This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft File: CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json) Hash identifier: mbEzmc+me8x02+i56deeEyEA9EvZvm8u0t6EBuVIxdE= Subject key identifier: BA:F4:EB:BA:59:F1:66:A6:05:9B:6C:FE:69:4D:8E:4D:12:36:1D:3E Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74 Certificate issuer: /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474 Certificate serial: 019AF31C7DDC3059F2AD8033BB54B8E75BCF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft Manifest number: 15A9 Signing time: Sat 06 Dec 2025 10:02:01 +0000 Manifest this update: Sat 06 Dec 2025 10:02:01 +0000 Manifest next update: Sun 07 Dec 2025 10:02:01 +0000 Files and hashes: 1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: kbp+45QjH/LJjyWHQzz+69AdgStLFsQ+GOIu4iZN4/c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:7d:dc:30:59:f2:ad:80:33:bb:54:b8:e7:5b:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474 Validity Not Before: Dec 6 10:02:01 2025 GMT Not After : Dec 7 10:02:01 2025 GMT Subject: CN=baf4ebba59f166a6059b6cfe694d8e4d12361d3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d4:df:07:0a:a2:b8:60:73:a1:eb:bc:38:c9: 28:8d:25:09:37:9c:05:f4:b2:b9:d8:05:5e:4d:b5: 3b:23:55:ab:eb:66:09:44:66:24:e5:6a:70:8d:7a: 18:77:e4:1b:c3:a8:79:f1:b2:70:8c:d8:80:de:60: 1b:65:3b:0f:02:6b:e8:20:ed:10:25:76:e6:e5:1f: 7e:67:9c:ec:07:83:cc:5b:19:b0:33:b1:29:43:5e: e2:bb:08:69:45:de:4c:4d:96:cd:dd:8f:b3:17:c4: a2:71:b3:0d:67:d8:73:73:bb:72:fa:98:da:6f:16: a5:d6:3a:21:d8:a9:d7:d3:0a:32:49:e2:e3:fd:67: 7f:ee:c0:1f:ea:fd:36:c9:42:00:dd:4f:12:b0:6d: 3e:c3:20:6e:8d:3e:f8:53:25:f8:3d:80:b7:e2:17: fe:f4:3b:cc:d3:cf:23:d4:45:fd:8d:d8:b7:3e:42: 83:8f:64:24:35:00:ff:43:f1:81:1d:c2:62:96:d6: ec:e9:a5:ae:76:af:00:a6:fb:9d:f8:56:60:68:ef: a2:06:c7:e6:62:07:68:f1:2a:b2:ef:07:93:10:fc: 1f:a1:21:1f:2e:b9:37:ed:dd:86:42:e8:16:0f:96: 10:cb:f0:d1:79:5d:06:eb:ef:bc:e8:81:3c:f1:f8: 97:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:F4:EB:BA:59:F1:66:A6:05:9B:6C:FE:69:4D:8E:4D:12:36:1D:3E X509v3 Authority Key Identifier: keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:b0:df:dd:c0:1c:70:57:6e:23:ea:ea:9c:95:84:24:5c:46: b3:d0:6a:e8:a7:85:38:55:0d:c0:fa:52:45:51:b0:a4:64:4c: 44:b4:f0:31:00:24:26:fb:92:3f:d1:07:52:35:02:b1:82:89: eb:ba:35:c9:0e:e3:c5:a2:0b:64:b8:0b:c6:9c:77:ee:0d:c3: 89:fe:f6:b5:96:fe:28:d6:b9:e0:88:69:4a:be:b4:f7:9f:07: 6f:1c:f9:ec:26:9b:e7:d9:ce:b7:95:94:32:2a:44:01:20:b5: bc:82:d8:7f:92:90:b9:b0:24:8f:5f:07:f1:e4:f0:a6:6a:73: d5:2c:4a:36:16:4f:d7:b3:af:28:20:b3:f9:9c:95:d1:c4:d5: b6:00:c5:89:5a:7a:8b:33:38:34:23:e0:4a:2a:85:62:18:20: a1:49:4e:2c:36:76:82:91:ac:96:95:6a:4e:bf:49:e6:6c:cc: f2:39:ae:f6:16:1e:33:ec:8d:be:db:8b:c7:b2:c7:dd:35:f4: 81:4c:9c:1f:3e:82:52:d8:3e:2e:a0:3b:52:23:03:76:1b:22: 70:73:85:8b:0a:46:b9:be:07:c1:df:c0:cb:f5:ce:89:9a:a1: 22:f1:2b:66:87:25:ad:a2:82:82:93:67:5e:16:1a:c0:8a:cb: f0:b4:c6:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHH3cMFnyrYAzu1S451vPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4 NzQ0NzQwHhcNMjUxMjA2MTAwMjAxWhcNMjUxMjA3MTAwMjAxWjAzMTEwLwYDVQQD EyhiYWY0ZWJiYTU5ZjE2NmE2MDU5YjZjZmU2OTRkOGU0ZDEyMzYxZDNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9TfBwqiuGBzoeu8OMkojSUJN5wF 9LK52AVeTbU7I1Wr62YJRGYk5WpwjXoYd+Qbw6h58bJwjNiA3mAbZTsPAmvoIO0Q JXbm5R9+Z5zsB4PMWxmwM7EpQ17iuwhpRd5MTZbN3Y+zF8SicbMNZ9hzc7ty+pja bxal1joh2KnX0woySeLj/Wd/7sAf6v02yUIA3U8SsG0+wyBujT74UyX4PYC34hf+ 9DvM088j1EX9jdi3PkKDj2QkNQD/Q/GBHcJiltbs6aWudq8Apvud+FZgaO+iBsfm Ygdo8Sqy7weTEPwfoSEfLrk37d2GQugWD5YQy/DReV0G6++86IE88fiX9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLr067pZ8WamBZts/mlNjk0SNh0+MB8GA1UdIwQY MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQbDf3cAc cFduI+rqnJWEJFxGs9Bq6KeFOFUNwPpSRVGwpGRMRLTwMQAkJvuSP9EHUjUCsYKJ 67o1yQ7jxaILZLgLxpx37g3Dif72tZb+KNa54IhpSr60958Hbxz57Cab59nOt5WU MipEASC1vILYf5KQubAkj18H8eTwpmpz1SxKNhZP17OvKCCz+ZyV0cTVtgDFiVp6 izM4NCPgSiqFYhggoUlOLDZ2gpGslpVqTr9J5mzM8jmu9hYeM+yNvtuLx7LH3TX0 gUycHz6CUtg+LqA7UiMDdhsicHOFiwpGub4Hwd/Ay/XOiZqhIvErZoclraKCgpNn XhYawIrL8LTGFA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:13:42 2025 by rpki-client