This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft File: so7x9PiCePTfGec-M4HOzXjgacE.mft (raw, json) Hash identifier: rPDUrkynUk5uDa+cxoxjJIVxA+wMSK01VCVJAWMouDU= Subject key identifier: EF:37:29:2F:46:67:85:C9:DA:36:50:4C:1F:67:FF:D7:47:B7:A4:13 Authority key identifier: B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1 Certificate issuer: /CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1 Certificate serial: 019AF208BAEEF7C1E43F44870E7826D14A7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft Manifest number: 040A Signing time: Sat 06 Dec 2025 05:00:49 +0000 Manifest this update: Sat 06 Dec 2025 05:00:49 +0000 Manifest next update: Sun 07 Dec 2025 05:00:49 +0000 Files and hashes: 1: ZWC54UPrMHyZ6gth2IDDnRYsMDY.roa (hash: 4Yk1QA2QugshfW9geeysUTQ4Sub4Aja/bv1m3JJnrLU=) 2: so7x9PiCePTfGec-M4HOzXjgacE.crl (hash: WFS5PtoBC+xEAsAV8BHIsJqn0Ioldf6X4ULgzG4rZTw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:ba:ee:f7:c1:e4:3f:44:87:0e:78:26:d1:4a:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1 Validity Not Before: Dec 6 05:00:49 2025 GMT Not After : Dec 7 05:00:49 2025 GMT Subject: CN=ef37292f466785c9da36504c1f67ffd747b7a413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:39:b6:44:3c:82:6c:5a:5c:7f:5b:57:93:9a: 90:26:1f:27:19:67:ea:4e:e2:f7:67:dc:25:5b:82: bb:e3:a2:a0:8d:8f:c3:c8:5b:36:53:a9:21:bc:2d: f3:51:aa:0e:a7:b1:5e:4d:b6:fb:e4:9b:39:09:81: 64:2a:2a:62:f3:29:b5:91:7d:06:0d:35:c4:8b:10: a4:ed:77:e6:29:66:f2:61:38:ea:b6:96:e0:0a:a7: c3:08:f1:bf:28:15:06:37:dd:f2:40:91:03:65:84: 90:19:96:8b:3f:42:6e:62:51:89:40:68:fd:18:c3: 5c:ed:a8:14:a9:0c:e3:7a:01:40:26:7e:c6:25:96: a4:95:b4:20:50:8f:39:39:e3:35:67:8e:d0:52:e7: 00:63:d1:fd:27:c6:07:62:78:33:76:9f:13:1f:67: 33:2b:1c:3b:07:24:d4:8b:70:5d:14:34:36:67:b4: 85:84:57:34:14:1a:81:39:22:2a:5b:2c:9c:b5:9d: cb:5b:cd:c8:50:1b:5b:fc:25:52:8d:72:7d:c2:92: 35:f0:9f:d1:d2:e4:e3:ab:ce:a7:83:ae:b2:3a:44: 23:f6:d9:c3:03:98:0f:48:78:7f:b5:f2:03:14:59: 9f:65:26:78:55:b2:53:d3:db:0d:bd:c3:8a:99:7e: 3b:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:37:29:2F:46:67:85:C9:DA:36:50:4C:1F:67:FF:D7:47:B7:A4:13 X509v3 Authority Key Identifier: keyid:B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:9d:01:50:57:4e:e0:9d:14:69:d0:b4:42:ab:8f:2d:28:1a: 74:60:17:95:a1:8c:0c:57:d6:64:91:23:a8:94:26:33:28:66: 1d:4e:8a:9b:fd:42:fa:ac:e7:d3:f7:9b:77:ef:97:d3:ae:1d: d7:c4:c6:cd:bc:34:55:8a:ab:d3:0a:b3:9a:d6:47:5a:bb:e3: 21:c5:5e:fd:62:7d:b8:f8:0a:36:2c:9d:36:80:75:05:f8:f4: 1b:b2:9f:98:2c:93:1d:67:d5:3f:36:be:17:ab:d2:64:b4:b6: 2e:70:ec:8e:55:2f:89:01:a5:e2:5d:50:51:cc:cf:38:32:fc: d2:2f:74:de:1d:50:4e:60:75:e5:b8:2a:e8:e5:25:eb:45:f7: ba:8f:c8:83:fa:ef:8d:94:21:88:c0:75:96:0e:eb:da:06:c0: f5:ae:4a:b9:b3:bb:6a:d9:47:47:48:77:ff:be:39:b8:16:9b: c5:9c:81:f3:ba:2a:ed:f3:df:76:59:6e:9d:08:f0:91:42:ce: e9:a5:ed:dc:f2:8a:d7:54:8b:9b:13:a0:5a:80:9c:ee:50:d6: 9a:30:a6:72:30:48:0c:c0:e1:60:69:70:af:f4:97:35:23:24: 9c:08:94:1a:df:1f:0a:ae:48:ad:38:72:27:15:80:61:46:b7: a4:48:f0:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCLru98HkP0SHDngm0Up7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyOGVmMWY0Zjg4Mjc4ZjRkZjE5ZTczZTMzODFjZWNkNzhl MDY5YzEwHhcNMjUxMjA2MDUwMDQ5WhcNMjUxMjA3MDUwMDQ5WjAzMTEwLwYDVQQD EyhlZjM3MjkyZjQ2Njc4NWM5ZGEzNjUwNGMxZjY3ZmZkNzQ3YjdhNDEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjm2RDyCbFpcf1tXk5qQJh8nGWfq TuL3Z9wlW4K746KgjY/DyFs2U6khvC3zUaoOp7FeTbb75Js5CYFkKipi8ym1kX0G DTXEixCk7XfmKWbyYTjqtpbgCqfDCPG/KBUGN93yQJEDZYSQGZaLP0JuYlGJQGj9 GMNc7agUqQzjegFAJn7GJZaklbQgUI85OeM1Z47QUucAY9H9J8YHYngzdp8TH2cz Kxw7ByTUi3BdFDQ2Z7SFhFc0FBqBOSIqWyyctZ3LW83IUBtb/CVSjXJ9wpI18J/R 0uTjq86ng66yOkQj9tnDA5gPSHh/tfIDFFmfZSZ4VbJT09sNvcOKmX47ywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO83KS9GZ4XJ2jZQTB9n/9dHt6QTMB8GA1UdIwQY MBaAFLKO8fT4gnj03xnnPjOBzs144GnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQt OWVmMGE1OTkyN2IxLzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQtOWVmMGE1OTkyN2Ix LzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZ0BUFdO 4J0UadC0QquPLSgadGAXlaGMDFfWZJEjqJQmMyhmHU6Km/1C+qzn0/ebd++X064d 18TGzbw0VYqr0wqzmtZHWrvjIcVe/WJ9uPgKNiydNoB1Bfj0G7KfmCyTHWfVPza+ F6vSZLS2LnDsjlUviQGl4l1QUczPODL80i903h1QTmB15bgq6OUl60X3uo/Ig/rv jZQhiMB1lg7r2gbA9a5KubO7atlHR0h3/745uBabxZyB87oq7fPfdllunQjwkULO 6aXt3PKK11SLmxOgWoCc7lDWmjCmcjBIDMDhYGlwr/SXNSMknAiUGt8fCq5IrThy JxWAYUa3pEjw/Q== -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:55 2025 by rpki-client