This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft File: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json) Hash identifier: xeOld4OcXZLiI4i+GqPQCl7RJIUEXf6tc13MD0i9Flw= Subject key identifier: 8D:3F:DA:65:FB:A7:6A:8A:BC:48:C7:B3:F0:25:59:D1:00:D0:C9:7B Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE Certificate issuer: /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce Certificate serial: 019B3EDA19B5789CB50D3BE165A97827E899 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft Manifest number: 1715 Signing time: Sun 21 Dec 2025 03:00:39 +0000 Manifest this update: Sun 21 Dec 2025 03:00:39 +0000 Manifest next update: Mon 22 Dec 2025 03:00:39 +0000 Files and hashes: 1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: GIn+/86s+boNAk+7GSZ3q+oR7NM2jXbLycN8q/nkudg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:19:b5:78:9c:b5:0d:3b:e1:65:a9:78:27:e8:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce Validity Not Before: Dec 21 03:00:39 2025 GMT Not After : Dec 22 03:00:39 2025 GMT Subject: CN=8d3fda65fba76a8abc48c7b3f02559d100d0c97b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:4a:3e:8f:7e:eb:ae:06:bc:cf:d7:fc:02:b7: 24:60:8a:74:f2:d0:73:8c:26:eb:74:7f:ff:7d:2d: b6:2f:d6:17:9b:2e:25:8d:33:2e:f2:ec:ec:58:f4: 04:b8:54:59:44:76:1f:4a:10:03:21:a7:2e:f5:2c: 61:a9:d3:ec:af:76:87:38:19:ba:ec:23:06:a1:b0: d7:c9:e4:0d:de:35:06:a5:14:e7:5a:61:c2:90:04: 17:93:a8:66:07:47:79:29:5c:2a:42:46:c2:f9:8e: fc:21:ff:16:98:5b:d4:7e:c0:2a:d3:5a:1f:36:82: 33:57:b3:cd:90:e9:5e:30:60:d8:7f:82:3c:42:43: 34:70:95:9d:0d:d2:7a:af:78:15:1f:02:bd:8d:19: 6c:9e:ce:88:f8:e0:60:68:1b:4a:df:dc:9b:f0:d4: 6b:e4:51:6e:31:e8:7c:47:4d:3c:71:46:c4:78:0c: 6b:50:b7:24:6f:84:91:3c:a2:68:01:be:07:c7:43: 28:ae:a8:d0:4d:c2:34:5e:f6:c1:f8:d1:7f:f0:d8: c3:0c:0d:45:fb:f4:d3:e0:58:1d:4b:a5:37:04:67: 76:e0:21:1c:d4:99:34:34:23:79:e6:50:fc:79:93: 9b:5e:8b:9a:6d:16:92:0a:14:97:9a:9e:5d:24:5f: 3b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:3F:DA:65:FB:A7:6A:8A:BC:48:C7:B3:F0:25:59:D1:00:D0:C9:7B X509v3 Authority Key Identifier: keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:a4:59:05:9b:6f:5f:81:cd:9b:04:de:a9:e9:28:32:96:b0: ea:08:25:d1:31:a9:09:3b:e5:d8:43:0e:97:03:f9:f8:03:df: 9b:44:bb:5d:d5:28:c4:b3:72:4c:f0:d9:c6:66:83:6b:c5:12: ab:36:c8:ae:ee:a9:92:4b:73:c0:46:b4:9c:a8:af:9e:0a:f4: 41:91:33:94:42:d3:5f:8f:41:ff:fa:df:f7:11:76:34:23:ce: c5:4b:5a:a8:02:d4:a0:60:9d:f8:0c:85:55:65:2f:19:7c:18: f3:3a:3c:81:0e:af:1a:3e:fd:e5:c3:2d:a8:1b:d6:80:ef:7b: be:5b:0d:4a:86:d3:50:2e:d7:d7:b8:d6:d0:e8:a9:5e:87:0b: 7e:db:03:23:c4:77:ce:f5:3b:59:99:1a:e8:dc:51:0b:ab:5d: 6b:b4:d3:7c:fb:e5:f1:3f:12:43:80:5f:c4:d1:d6:55:94:c2: 90:32:34:ae:1f:75:52:bd:88:fb:db:c3:62:75:2c:e9:43:14: 4a:2a:c2:a1:1b:52:30:89:08:d9:12:d5:c9:88:2d:8e:42:17: 42:9b:3d:65:36:24:46:73:0a:88:74:7a:d8:05:9a:0b:b5:3f: 56:f6:56:2e:d0:ff:83:24:47:3d:0a:13:2e:16:c4:21:15:c1: 61:f0:05:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2hm1eJy1DTvhZal4J+iZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0 NDkyY2UwHhcNMjUxMjIxMDMwMDM5WhcNMjUxMjIyMDMwMDM5WjAzMTEwLwYDVQQD Eyg4ZDNmZGE2NWZiYTc2YThhYmM0OGM3YjNmMDI1NTlkMTAwZDBjOTdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUo+j37rrga8z9f8ArckYIp08tBz jCbrdH//fS22L9YXmy4ljTMu8uzsWPQEuFRZRHYfShADIacu9SxhqdPsr3aHOBm6 7CMGobDXyeQN3jUGpRTnWmHCkAQXk6hmB0d5KVwqQkbC+Y78If8WmFvUfsAq01of NoIzV7PNkOleMGDYf4I8QkM0cJWdDdJ6r3gVHwK9jRlsns6I+OBgaBtK39yb8NRr 5FFuMeh8R008cUbEeAxrULckb4SRPKJoAb4Hx0MorqjQTcI0XvbB+NF/8NjDDA1F +/TT4FgdS6U3BGd24CEc1Jk0NCN55lD8eZObXouabRaSChSXmp5dJF87TwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI0/2mX7p2qKvEjHs/AlWdEA0Ml7MB8GA1UdIwQY MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVKRZBZtv X4HNmwTeqekoMpaw6ggl0TGpCTvl2EMOlwP5+APfm0S7XdUoxLNyTPDZxmaDa8US qzbIru6pkktzwEa0nKivngr0QZEzlELTX49B//rf9xF2NCPOxUtaqALUoGCd+AyF VWUvGXwY8zo8gQ6vGj795cMtqBvWgO97vlsNSobTUC7X17jW0OipXocLftsDI8R3 zvU7WZka6NxRC6tda7TTfPvl8T8SQ4BfxNHWVZTCkDI0rh91Ur2I+9vDYnUs6UMU SirCoRtSMIkI2RLVyYgtjkIXQps9ZTYkRnMKiHR62AWaC7U/VvZWLtD/gyRHPQoT LhbEIRXBYfAF9A== -----END CERTIFICATE-----Generated at Sun Dec 21 06:52:51 2025 by rpki-client