This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft File: V3l3onVhz5BYpS5GDJSZSAVb3T0.mft (raw, json) Hash identifier: egfftF2G59U4OvOc8rPIfQvPOJjJWEmASzMYEEBCMq0= Subject key identifier: 7D:12:1F:55:E3:A3:BE:A4:D6:06:7B:F0:5E:0F:9D:BE:BD:66:A7:A7 Authority key identifier: 57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D Certificate issuer: /CN=577977a27561cf9058a52e460c949948055bdd3d Certificate serial: 019AF31D6078588A795260C6197359B51B07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft Manifest number: 0970 Signing time: Sat 06 Dec 2025 10:03:00 +0000 Manifest this update: Sat 06 Dec 2025 10:03:00 +0000 Manifest next update: Sun 07 Dec 2025 10:03:00 +0000 Files and hashes: 1: V3l3onVhz5BYpS5GDJSZSAVb3T0.crl (hash: zj82JpafK0iL7QGwUZMY+E29eUB9bdKr2Aze4XKo8bY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:60:78:58:8a:79:52:60:c6:19:73:59:b5:1b:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=577977a27561cf9058a52e460c949948055bdd3d Validity Not Before: Dec 6 10:03:00 2025 GMT Not After : Dec 7 10:03:00 2025 GMT Subject: CN=7d121f55e3a3bea4d6067bf05e0f9dbebd66a7a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:38:d7:95:94:fe:e6:6a:9c:36:09:b3:60:7b: 25:44:fa:da:e6:5a:49:01:fd:39:4a:bc:6f:f6:14: 6f:17:9c:cb:33:70:17:bd:fe:92:92:ab:fc:e8:18: 3e:a8:18:b1:59:75:ae:be:49:73:be:76:00:14:e3: db:9f:65:b5:db:8c:6c:d5:61:6f:60:c1:d9:80:2b: a2:25:ca:05:24:4f:6d:1f:18:8e:ff:9d:54:f8:8c: b0:be:92:81:1b:26:ef:3d:50:47:f6:ba:a5:d3:38: 42:29:fd:90:c8:89:02:a4:a8:f0:92:54:1a:78:0e: 63:76:10:25:74:15:98:ab:6c:ec:bf:bc:4a:17:0f: cb:76:8b:d0:7d:2c:95:ba:b6:0e:cd:b2:e3:5a:ae: 5b:f2:bd:91:16:d4:34:57:cd:3e:c1:38:b3:d4:3b: f8:ac:d3:a8:fc:c8:8d:a7:90:a6:6f:e8:29:40:07: d9:a5:20:f9:e8:a6:3a:b3:a7:f4:bf:26:69:ec:2f: d5:d3:49:81:db:5b:22:6a:a5:1d:3c:2f:07:24:c2: cf:6e:77:93:b8:58:16:ef:ce:3e:c7:f5:6d:92:96: 73:f1:e0:d4:01:db:f9:12:75:aa:5f:fa:5a:83:4d: 42:e7:1e:ab:4a:f5:27:16:cc:ee:1c:bd:f2:5f:fc: 23:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:12:1F:55:E3:A3:BE:A4:D6:06:7B:F0:5E:0F:9D:BE:BD:66:A7:A7 X509v3 Authority Key Identifier: keyid:57:79:77:A2:75:61:CF:90:58:A5:2E:46:0C:94:99:48:05:5B:DD:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3l3onVhz5BYpS5GDJSZSAVb3T0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/de78c9-a5fa-4385-9edf-54f72d7f5c20/1/V3l3onVhz5BYpS5GDJSZSAVb3T0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:81:2c:0d:f3:49:9d:39:04:8b:52:9b:6b:3c:bc:52:10:8b: d5:d8:9c:d7:d6:0c:9c:9d:16:5e:48:a9:ea:36:df:04:98:40: a7:2d:52:d8:ba:79:1a:c8:bb:3f:04:c3:2d:37:2e:19:64:53: 1c:34:f6:b0:f7:33:05:df:2b:3e:2d:af:fe:00:9c:10:48:b9: e7:d4:b8:cf:ac:e5:c3:e3:b1:db:cc:61:62:38:6c:0e:fc:3a: 72:26:26:57:a0:e7:2f:25:3e:61:32:a5:c4:c7:2c:d7:ef:a0: 81:98:46:88:12:3a:b3:69:4b:4f:fb:77:11:f9:97:22:86:78: 69:30:da:ef:e3:66:b2:fc:0a:17:93:8c:3b:64:df:40:73:c1: ea:79:9d:57:c5:aa:f2:83:19:4b:57:de:49:8b:8f:57:51:67: 4e:49:a7:fc:20:3b:10:42:0c:09:40:c3:df:06:eb:e0:7f:86: 99:63:94:9f:33:e1:3b:b4:04:d6:31:3b:58:e6:e4:a7:c5:8f: 49:91:61:c6:97:de:dc:fa:b9:02:e2:b9:bf:b1:2d:2b:7f:ff: c5:bf:18:48:06:5e:43:7f:2c:7a:0d:38:61:85:05:d1:1b:8a: 37:3f:b9:72:7e:c7:f2:87:7e:3c:42:01:8c:9e:90:c7:c1:e8: 11:cd:fc:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHWB4WIp5UmDGGXNZtRsHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3Nzk3N2EyNzU2MWNmOTA1OGE1MmU0NjBjOTQ5OTQ4MDU1 YmRkM2QwHhcNMjUxMjA2MTAwMzAwWhcNMjUxMjA3MTAwMzAwWjAzMTEwLwYDVQQD Eyg3ZDEyMWY1NWUzYTNiZWE0ZDYwNjdiZjA1ZTBmOWRiZWJkNjZhN2E3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTjXlZT+5mqcNgmzYHslRPra5lpJ Af05Srxv9hRvF5zLM3AXvf6Skqv86Bg+qBixWXWuvklzvnYAFOPbn2W124xs1WFv YMHZgCuiJcoFJE9tHxiO/51U+IywvpKBGybvPVBH9rql0zhCKf2QyIkCpKjwklQa eA5jdhAldBWYq2zsv7xKFw/LdovQfSyVurYOzbLjWq5b8r2RFtQ0V80+wTiz1Dv4 rNOo/MiNp5Cmb+gpQAfZpSD56KY6s6f0vyZp7C/V00mB21siaqUdPC8HJMLPbneT uFgW784+x/VtkpZz8eDUAdv5EnWqX/pag01C5x6rSvUnFszuHL3yX/wjbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH0SH1Xjo76k1gZ78F4Pnb69ZqenMB8GA1UdIwQY MBaAFFd5d6J1Yc+QWKUuRgyUmUgFW909MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYt NTRmNzJkN2Y1YzIwLzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS9kZTc4YzktYTVmYS00Mzg1LTllZGYtNTRmNzJkN2Y1YzIw LzEvVjNsM29uVmh6NUJZcFM1R0RKU1pTQVZiM1QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhYEsDfNJ nTkEi1Kbazy8UhCL1dic19YMnJ0WXkip6jbfBJhApy1S2Lp5Gsi7PwTDLTcuGWRT HDT2sPczBd8rPi2v/gCcEEi559S4z6zlw+Ox28xhYjhsDvw6ciYmV6DnLyU+YTKl xMcs1++ggZhGiBI6s2lLT/t3EfmXIoZ4aTDa7+NmsvwKF5OMO2TfQHPB6nmdV8Wq 8oMZS1feSYuPV1FnTkmn/CA7EEIMCUDD3wbr4H+GmWOUnzPhO7QE1jE7WObkp8WP SZFhxpfe3Pq5AuK5v7EtK3//xb8YSAZeQ38seg04YYUF0RuKNz+5cn7H8od+PEIB jJ6Qx8HoEc38JA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:36:26 2025 by rpki-client