This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft File: pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json) Hash identifier: yY3d6WN3/pq2JKk+XL4xTMYY8FT4SLdAlEe+OFWFGWM= Subject key identifier: 37:F7:2D:D9:4B:A8:DD:B9:C4:E4:D4:46:A7:CC:BF:85:E5:D4:E1:6B Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA Certificate issuer: /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa Certificate serial: 019B3D5A4185B69366BDF67FF31E64B72511 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft Manifest number: 1180 Signing time: Sat 20 Dec 2025 20:01:23 +0000 Manifest this update: Sat 20 Dec 2025 20:01:23 +0000 Manifest next update: Sun 21 Dec 2025 20:01:23 +0000 Files and hashes: 1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: 70mH4F/boByD2pjRTwvWbDsndBKHrTX99MjpbtkjWHI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:5a:41:85:b6:93:66:bd:f6:7f:f3:1e:64:b7:25:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa Validity Not Before: Dec 20 20:01:23 2025 GMT Not After : Dec 21 20:01:23 2025 GMT Subject: CN=37f72dd94ba8ddb9c4e4d446a7ccbf85e5d4e16b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7c:90:be:66:5d:21:2f:9a:e0:0c:b5:32:46: f3:9d:04:53:6e:35:43:b0:45:9f:af:2b:ae:b0:08: aa:e3:2e:9e:26:18:bd:58:da:32:68:46:b9:c9:da: 75:16:63:e0:bd:39:47:64:0a:4b:47:90:1c:7d:ad: 29:ea:97:55:3c:c9:9c:8e:8b:ef:c7:7c:a8:2a:22: 37:2a:74:7c:88:6d:34:30:e1:cb:ee:8d:1a:f5:4e: 3e:0c:31:1c:2b:a0:38:00:0b:52:19:1e:36:f7:97: 44:08:58:87:32:6a:f6:1e:e7:8a:11:05:03:75:99: 02:eb:80:56:ad:3a:11:0e:b1:4a:f4:3f:c9:ed:89: b5:79:73:8a:8a:48:c6:d5:49:8a:8e:bf:1a:b2:3b: df:c0:46:9b:1c:07:62:a8:9a:b6:42:e8:ec:d3:82: fd:f5:0c:8e:c3:ef:da:54:fc:39:97:d8:86:1a:6b: 56:8a:8c:8a:44:49:30:9b:01:39:4e:6e:1b:0d:17: 17:13:14:53:2c:58:4f:a3:d8:af:a8:b4:69:2d:f0: 74:ed:64:a7:d8:46:16:5c:c8:d3:a1:6a:fb:b6:32: bb:22:88:35:b7:a8:f2:a6:6b:6a:b3:90:77:5f:a4: 46:af:fb:6d:d0:02:b1:b5:a9:cd:31:d9:95:54:15: da:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:F7:2D:D9:4B:A8:DD:B9:C4:E4:D4:46:A7:CC:BF:85:E5:D4:E1:6B X509v3 Authority Key Identifier: keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:0a:70:c5:41:8e:04:1d:57:83:95:0e:f8:57:cb:57:17:70: 22:f6:d6:17:f6:e8:1a:3b:f8:98:96:48:49:91:fb:c0:c4:cb: db:fe:6b:54:06:2f:9b:60:4f:5b:78:f4:e4:41:f5:4f:d3:32: b4:de:65:1c:04:ed:54:9c:31:2d:e1:b3:32:a2:a4:77:78:2c: 8e:c7:c3:45:36:e3:06:2d:1f:c4:ee:bc:bc:60:02:a1:dd:d5: 8f:37:49:40:07:95:ac:76:f6:b4:7e:f8:77:c9:81:9e:dd:46: 63:de:6a:55:30:05:21:4e:0f:7d:38:5f:c9:79:bc:34:a8:f1: f8:95:84:6e:67:2f:1a:bf:05:df:9d:a2:ab:28:7d:1c:d0:1e: 84:ec:15:2a:9c:1f:4c:48:98:6d:99:9d:05:51:16:67:22:50: 3a:2d:ca:d7:f9:dc:70:12:50:87:82:7a:5e:78:79:29:b3:11: 8f:df:eb:57:6a:c0:44:06:90:03:f3:cf:ca:e6:9e:73:8b:9d: 2c:bd:96:4e:d3:15:b4:ca:b4:4f:23:1c:24:44:38:da:16:3c: bd:d3:7c:1f:97:01:9e:c3:99:95:62:bc:0c:ae:6e:54:f2:e6: 11:8e:cb:ff:48:71:d9:bc:22:cc:d6:c7:dd:01:d8:80:26:af: 59:ee:95:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9WkGFtpNmvfZ/8x5ktyURMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx NzBkZmEwHhcNMjUxMjIwMjAwMTIzWhcNMjUxMjIxMjAwMTIzWjAzMTEwLwYDVQQD EygzN2Y3MmRkOTRiYThkZGI5YzRlNGQ0NDZhN2NjYmY4NWU1ZDRlMTZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3yQvmZdIS+a4Ay1MkbznQRTbjVD sEWfryuusAiq4y6eJhi9WNoyaEa5ydp1FmPgvTlHZApLR5Acfa0p6pdVPMmcjovv x3yoKiI3KnR8iG00MOHL7o0a9U4+DDEcK6A4AAtSGR4295dECFiHMmr2HueKEQUD dZkC64BWrToRDrFK9D/J7Ym1eXOKikjG1UmKjr8asjvfwEabHAdiqJq2Qujs04L9 9QyOw+/aVPw5l9iGGmtWioyKREkwmwE5Tm4bDRcXExRTLFhPo9ivqLRpLfB07WSn 2EYWXMjToWr7tjK7Iog1t6jypmtqs5B3X6RGr/tt0AKxtanNMdmVVBXadQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDf3LdlLqN25xOTURqfMv4Xl1OFrMB8GA1UdIwQY MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmApwxUGO BB1Xg5UO+FfLVxdwIvbWF/boGjv4mJZISZH7wMTL2/5rVAYvm2BPW3j05EH1T9My tN5lHATtVJwxLeGzMqKkd3gsjsfDRTbjBi0fxO68vGACod3VjzdJQAeVrHb2tH74 d8mBnt1GY95qVTAFIU4PfThfyXm8NKjx+JWEbmcvGr8F352iqyh9HNAehOwVKpwf TEiYbZmdBVEWZyJQOi3K1/nccBJQh4J6Xnh5KbMRj9/rV2rARAaQA/PPyuaec4ud LL2WTtMVtMq0TyMcJEQ42hY8vdN8H5cBnsOZlWK8DK5uVPLmEY7L/0hx2bwizNbH 3QHYgCavWe6VOg== -----END CERTIFICATE-----Generated at Sun Dec 21 00:11:44 2025 by rpki-client