This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft File: 7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json) Hash identifier: 7d5DD+IR3mjJzMHPvNYlpPVPiXd+fvHqrG3hmZHwsfQ= Subject key identifier: 45:64:5B:6C:BD:97:40:7D:D8:F1:15:CD:50:AD:51:E7:88:E2:89:31 Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16 Certificate issuer: /CN=edf044c363d788e74334e136e03cc7fd1e49a216 Certificate serial: 019AF12DAA0873B4DAE092EFA397E2BFE6C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft Manifest number: 09D7 Signing time: Sat 06 Dec 2025 01:01:32 +0000 Manifest this update: Sat 06 Dec 2025 01:01:32 +0000 Manifest next update: Sun 07 Dec 2025 01:01:32 +0000 Files and hashes: 1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: x72lU37H8rIZ2QfsRFna4FjUh7ISXw4x38/z6uiLPT4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:aa:08:73:b4:da:e0:92:ef:a3:97:e2:bf:e6:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216 Validity Not Before: Dec 6 01:01:32 2025 GMT Not After : Dec 7 01:01:32 2025 GMT Subject: CN=45645b6cbd97407dd8f115cd50ad51e788e28931 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:8d:76:f7:d5:d8:37:cc:09:03:3c:98:a6:35: 70:fe:2d:96:c5:f6:88:03:03:96:64:38:07:6c:3a: 2d:ec:36:36:f6:23:d3:0a:0d:75:7f:25:cf:14:c5: d5:e2:c8:a3:40:a5:e4:e6:e5:09:57:34:0b:a5:c6: 5e:33:eb:d5:e8:40:04:1f:4a:c3:1b:10:41:5f:c4: 7c:50:e1:9d:1a:19:36:bc:29:32:79:1b:94:dc:e0: 3c:9e:96:22:0a:f3:7d:d3:a7:b1:79:43:bd:be:7a: 08:26:c4:24:6a:5b:14:88:f1:61:6b:3c:a5:46:27: ea:c6:39:9b:62:6f:de:8f:13:f2:68:3c:4e:51:31: 90:54:55:6a:4f:1c:9e:d2:41:a8:5b:d9:12:fa:73: c8:35:12:8a:04:5e:da:1c:6c:f9:8b:74:c4:2a:5a: a2:90:56:44:ca:68:20:b1:c7:31:6f:f4:eb:d2:31: 29:d3:65:bc:d4:8e:0b:c5:97:05:74:3c:05:6b:81: b2:d8:92:e9:84:d2:7c:66:98:1f:55:4e:b5:39:21: f9:87:02:fc:5c:e1:af:13:f3:60:98:79:1c:28:d5: 62:0b:b1:7b:bd:a3:27:dc:78:42:9a:f3:6b:e7:f4: 7e:30:6f:09:f7:f9:24:46:69:ae:72:9c:f3:c0:61: 8f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:64:5B:6C:BD:97:40:7D:D8:F1:15:CD:50:AD:51:E7:88:E2:89:31 X509v3 Authority Key Identifier: keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:4c:d2:61:12:9c:4f:99:2f:26:db:cd:ab:f3:0a:8e:98:c4: 7a:ba:1e:82:40:17:b6:80:fb:36:46:09:78:3d:96:f0:02:20: 60:51:18:9a:11:0d:9c:e2:40:fb:9c:59:c6:d9:2f:f5:62:ac: ed:cb:0f:83:3c:ad:44:1e:78:48:bd:0b:98:8c:74:ec:a5:22: b7:0b:5f:e5:6d:1c:6a:2b:0e:ff:9d:ef:42:00:f5:4e:88:04: 12:8c:9a:6b:dd:6a:7a:d6:d4:f0:e7:c1:e1:f0:55:7b:03:22: f9:f3:5a:a8:ba:81:16:c4:f1:39:6a:6c:5d:e4:bf:d3:3c:90: fe:bf:86:ed:ef:b2:c2:bc:e9:e0:e8:62:7e:db:3e:48:0c:e0: c8:f7:2d:f5:b9:94:b5:12:b6:bb:fe:6c:a4:3a:5a:30:0f:81: 16:99:e4:f4:76:e4:dd:fd:78:1c:e5:98:ed:2e:bc:e4:2b:ff: 71:1b:a7:3d:31:b5:7b:ea:ae:6f:53:b1:6e:1c:45:23:72:1c: 00:33:49:fb:7b:fb:da:96:2e:79:91:bc:ce:d9:a7:1f:e1:07: 67:f8:3b:d7:8a:27:44:4e:33:c1:33:81:a7:f9:af:b2:c9:ab: 6f:2a:6a:dd:ad:a5:4e:03:51:fb:23:22:6a:6f:bb:ea:f3:0f: ec:3c:6b:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLaoIc7Ta4JLvo5fiv+bGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0 OWEyMTYwHhcNMjUxMjA2MDEwMTMyWhcNMjUxMjA3MDEwMTMyWjAzMTEwLwYDVQQD Eyg0NTY0NWI2Y2JkOTc0MDdkZDhmMTE1Y2Q1MGFkNTFlNzg4ZTI4OTMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx41299XYN8wJAzyYpjVw/i2WxfaI AwOWZDgHbDot7DY29iPTCg11fyXPFMXV4sijQKXk5uUJVzQLpcZeM+vV6EAEH0rD GxBBX8R8UOGdGhk2vCkyeRuU3OA8npYiCvN906exeUO9vnoIJsQkalsUiPFhazyl RifqxjmbYm/ejxPyaDxOUTGQVFVqTxye0kGoW9kS+nPINRKKBF7aHGz5i3TEKlqi kFZEymggsccxb/Tr0jEp02W81I4LxZcFdDwFa4Gy2JLphNJ8ZpgfVU61OSH5hwL8 XOGvE/NgmHkcKNViC7F7vaMn3HhCmvNr5/R+MG8J9/kkRmmucpzzwGGPywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEVkW2y9l0B92PEVzVCtUeeI4okxMB8GA1UdIwQY MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHUzSYRKc T5kvJtvNq/MKjpjEeroegkAXtoD7NkYJeD2W8AIgYFEYmhENnOJA+5xZxtkv9WKs 7csPgzytRB54SL0LmIx07KUitwtf5W0caisO/53vQgD1TogEEoyaa91qetbU8OfB 4fBVewMi+fNaqLqBFsTxOWpsXeS/0zyQ/r+G7e+ywrzp4Ohifts+SAzgyPct9bmU tRK2u/5spDpaMA+BFpnk9Hbk3f14HOWY7S685Cv/cRunPTG1e+qub1OxbhxFI3Ic ADNJ+3v72pYueZG8ztmnH+EHZ/g714onRE4zwTOBp/mvssmrbypq3a2lTgNR+yMi am+76vMP7Dxr7A== -----END CERTIFICATE-----Generated at Sat Dec 6 10:07:07 2025 by rpki-client