This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/616f03-424e-4910-abe1-0388a266160b/1/VBZ4w3ofkzQxT-6lgyXqeUCvD10.mft File: VBZ4w3ofkzQxT-6lgyXqeUCvD10.mft (raw, json) Hash identifier: uzkN95XRUmzikTuaNWd0f1Lb9Yq1DwDcaNlIYUj4NGc= Subject key identifier: 8E:57:F2:3E:93:4E:DC:B9:42:0D:03:35:D8:84:4A:4A:FF:86:F5:07 Authority key identifier: 54:16:78:C3:7A:1F:93:34:31:4F:EE:A5:83:25:EA:79:40:AF:0F:5D Certificate issuer: /CN=541678c37a1f9334314feea58325ea7940af0f5d Certificate serial: 019AF19AA60B6D86125A291DA745A5133853 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VBZ4w3ofkzQxT-6lgyXqeUCvD10.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/616f03-424e-4910-abe1-0388a266160b/1/VBZ4w3ofkzQxT-6lgyXqeUCvD10.mft Manifest number: 13DC Signing time: Sat 06 Dec 2025 03:00:35 +0000 Manifest this update: Sat 06 Dec 2025 03:00:35 +0000 Manifest next update: Sun 07 Dec 2025 03:00:35 +0000 Files and hashes: 1: VBZ4w3ofkzQxT-6lgyXqeUCvD10.crl (hash: LC1dJTFmqDj9ZQgBKt1VSIpbIxFdf6zOvyAZh3DgDHo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/616f03-424e-4910-abe1-0388a266160b/1/VBZ4w3ofkzQxT-6lgyXqeUCvD10.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/616f03-424e-4910-abe1-0388a266160b/1/VBZ4w3ofkzQxT-6lgyXqeUCvD10.mft rsync://rpki.ripe.net/repository/DEFAULT/VBZ4w3ofkzQxT-6lgyXqeUCvD10.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:a6:0b:6d:86:12:5a:29:1d:a7:45:a5:13:38:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=541678c37a1f9334314feea58325ea7940af0f5d Validity Not Before: Dec 6 03:00:35 2025 GMT Not After : Dec 7 03:00:35 2025 GMT Subject: CN=8e57f23e934edcb9420d0335d8844a4aff86f507 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d3:7a:75:e5:86:28:6f:5d:54:42:7b:0f:17: e1:57:08:e0:5a:a5:f2:9d:6e:33:5f:52:1a:da:58: e5:de:73:69:ba:1e:59:55:4f:45:e2:f0:15:e1:ea: d3:01:49:fc:94:f6:13:ec:f4:29:bf:44:c7:30:68: 30:0a:1d:c8:86:c2:8d:e3:76:1b:34:32:ff:e7:56: 0b:2e:54:a6:b6:a9:8a:04:9c:fb:7c:0f:ea:7a:2a: 3a:06:bf:94:ff:d1:ed:1e:85:0c:9f:11:09:17:32: 8f:9b:7d:cc:d9:3e:c1:98:59:ee:7b:f2:c1:b1:d9: 21:3d:61:6b:b0:65:8e:d7:cc:ab:88:71:94:93:e5: 9e:7e:44:d9:13:55:1e:2b:9e:b0:ae:bf:d1:9d:9b: 4b:af:8a:44:4c:29:1a:c0:c5:59:fa:e8:90:fa:29: f0:41:0b:63:55:34:60:de:10:36:42:ad:c4:92:02: b7:ae:6f:28:2e:a4:f7:b9:05:49:93:63:8e:88:11: f2:04:c6:05:39:ed:61:73:1d:73:60:c9:ed:19:96: 79:86:33:93:19:7a:2e:59:55:64:9d:6d:7d:81:5a: f9:8b:98:4c:49:0a:cf:35:b6:b4:07:6e:0c:fc:12: d3:98:cb:41:06:d0:6c:3a:c5:d0:93:48:bb:d9:43: 66:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:57:F2:3E:93:4E:DC:B9:42:0D:03:35:D8:84:4A:4A:FF:86:F5:07 X509v3 Authority Key Identifier: keyid:54:16:78:C3:7A:1F:93:34:31:4F:EE:A5:83:25:EA:79:40:AF:0F:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VBZ4w3ofkzQxT-6lgyXqeUCvD10.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/616f03-424e-4910-abe1-0388a266160b/1/VBZ4w3ofkzQxT-6lgyXqeUCvD10.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/616f03-424e-4910-abe1-0388a266160b/1/VBZ4w3ofkzQxT-6lgyXqeUCvD10.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:a0:b7:9d:a7:a1:b0:8f:6d:dc:a9:d7:4e:78:f1:99:d6:a8: b3:e5:c3:49:5c:1d:72:e0:36:14:2e:f6:15:8a:50:77:ce:2b: a3:39:94:5d:7f:66:9e:5e:bf:46:a9:48:2d:a4:00:d5:e2:7e: 80:5c:18:58:17:f4:db:93:b0:ba:86:7d:97:a9:cd:cc:54:c2: 51:d6:f8:37:4d:47:da:68:6f:67:36:31:e1:d1:1f:54:14:3e: 50:22:0c:5a:54:6f:0a:33:19:81:7c:9c:dc:71:6b:f2:2f:22: 0b:74:d8:88:22:99:e4:22:8d:5b:2d:d8:c3:ee:10:9a:bf:d7: 62:f4:47:93:43:0e:2f:4e:28:6c:e5:a2:63:59:27:56:df:52: cd:3d:fa:52:29:e5:75:18:b6:93:79:75:8d:af:06:31:e0:4b: 40:b8:6c:20:43:95:89:b4:8c:3f:57:1d:0c:9d:9d:b4:29:f7: 1c:d0:55:56:fc:4e:f3:2d:03:c9:59:e2:6b:07:5b:e7:2c:57: f6:d5:b6:9a:07:02:31:8b:9b:47:07:d7:1d:82:fe:02:46:98: 79:9a:b5:b2:dc:a6:b1:e8:ff:5e:dc:5d:74:a7:08:6c:f3:6a: 27:0d:de:f4:de:2a:39:e4:b8:2f:01:8d:20:4e:30:38:1b:b2: 1e:13:27:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmqYLbYYSWikdp0WlEzhTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0MTY3OGMzN2ExZjkzMzQzMTRmZWVhNTgzMjVlYTc5NDBh ZjBmNWQwHhcNMjUxMjA2MDMwMDM1WhcNMjUxMjA3MDMwMDM1WjAzMTEwLwYDVQQD Eyg4ZTU3ZjIzZTkzNGVkY2I5NDIwZDAzMzVkODg0NGE0YWZmODZmNTA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstN6deWGKG9dVEJ7DxfhVwjgWqXy nW4zX1Ia2ljl3nNpuh5ZVU9F4vAV4erTAUn8lPYT7PQpv0THMGgwCh3IhsKN43Yb NDL/51YLLlSmtqmKBJz7fA/qeio6Br+U/9HtHoUMnxEJFzKPm33M2T7BmFnue/LB sdkhPWFrsGWO18yriHGUk+WefkTZE1UeK56wrr/RnZtLr4pETCkawMVZ+uiQ+inw QQtjVTRg3hA2Qq3EkgK3rm8oLqT3uQVJk2OOiBHyBMYFOe1hcx1zYMntGZZ5hjOT GXouWVVknW19gVr5i5hMSQrPNba0B24M/BLTmMtBBtBsOsXQk0i72UNmowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI5X8j6TTty5Qg0DNdiESkr/hvUHMB8GA1UdIwQY MBaAFFQWeMN6H5M0MU/upYMl6nlArw9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkJaNHczb2ZrelF4VC02bGd5WHFlVUN2RDEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MTZmMDMtNDI0ZS00OTEwLWFiZTEt MDM4OGEyNjYxNjBiLzEvVkJaNHczb2ZrelF4VC02bGd5WHFlVUN2RDEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi82MTZmMDMtNDI0ZS00OTEwLWFiZTEtMDM4OGEyNjYxNjBi LzEvVkJaNHczb2ZrelF4VC02bGd5WHFlVUN2RDEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH6C3naeh sI9t3KnXTnjxmdaos+XDSVwdcuA2FC72FYpQd84rozmUXX9mnl6/RqlILaQA1eJ+ gFwYWBf025OwuoZ9l6nNzFTCUdb4N01H2mhvZzYx4dEfVBQ+UCIMWlRvCjMZgXyc 3HFr8i8iC3TYiCKZ5CKNWy3Yw+4Qmr/XYvRHk0MOL04obOWiY1knVt9SzT36Uinl dRi2k3l1ja8GMeBLQLhsIEOVibSMP1cdDJ2dtCn3HNBVVvxO8y0DyVniawdb5yxX 9tW2mgcCMYubRwfXHYL+AkaYeZq1stymsej/XtxddKcIbPNqJw3e9N4qOeS4LwGN IE4wOBuyHhMnyw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:18:18 2025 by rpki-client