This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft File: chgSXs-7IR7fwt4EcvlkqobL6Z4.mft (raw, json) Hash identifier: tpSCs8pNK/5S+nnXLJYTZv7RT/BpmxrAmzgHnsbVN1g= Subject key identifier: 0C:75:74:D1:EA:D1:07:3A:B4:9F:4E:6C:9F:5A:CE:E0:9A:F5:2D:49 Authority key identifier: 72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E Certificate issuer: /CN=7218125ecfbb211edfc2de0472f964aa86cbe99e Certificate serial: 019AF12D6CCB35A3D043F51CA5BE48CF4ADE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft Manifest number: 0E46 Signing time: Sat 06 Dec 2025 01:01:17 +0000 Manifest this update: Sat 06 Dec 2025 01:01:17 +0000 Manifest next update: Sun 07 Dec 2025 01:01:17 +0000 Files and hashes: 1: chgSXs-7IR7fwt4EcvlkqobL6Z4.crl (hash: 2W6gKmqbg6ZpFcNBzNgkrDsyWR+Vi25bnxQCvl3A3/o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:6c:cb:35:a3:d0:43:f5:1c:a5:be:48:cf:4a:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7218125ecfbb211edfc2de0472f964aa86cbe99e Validity Not Before: Dec 6 01:01:17 2025 GMT Not After : Dec 7 01:01:17 2025 GMT Subject: CN=0c7574d1ead1073ab49f4e6c9f5acee09af52d49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:06:29:90:b2:5a:fc:8f:43:f5:15:44:27:ec: 7f:e5:9a:c3:be:dc:d2:e6:a0:25:91:f8:47:5a:6d: 73:3f:a3:76:a1:71:5d:64:aa:1f:8e:6d:36:94:e8: 8f:76:c1:02:f0:9e:32:da:1d:00:57:1b:05:dd:3a: e5:5c:ea:e7:c8:e9:74:1a:b6:f3:79:ba:83:ef:f6: 74:03:68:83:b0:24:eb:98:e5:69:71:2d:f1:a0:63: 82:8a:b2:4f:c1:ea:51:a4:c5:84:e5:e6:d8:34:eb: e3:40:5a:dd:1d:54:ec:5a:55:49:60:ef:83:02:eb: f1:ac:b1:78:8a:ee:fc:03:eb:85:9b:62:8e:e9:51: 30:35:bb:a4:bd:ff:8e:ce:07:08:a9:90:f8:8c:d4: 69:eb:6f:39:d0:3b:3e:e3:3f:b5:f2:da:1a:45:8d: 52:49:e3:2c:cf:b6:f3:e9:25:53:8b:1b:7c:5e:c8: a1:47:f1:8f:c4:ce:f9:fa:6c:02:fb:54:69:88:ac: cd:47:92:e6:5d:53:28:cb:65:ae:d0:e7:24:6b:7f: dc:5e:81:79:57:44:0f:48:b4:3c:22:b5:16:27:d5: a2:3c:db:93:7e:5a:ac:85:14:35:5c:11:06:95:dc: 5a:37:29:fe:64:40:67:90:1f:1d:48:ee:8e:50:93: 0a:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:75:74:D1:EA:D1:07:3A:B4:9F:4E:6C:9F:5A:CE:E0:9A:F5:2D:49 X509v3 Authority Key Identifier: keyid:72:18:12:5E:CF:BB:21:1E:DF:C2:DE:04:72:F9:64:AA:86:CB:E9:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/chgSXs-7IR7fwt4EcvlkqobL6Z4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/37e5cb-d9ee-45d3-95ab-0db0fd74db32/1/chgSXs-7IR7fwt4EcvlkqobL6Z4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:9b:64:50:c6:10:4f:11:d9:4c:58:81:2d:8c:49:6f:cb:5b: 03:d1:ed:23:48:71:1a:11:90:7c:7e:62:18:90:29:38:88:0b: 86:96:15:be:7d:c6:f0:ca:e9:e9:23:d7:ee:03:11:40:f9:42: 56:be:e7:9a:04:26:ff:1e:a1:06:10:73:2f:1e:22:c3:ee:0a: 55:e8:14:5d:8b:89:6a:a8:ac:e4:aa:04:2c:1d:0f:70:66:28: f8:94:a0:c8:c5:d9:0f:2b:b3:98:11:e3:9d:f1:ce:80:be:92: 32:7c:f7:b0:84:2e:94:b2:02:50:c2:63:0d:14:22:72:93:37: b1:17:ac:5d:c1:62:78:a2:08:a9:13:60:98:f3:69:0f:f7:82: 4d:e4:0c:72:7c:ed:28:39:13:03:54:1a:f7:76:58:aa:b6:f2: 4f:85:eb:ad:b2:5a:27:a6:b7:89:fd:ea:2f:3c:c4:8e:ea:2c: 81:02:b7:a8:fc:6d:16:75:9b:2c:8b:83:4d:7c:e7:67:64:06: 67:b1:45:a2:d5:8f:ba:09:cb:86:01:b8:58:35:53:70:67:fa: 81:a9:b0:11:55:2f:b5:c3:d1:8c:f4:18:79:e8:98:14:6f:c3: 60:65:ca:9d:5a:4b:99:7e:d1:34:6c:07:aa:b2:35:34:3d:7a: 3a:2c:3e:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLWzLNaPQQ/Ucpb5Iz0reMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyMTgxMjVlY2ZiYjIxMWVkZmMyZGUwNDcyZjk2NGFhODZj YmU5OWUwHhcNMjUxMjA2MDEwMTE3WhcNMjUxMjA3MDEwMTE3WjAzMTEwLwYDVQQD EygwYzc1NzRkMWVhZDEwNzNhYjQ5ZjRlNmM5ZjVhY2VlMDlhZjUyZDQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAYpkLJa/I9D9RVEJ+x/5ZrDvtzS 5qAlkfhHWm1zP6N2oXFdZKofjm02lOiPdsEC8J4y2h0AVxsF3TrlXOrnyOl0Grbz ebqD7/Z0A2iDsCTrmOVpcS3xoGOCirJPwepRpMWE5ebYNOvjQFrdHVTsWlVJYO+D AuvxrLF4iu78A+uFm2KO6VEwNbukvf+OzgcIqZD4jNRp62850Ds+4z+18toaRY1S SeMsz7bz6SVTixt8XsihR/GPxM75+mwC+1RpiKzNR5LmXVMoy2Wu0Ocka3/cXoF5 V0QPSLQ8IrUWJ9WiPNuTflqshRQ1XBEGldxaNyn+ZEBnkB8dSO6OUJMKowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAx1dNHq0Qc6tJ9ObJ9azuCa9S1JMB8GA1UdIwQY MBaAFHIYEl7PuyEe38LeBHL5ZKqGy+meMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWIt MGRiMGZkNzRkYjMyLzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8zN2U1Y2ItZDllZS00NWQzLTk1YWItMGRiMGZkNzRkYjMy LzEvY2hnU1hzLTdJUjdmd3Q0RWN2bGtxb2JMNlo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh5tkUMYQ TxHZTFiBLYxJb8tbA9HtI0hxGhGQfH5iGJApOIgLhpYVvn3G8Mrp6SPX7gMRQPlC Vr7nmgQm/x6hBhBzLx4iw+4KVegUXYuJaqis5KoELB0PcGYo+JSgyMXZDyuzmBHj nfHOgL6SMnz3sIQulLICUMJjDRQicpM3sResXcFieKIIqRNgmPNpD/eCTeQMcnzt KDkTA1Qa93ZYqrbyT4XrrbJaJ6a3if3qLzzEjuosgQK3qPxtFnWbLIuDTXznZ2QG Z7FFotWPugnLhgG4WDVTcGf6gamwEVUvtcPRjPQYeeiYFG/DYGXKnVpLmX7RNGwH qrI1ND16Oiw+qw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:11:02 2025 by rpki-client