This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft File: vdI1_DzDTEVIxqhONeSVMyhTm-E.mft (raw, json) Hash identifier: lxptDgh7BYjOJcmjpeYnmf0MH7AwVc89OmFpQP2bGTI= Subject key identifier: AE:BB:42:22:19:28:4F:A6:5D:CA:41:A5:47:8B:EC:C5:4B:45:CE:93 Authority key identifier: BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1 Certificate issuer: /CN=bdd235fc3cc34c4548c6a84e35e4953328539be1 Certificate serial: 019AF42E3E7A1B7DC1A149773775E5587E7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft Manifest number: 116C Signing time: Sat 06 Dec 2025 15:01:02 +0000 Manifest this update: Sat 06 Dec 2025 15:01:02 +0000 Manifest next update: Sun 07 Dec 2025 15:01:02 +0000 Files and hashes: 1: vdI1_DzDTEVIxqhONeSVMyhTm-E.crl (hash: RvqJVRHYpX1dATdqLigbd5z7ZTm0/6QJud+F0xxcyM0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:3e:7a:1b:7d:c1:a1:49:77:37:75:e5:58:7e:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdd235fc3cc34c4548c6a84e35e4953328539be1 Validity Not Before: Dec 6 15:01:02 2025 GMT Not After : Dec 7 15:01:02 2025 GMT Subject: CN=aebb422219284fa65dca41a5478becc54b45ce93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a4:5c:ce:88:f1:df:04:9e:20:6d:be:e2:c3: f4:23:5e:80:26:4e:af:85:88:d3:5a:36:30:42:20: f9:23:f5:f5:27:3f:06:bd:d2:93:e2:ef:6c:32:5b: 95:8a:e9:7f:bf:c7:ac:c8:94:7e:fd:6a:97:5d:c7: 59:60:da:f7:ce:ca:13:de:1c:e2:91:81:21:6d:c2: 32:04:26:ac:48:39:84:e0:d6:b1:2f:74:81:58:bf: 41:17:d7:35:8e:b9:bd:03:de:0a:aa:a1:14:a0:5c: 5c:f0:19:20:9e:31:88:7e:58:5b:63:c3:48:f4:0a: b3:1b:9d:79:ca:3b:46:df:3d:7f:6d:97:18:e7:23: c7:09:5f:c5:be:96:d7:e8:ef:7a:79:14:3f:34:de: cf:89:3f:e2:ff:4b:b0:65:61:ca:f9:58:20:30:ac: a8:76:7b:47:7f:63:0a:ea:ff:78:30:b8:55:37:95: ce:e4:5c:3c:2c:8a:d1:b6:aa:84:00:9b:54:54:3a: e5:4c:78:06:67:4e:ad:8f:d9:a4:72:b7:78:f4:e9: 05:a8:89:24:c1:44:45:c2:09:7c:2c:f9:ac:26:f2: da:ed:ac:cd:aa:fd:a7:54:c5:53:bd:b6:bf:d2:77: 20:08:68:a0:1f:75:64:05:4f:fc:08:d8:80:f2:b6: 6c:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:BB:42:22:19:28:4F:A6:5D:CA:41:A5:47:8B:EC:C5:4B:45:CE:93 X509v3 Authority Key Identifier: keyid:BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:65:3c:d7:fd:bd:3e:14:2c:dd:2c:47:56:d8:ba:54:0f:71: 4e:96:2e:99:5a:67:51:e7:49:4c:12:38:d5:9b:08:9f:08:10: ce:a3:33:70:a8:84:f1:7e:18:32:3b:b6:68:fd:9e:32:84:46: 0b:6a:f4:20:6d:9f:c7:61:f4:03:44:2c:e6:46:c6:66:ba:37: e2:e0:60:88:0c:f9:22:35:7f:55:c4:82:89:1d:8b:3d:9a:d3: 3f:c2:d5:98:98:f5:81:92:9d:b2:9a:d1:da:35:db:48:4f:7f: 41:3c:6f:4e:ce:15:7d:dd:88:f6:f5:64:45:f7:19:d5:00:b6: 41:d1:ea:4a:6b:fc:3e:de:83:d3:08:aa:53:20:62:e5:30:7f: 07:f1:d6:65:2d:2e:97:84:d2:43:5e:bf:32:b3:1d:57:8b:5e: 0b:bb:a7:72:ae:c1:86:ef:13:76:8b:86:1f:cb:84:b9:57:ac: 2a:ae:d8:be:bd:2a:4a:54:58:88:9c:02:c8:8f:43:79:ed:f7: 6e:dc:69:a1:08:34:a7:50:92:03:1a:d1:ab:75:df:0f:71:45: 71:6c:f6:39:4a:d6:3c:0e:23:e6:b4:96:19:ad:88:7e:25:c5: a0:ae:1f:03:da:17:e9:8e:a3:f5:02:1a:01:56:d1:83:64:a9: d7:c4:0b:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0Lj56G33BoUl3N3XlWH5/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZDIzNWZjM2NjMzRjNDU0OGM2YTg0ZTM1ZTQ5NTMzMjg1 MzliZTEwHhcNMjUxMjA2MTUwMTAyWhcNMjUxMjA3MTUwMTAyWjAzMTEwLwYDVQQD EyhhZWJiNDIyMjE5Mjg0ZmE2NWRjYTQxYTU0NzhiZWNjNTRiNDVjZTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaRczojx3wSeIG2+4sP0I16AJk6v hYjTWjYwQiD5I/X1Jz8GvdKT4u9sMluViul/v8esyJR+/WqXXcdZYNr3zsoT3hzi kYEhbcIyBCasSDmE4NaxL3SBWL9BF9c1jrm9A94KqqEUoFxc8BkgnjGIflhbY8NI 9AqzG515yjtG3z1/bZcY5yPHCV/FvpbX6O96eRQ/NN7PiT/i/0uwZWHK+VggMKyo dntHf2MK6v94MLhVN5XO5Fw8LIrRtqqEAJtUVDrlTHgGZ06tj9mkcrd49OkFqIkk wURFwgl8LPmsJvLa7azNqv2nVMVTvba/0ncgCGigH3VkBU/8CNiA8rZsLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK67QiIZKE+mXcpBpUeL7MVLRc6TMB8GA1UdIwQY MBaAFL3SNfw8w0xFSMaoTjXklTMoU5vhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMt MWVjZjFlZDY0ODdiLzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMtMWVjZjFlZDY0ODdi LzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2U81/29 PhQs3SxHVti6VA9xTpYumVpnUedJTBI41ZsInwgQzqMzcKiE8X4YMju2aP2eMoRG C2r0IG2fx2H0A0Qs5kbGZro34uBgiAz5IjV/VcSCiR2LPZrTP8LVmJj1gZKdsprR 2jXbSE9/QTxvTs4Vfd2I9vVkRfcZ1QC2QdHqSmv8Pt6D0wiqUyBi5TB/B/HWZS0u l4TSQ16/MrMdV4teC7uncq7Bhu8TdouGH8uEuVesKq7Yvr0qSlRYiJwCyI9Dee33 btxpoQg0p1CSAxrRq3XfD3FFcWz2OUrWPA4j5rSWGa2IfiXFoK4fA9oX6Y6j9QIa AVbRg2Sp18QL1A== -----END CERTIFICATE-----Generated at Sat Dec 6 18:51:36 2025 by rpki-client