This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft File: RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json) Hash identifier: /AZQw1yr0j5OYNSRFTg7HFlECxBE9ROTXiREt7gEAhc= Subject key identifier: 6B:31:01:38:13:E1:A6:E1:FC:9D:1B:52:E3:AA:B1:D3:1B:DD:D0:8D Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83 Certificate issuer: /CN=44b14b1b3069f50c6e25c8a24afc61711d598583 Certificate serial: 019AF352886C206987997820D5AAA62C6458 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft Manifest number: 0221 Signing time: Sat 06 Dec 2025 11:01:03 +0000 Manifest this update: Sat 06 Dec 2025 11:01:03 +0000 Manifest next update: Sun 07 Dec 2025 11:01:03 +0000 Files and hashes: 1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: wvok0qHh2kCZGUV5g3B+e3qmR5QK//Fyxrgm7oTM5uc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:88:6c:20:69:87:99:78:20:d5:aa:a6:2c:64:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583 Validity Not Before: Dec 6 11:01:03 2025 GMT Not After : Dec 7 11:01:03 2025 GMT Subject: CN=6b31013813e1a6e1fc9d1b52e3aab1d31bddd08d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fc:43:05:35:c0:9d:d5:31:78:75:a7:dd:24:35: 6b:0c:aa:e7:36:22:6a:ea:71:a9:96:19:ef:58:60: 77:16:8a:91:9b:d1:ea:39:61:a2:d5:63:c3:1b:e8: a3:05:3c:57:12:df:7b:ab:86:45:60:07:0d:63:c3: 19:6f:0f:7a:5d:84:3e:1f:61:b8:92:b6:28:c9:33: e7:c2:48:f7:08:82:9a:44:51:bf:f2:bc:40:98:2e: 59:dc:7c:ae:ac:07:b9:c0:aa:fd:54:5b:60:4f:f8: 15:b8:0b:21:9f:89:c7:d4:df:2b:ad:98:8c:1a:df: 0d:20:9d:2a:48:bf:04:d7:11:09:33:67:ef:f9:8d: c4:65:78:90:7b:9d:c4:11:05:15:64:f8:e3:4e:7c: 3a:7d:ed:25:64:de:d3:46:58:0d:72:05:43:41:08: 49:91:a9:68:84:6d:ad:a1:a2:86:06:a8:a9:73:07: 03:a7:63:d4:ea:cc:b3:5e:87:3b:f1:7d:b2:10:24: e2:a0:ad:15:bc:a9:d0:a1:d0:39:8d:ef:a4:d3:e6: 1f:01:45:f0:e2:bc:6a:63:d5:df:ba:57:44:65:17: 3b:a8:d6:f6:6e:4d:fb:49:8c:5f:87:86:03:00:ed: 2f:f9:68:e2:2f:44:5d:49:fa:df:ad:45:93:95:e1: fe:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:31:01:38:13:E1:A6:E1:FC:9D:1B:52:E3:AA:B1:D3:1B:DD:D0:8D X509v3 Authority Key Identifier: keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:37:ad:08:27:da:1e:ad:f2:95:97:4a:82:4a:59:87:36:f5: 1e:83:f6:51:fc:34:c2:57:d2:7c:11:64:a6:f1:8b:da:3e:31: fc:30:17:fe:34:27:89:2e:86:6b:42:20:6a:13:41:38:de:3a: 35:ce:d2:40:be:9d:b1:5f:dc:db:12:9f:5e:7f:a1:30:cd:15: 74:b0:8c:78:69:10:c6:cd:29:a8:25:2f:88:2a:c7:30:18:6f: df:61:7c:cf:58:af:20:8a:00:83:1d:a6:f0:8a:91:77:6f:c4: 6c:06:d4:e5:ea:3d:f1:cf:8e:76:c1:e4:d5:bd:e6:37:29:11: 57:68:1e:04:91:65:d1:f7:78:13:46:73:ab:61:50:ad:22:91: 7a:d3:2c:33:3c:c8:ec:da:e8:5c:23:a1:05:85:f7:c0:6f:9e: 21:34:c2:a0:33:91:f6:85:c3:0c:d1:cd:68:c9:67:57:5b:ad: ea:c8:56:e7:0c:92:ce:69:03:bd:cb:dd:0e:2f:7b:a8:96:be: 3f:da:c4:64:0a:36:64:1d:ac:67:05:74:0a:1f:e3:b0:d3:e9: 9a:57:66:5c:ed:de:b1:aa:22:df:9c:18:f0:1f:27:ea:ab:d5: 1f:41:52:83:8a:82:00:3a:50:6a:bc:07:2e:e7:16:b3:54:da: 3a:49:92:77 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUohsIGmHmXgg1aqmLGRYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1 OTg1ODMwHhcNMjUxMjA2MTEwMTAzWhcNMjUxMjA3MTEwMTAzWjAzMTEwLwYDVQQD Eyg2YjMxMDEzODEzZTFhNmUxZmM5ZDFiNTJlM2FhYjFkMzFiZGRkMDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/EMFNcCd1TF4dafdJDVrDKrnNiJq 6nGplhnvWGB3FoqRm9HqOWGi1WPDG+ijBTxXEt97q4ZFYAcNY8MZbw96XYQ+H2G4 krYoyTPnwkj3CIKaRFG/8rxAmC5Z3HyurAe5wKr9VFtgT/gVuAshn4nH1N8rrZiM Gt8NIJ0qSL8E1xEJM2fv+Y3EZXiQe53EEQUVZPjjTnw6fe0lZN7TRlgNcgVDQQhJ kalohG2toaKGBqipcwcDp2PU6syzXoc78X2yECTioK0VvKnQodA5je+k0+YfAUXw 4rxqY9XfuldEZRc7qNb2bk37SYxfh4YDAO0v+WjiL0RdSfrfrUWTleH+TQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGsxATgT4abh/J0bUuOqsdMb3dCNMB8GA1UdIwQY MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASjetCCfa Hq3ylZdKgkpZhzb1HoP2Ufw0wlfSfBFkpvGL2j4x/DAX/jQniS6Ga0IgahNBON46 Nc7SQL6dsV/c2xKfXn+hMM0VdLCMeGkQxs0pqCUviCrHMBhv32F8z1ivIIoAgx2m 8IqRd2/EbAbU5eo98c+OdsHk1b3mNykRV2geBJFl0fd4E0Zzq2FQrSKRetMsMzzI 7NroXCOhBYX3wG+eITTCoDOR9oXDDNHNaMlnV1ut6shW5wySzmkDvcvdDi97qJa+ P9rEZAo2ZB2sZwV0Ch/jsNPpmldmXO3esaoi35wY8B8n6qvVH0FSg4qCADpQarwH LucWs1TaOkmSdw== -----END CERTIFICATE-----Generated at Sat Dec 6 15:11:37 2025 by rpki-client