This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft File: 09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json) Hash identifier: 0dpPtIdj+P9btw1IvEU8tMEKakFP/IldzK9hUD9ARJs= Subject key identifier: 90:46:BE:29:5C:D2:DF:4D:44:5D:5E:1A:0A:E9:50:BF:C7:CF:C7:F4 Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 Certificate issuer: /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Certificate serial: 019AFCC3EAC2687F31B172D2D676DD66197C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft Manifest number: 0294 Signing time: Mon 08 Dec 2025 07:01:29 +0000 Manifest this update: Mon 08 Dec 2025 07:01:29 +0000 Manifest next update: Tue 09 Dec 2025 07:01:29 +0000 Files and hashes: 1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: SnFfZntuaybzuDWilIfn+zfhdarBm93eErADI5yfAvU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fc:c3:ea:c2:68:7f:31:b1:72:d2:d6:76:dd:66:19:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Validity Not Before: Dec 8 07:01:29 2025 GMT Not After : Dec 9 07:01:29 2025 GMT Subject: CN=9046be295cd2df4d445d5e1a0ae950bfc7cfc7f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:45:bf:9e:c6:83:60:ff:68:92:0a:16:7c:f5: 59:d5:fe:c7:bd:6b:0f:26:8b:60:3f:49:8a:60:54: 60:ef:5a:c7:57:0a:fa:2c:0d:71:e3:09:77:c9:f6: a7:5a:18:9a:f5:e3:ad:7f:11:fe:bb:bb:bd:00:a4: 57:6d:f1:b5:da:5c:9b:5b:63:c3:3f:cb:6d:aa:ee: c2:1b:00:aa:b4:d4:af:c0:5e:9b:15:df:4b:14:ba: f6:aa:aa:b6:28:fb:aa:5d:36:14:f3:ff:87:f5:24: 43:05:60:73:64:f8:1d:07:db:30:47:7c:f9:2f:92: 63:f5:7a:c7:78:49:2f:c5:19:57:49:b3:03:26:4f: 3d:d2:12:d5:17:ca:9d:d3:a7:2b:b9:57:8f:d8:ef: 3b:c7:6f:9d:a3:cc:0f:a5:e7:c0:cc:14:39:39:44: e5:c9:5a:a6:ab:5e:1c:79:22:00:94:5d:a9:31:b6: 3c:f0:23:f0:59:cf:77:7f:6c:0a:a5:02:ff:d0:90: cf:a2:f0:02:3b:36:f5:5f:f7:e6:eb:6d:ab:1a:6a: 3a:ea:0f:aa:ea:c1:bf:3e:95:79:87:f1:81:66:c2: e2:2a:75:71:c4:1b:40:c9:66:9e:9d:d5:46:96:e8: 15:34:8d:62:5d:95:92:ed:eb:ae:96:b5:eb:9c:ef: 99:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:46:BE:29:5C:D2:DF:4D:44:5D:5E:1A:0A:E9:50:BF:C7:CF:C7:F4 X509v3 Authority Key Identifier: keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:5e:0b:01:0f:37:5a:16:d0:20:2e:44:5b:fe:c3:09:40:60: 39:0d:fd:88:81:31:12:d0:6a:40:45:48:67:9c:46:91:99:b8: 71:cf:45:16:93:a0:ea:4d:a3:d8:f0:8a:7f:73:fa:ab:0a:8a: 73:6f:26:0b:1b:bf:81:19:ed:c3:80:cb:43:0f:62:c0:66:fb: cc:53:4c:96:6a:65:b4:69:a8:f6:2f:1f:b8:df:26:54:82:9b: 32:c2:56:33:df:b2:02:2d:19:1f:12:f1:07:ff:5c:84:ce:44: da:d0:2b:67:e7:d3:db:2b:c5:bc:59:88:3a:cb:f7:8a:8d:4f: 47:ab:24:80:86:fe:fb:2b:65:22:fc:a7:91:ea:05:3e:37:7d: 7c:f4:1f:42:9e:5d:b6:c4:ec:5b:8b:68:14:80:17:5c:4b:03: 8e:a7:b0:d2:08:cc:9b:f4:75:61:1e:58:ab:9d:ec:34:a1:ec: 05:3f:8b:50:20:e7:87:86:c8:6e:1c:b1:19:1b:e7:db:8e:ea: 4b:85:03:0b:8f:9c:f4:5e:a5:71:a3:86:b5:12:fd:fc:73:52: 4a:c7:e1:53:79:04:3c:28:16:f4:1b:8b:73:66:53:ac:01:af: 84:f3:f7:73:7b:5d:0d:19:53:0d:c0:d1:27:a9:26:2e:4f:16: 90:5a:7a:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr8w+rCaH8xsXLS1nbdZhl8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3 ZDk0MzEwHhcNMjUxMjA4MDcwMTI5WhcNMjUxMjA5MDcwMTI5WjAzMTEwLwYDVQQD Eyg5MDQ2YmUyOTVjZDJkZjRkNDQ1ZDVlMWEwYWU5NTBiZmM3Y2ZjN2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUW/nsaDYP9okgoWfPVZ1f7HvWsP JotgP0mKYFRg71rHVwr6LA1x4wl3yfanWhia9eOtfxH+u7u9AKRXbfG12lybW2PD P8ttqu7CGwCqtNSvwF6bFd9LFLr2qqq2KPuqXTYU8/+H9SRDBWBzZPgdB9swR3z5 L5Jj9XrHeEkvxRlXSbMDJk890hLVF8qd06cruVeP2O87x2+do8wPpefAzBQ5OUTl yVqmq14ceSIAlF2pMbY88CPwWc93f2wKpQL/0JDPovACOzb1X/fm622rGmo66g+q 6sG/PpV5h/GBZsLiKnVxxBtAyWaendVGlugVNI1iXZWS7euulrXrnO+Z8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJBGvilc0t9NRF1eGgrpUL/Hz8f0MB8GA1UdIwQY MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARV4LAQ83 WhbQIC5EW/7DCUBgOQ39iIExEtBqQEVIZ5xGkZm4cc9FFpOg6k2j2PCKf3P6qwqK c28mCxu/gRntw4DLQw9iwGb7zFNMlmpltGmo9i8fuN8mVIKbMsJWM9+yAi0ZHxLx B/9chM5E2tArZ+fT2yvFvFmIOsv3io1PR6skgIb++ytlIvynkeoFPjd9fPQfQp5d tsTsW4toFIAXXEsDjqew0gjMm/R1YR5Yq53sNKHsBT+LUCDnh4bIbhyxGRvn247q S4UDC4+c9F6lcaOGtRL9/HNSSsfhU3kEPCgW9BuLc2ZTrAGvhPP3c3tdDRlTDcDR J6kmLk8WkFp6Ag== -----END CERTIFICATE-----Generated at Mon Dec 8 09:36:17 2025 by rpki-client