This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft File: rjRcTQnm4iTh2vRmV9PHEYewIjY.mft (raw, json) Hash identifier: Cvz4yNnqSFnthygwRD+llUSU0hZ92ZueB+HEFcaymq8= Subject key identifier: 07:27:58:74:79:98:EA:39:E9:A3:DB:25:CE:59:E1:23:F4:9B:23:49 Authority key identifier: AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 Certificate issuer: /CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Certificate serial: 019AF42E3EED6805333F4CEEAC47651B24BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft Manifest number: 06AC Signing time: Sat 06 Dec 2025 15:01:02 +0000 Manifest this update: Sat 06 Dec 2025 15:01:02 +0000 Manifest next update: Sun 07 Dec 2025 15:01:02 +0000 Files and hashes: 1: rjRcTQnm4iTh2vRmV9PHEYewIjY.crl (hash: xYhskR7EKyQSeNybuVsgDPunEvoWISDFcHYJGq57MYM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:3e:ed:68:05:33:3f:4c:ee:ac:47:65:1b:24:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Validity Not Before: Dec 6 15:01:02 2025 GMT Not After : Dec 7 15:01:02 2025 GMT Subject: CN=072758747998ea39e9a3db25ce59e123f49b2349 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f1:a6:89:b2:de:ed:b4:13:eb:4e:af:4e:73: fd:6f:2f:61:96:7c:98:fe:27:46:f5:74:45:6a:12: 6d:24:bd:9c:a0:43:00:db:bc:12:3f:fd:48:e1:54: 17:1d:7f:46:31:d0:8c:dc:c4:e2:a4:e0:fe:cc:a0: c6:20:f9:c9:1d:f1:6a:82:da:4d:85:58:12:b4:5e: a2:99:29:1a:ee:48:05:6d:e6:b6:bc:88:c0:cd:0f: c6:16:4e:15:ca:40:74:c0:5d:aa:80:2e:d8:90:9b: af:16:5c:7c:04:f0:c8:b9:1b:ec:08:02:f5:1d:57: 27:85:f3:00:d3:37:27:ca:fb:ea:7b:a9:04:8a:d7: 74:e1:ad:1f:6e:f0:8a:2a:ee:5a:7c:2e:5d:b0:95: 3d:e4:0e:e3:47:e4:98:50:89:88:9c:e6:bb:6d:f3: 6c:50:1b:68:68:e8:45:65:b3:b8:75:41:0f:1f:00: 0a:57:bb:47:e7:04:ed:58:6f:9c:16:87:63:4a:e3: e3:3d:2c:8b:09:9f:05:e5:7b:63:d8:29:9f:ad:bb: 05:e5:8b:d0:05:f3:d4:c9:1a:e9:1b:e6:54:2c:78: 17:56:3e:1d:9b:97:ed:b1:1d:16:37:a8:5e:2d:c5: cb:b2:aa:da:42:4d:07:3c:9a:c4:b8:03:79:f8:5e: b7:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:27:58:74:79:98:EA:39:E9:A3:DB:25:CE:59:E1:23:F4:9B:23:49 X509v3 Authority Key Identifier: keyid:AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:11:ec:e6:f8:44:91:30:8f:f7:f5:eb:d3:38:4c:8a:5f:d3: 22:91:ac:d0:2c:0d:8b:95:c3:ca:ed:23:d5:91:5b:6b:ed:7b: 2d:2d:f9:5c:9d:63:ef:89:f8:b9:d1:2e:b0:71:20:a2:80:92: 16:fd:d8:ee:0e:0d:c6:66:83:c3:97:4f:7f:2c:66:9f:a0:d0: d0:4e:ae:7d:d5:d8:cf:7e:26:4a:c5:b7:bc:d9:86:b3:0e:f3: 95:75:64:70:62:a9:56:3a:c2:16:b8:dd:91:c7:42:ff:67:f6: 84:a0:e7:b3:53:52:48:67:88:a2:b8:7e:a9:bf:db:45:38:19: 8a:7c:2c:9b:50:cd:7a:7b:31:33:e8:dd:6e:95:0d:b6:2c:b9: 6e:25:91:5c:55:0d:fe:25:14:6e:ec:45:46:45:a1:ba:43:df: 8b:b5:c5:c0:4c:97:38:70:4a:0e:c6:9d:a6:ed:33:dc:a2:93: 38:ab:0b:e9:cf:39:57:b2:4d:40:45:85:92:37:7a:ed:23:83: 1a:b0:d8:5c:bb:8e:38:a8:61:4f:00:9a:96:5a:f3:97:bd:4e: dd:46:ee:d1:f3:9c:13:dc:52:a5:7d:19:50:04:ae:6d:cb:c6: 2d:aa:1c:15:5f:17:b9:6e:62:6f:91:31:c5:72:41:3a:cc:93: f7:a0:06:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0Lj7taAUzP0zurEdlGyS+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlMzQ1YzRkMDllNmUyMjRlMWRhZjQ2NjU3ZDNjNzExODdi MDIyMzYwHhcNMjUxMjA2MTUwMTAyWhcNMjUxMjA3MTUwMTAyWjAzMTEwLwYDVQQD EygwNzI3NTg3NDc5OThlYTM5ZTlhM2RiMjVjZTU5ZTEyM2Y0OWIyMzQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfGmibLe7bQT606vTnP9by9hlnyY /idG9XRFahJtJL2coEMA27wSP/1I4VQXHX9GMdCM3MTipOD+zKDGIPnJHfFqgtpN hVgStF6imSka7kgFbea2vIjAzQ/GFk4VykB0wF2qgC7YkJuvFlx8BPDIuRvsCAL1 HVcnhfMA0zcnyvvqe6kEitd04a0fbvCKKu5afC5dsJU95A7jR+SYUImInOa7bfNs UBtoaOhFZbO4dUEPHwAKV7tH5wTtWG+cFodjSuPjPSyLCZ8F5Xtj2CmfrbsF5YvQ BfPUyRrpG+ZULHgXVj4dm5ftsR0WN6heLcXLsqraQk0HPJrEuAN5+F63wQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAcnWHR5mOo56aPbJc5Z4SP0myNJMB8GA1UdIwQY MBaAFK40XE0J5uIk4dr0ZlfTxxGHsCI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDkt M2JmNjE3NzlkZGM3LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDktM2JmNjE3NzlkZGM3 LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBHs5vhE kTCP9/Xr0zhMil/TIpGs0CwNi5XDyu0j1ZFba+17LS35XJ1j74n4udEusHEgooCS Fv3Y7g4NxmaDw5dPfyxmn6DQ0E6ufdXYz34mSsW3vNmGsw7zlXVkcGKpVjrCFrjd kcdC/2f2hKDns1NSSGeIorh+qb/bRTgZinwsm1DNensxM+jdbpUNtiy5biWRXFUN /iUUbuxFRkWhukPfi7XFwEyXOHBKDsadpu0z3KKTOKsL6c85V7JNQEWFkjd67SOD GrDYXLuOOKhhTwCallrzl71O3Ubu0fOcE9xSpX0ZUASubcvGLaocFV8XuW5ib5Ex xXJBOsyT96AGkg== -----END CERTIFICATE-----Generated at Sat Dec 6 19:35:08 2025 by rpki-client