLDoXFpo2yZ21Mf6DoiOuLrLk+ IfVMUWkETg9o9uRERchCSvaWkhYYminV06uzqf8BVN5YqyBAT0kam2Gf8hmPuMMN phw2qGcQ3Gtyi2Y1lI9PMVuiUwwiRZ0GA2ho/CctBsahzaQZhOmh413GdsT2rhJP bokm0wAYn8+NC7fl6+ISLa57xhVkuNdMLTXxYFf/EZvExE2FwvPZm1ns+ncmUTux UQTArNBiF7oHV4Nw+KyWVJooxOROn366IWmNp0ERhg4iuo1+B3X+3r1M0gdPlNtE YbtB6sAHiT++Qh1nol7YXj3qZdPQLBdaxMpxxBChR/g/PSuyaqCpFqfj0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOQ2ugJlo92qaG9BqqZcJmpyy3mvMB8GA1UdIwQY MBaAFONcBXCzt3c9HhGILn3SxiVTfrCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9jMmY1NzktNzUwMS00YTViLThkZDct ZjY5MTI4YTkxOTgzLzEvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni9jMmY1NzktNzUwMS00YTViLThkZDctZjY5MTI4YTkxOTgz LzEvNDF3RmNMTzNkejBlRVlndWZkTEdKVk4tc0p3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuJdyorIx ivsp4Q2J+ekB2aeSbn5zuh7TB8e2PjnfObp6Zc4jOiIac+yJu3UKxMRvDAzwg6vx vfDI6rQXeKnqAxrRQ48R/XBNAJ/G75tWfGXo9ra89UDKX0qkxNR6mtyMgCRDNK2U m49zKkhkwHahrq19CQbanngHUsuSfN3qDaEIHpqyj76mutQffnwzlqsKsNlE8KLR BhsPoHizEW2t4GqLr7VzOBNJakqvad8vkCN55rfAog4WXxmXwXbkYQMl/Xyzleg8 mzBiTUGHzeuqpaEw0TNjqGIZAgdqyfNJy5tgQs2IIq5ORqFgLgLIGWvNOlqbjSSd dqVGjC7MOavLmw== -----END CERTIFICATE-----Generated at Sun Dec 7 06:32:30 2025 by rpki-client