This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft File: pL9-XCjULmcUGeYsMmBJ5cedSOA.mft (raw, json) Hash identifier: 9P7FJ1HLOc1/4lOL2fSlgF7e5onaZBnvQaIynLdjkSY= Subject key identifier: A8:A5:70:58:81:C0:03:A1:21:9F:0E:A5:CE:29:E3:0C:D0:5F:F7:69 Authority key identifier: A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0 Certificate issuer: /CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0 Certificate serial: 019AF0BF70C3C76BD917CE2B95713540704D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft Manifest number: 0169 Signing time: Fri 05 Dec 2025 23:01:09 +0000 Manifest this update: Fri 05 Dec 2025 23:01:09 +0000 Manifest next update: Sat 06 Dec 2025 23:01:09 +0000 Files and hashes: 1: pL9-XCjULmcUGeYsMmBJ5cedSOA.crl (hash: N2sy0x26LUV4JQLpcxoV0lb8BNQwmJAnz39famFYA7s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:70:c3:c7:6b:d9:17:ce:2b:95:71:35:40:70:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0 Validity Not Before: Dec 5 23:01:09 2025 GMT Not After : Dec 6 23:01:09 2025 GMT Subject: CN=a8a5705881c003a1219f0ea5ce29e30cd05ff769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c0:69:80:75:a9:aa:75:3e:fd:14:aa:db:60: 33:cf:23:70:b7:10:2c:22:6e:4e:76:ae:e5:8c:93: 9f:cf:98:3d:64:33:6c:44:10:dd:89:75:1d:be:74: bf:61:76:34:f0:0f:73:e1:5a:1a:1f:34:f1:97:02: 8f:78:74:65:ac:a2:ff:3c:47:29:1e:4b:dd:90:e5: 07:5f:27:38:88:91:88:e0:f3:78:f1:5f:5b:a9:d6: 55:1a:0f:e2:ae:86:37:f7:46:93:81:af:d4:5c:6b: d9:ce:91:c5:13:9f:64:33:c9:d1:0b:71:5c:db:9a: 92:1f:f9:a3:6a:7b:fd:8a:ba:dd:43:ee:2d:5c:48: 3e:4c:e3:0f:9f:d4:42:6d:9d:89:8f:b5:bf:85:43: ff:4f:2f:49:eb:39:9d:43:3a:c6:8a:4f:3b:10:a8: 51:82:66:26:7c:fc:a4:c5:08:7f:b6:f3:91:2b:0c: df:69:ab:b6:ef:26:b8:ee:f0:85:48:f7:d8:04:f8: 60:3c:a6:c1:47:f6:01:0b:47:bc:37:b2:84:4f:10: 03:f7:1f:a4:d1:de:ae:13:f9:30:d7:f6:a0:be:38: af:64:9d:1a:94:8f:63:80:24:bd:8c:2e:c8:51:7c: 76:35:fe:3e:bd:06:53:0a:44:a2:4e:08:e8:db:91: d5:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:A5:70:58:81:C0:03:A1:21:9F:0E:A5:CE:29:E3:0C:D0:5F:F7:69 X509v3 Authority Key Identifier: keyid:A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:73:af:f6:27:5d:50:b1:05:21:d9:b1:96:50:72:22:01:9a: 98:a7:00:ed:0c:4c:3f:bb:65:ee:e9:ec:98:90:51:f1:2e:c0: b2:a8:e8:36:37:e8:8d:6e:8a:11:58:b3:51:34:07:c5:d9:71: 09:36:3a:b6:cb:a6:21:2d:77:12:eb:82:a4:b7:8d:7f:49:51: dc:8f:e8:a7:5b:2f:68:08:a6:39:1c:7b:a0:10:4a:dd:aa:5d: b1:dd:8d:3f:ed:0f:a6:07:2f:c5:74:e2:eb:49:fa:27:f7:d4: 2a:04:3e:05:dc:a6:15:81:a8:84:c4:f6:8c:b0:a3:86:8b:e3: e5:d5:18:3b:b1:17:73:8e:5b:30:82:1a:8a:d4:1d:c2:04:8e: 9f:4f:ea:a9:f0:36:e2:2c:cc:23:ca:5e:14:20:91:3b:9c:02: 5d:0a:cc:71:6d:37:ee:f2:c4:2d:94:01:bc:fd:5c:e4:1b:77: b4:af:f2:e6:28:3a:b9:f6:12:63:a0:46:c6:9e:c7:73:78:fd: a1:0f:b2:f4:7b:a6:68:ad:91:34:7d:06:08:c2:9c:e1:09:12: d6:4a:45:82:e8:21:67:e4:bb:54:ea:c8:a7:c0:04:e6:2d:1f: a5:19:60:23:56:1d:77:4a:ea:6b:dc:e9:29:9e:34:12:3b:ee: af:5e:b0:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv3DDx2vZF84rlXE1QHBNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0YmY3ZTVjMjhkNDJlNjcxNDE5ZTYyYzMyNjA0OWU1Yzc5 ZDQ4ZTAwHhcNMjUxMjA1MjMwMTA5WhcNMjUxMjA2MjMwMTA5WjAzMTEwLwYDVQQD EyhhOGE1NzA1ODgxYzAwM2ExMjE5ZjBlYTVjZTI5ZTMwY2QwNWZmNzY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8BpgHWpqnU+/RSq22AzzyNwtxAs Im5Odq7ljJOfz5g9ZDNsRBDdiXUdvnS/YXY08A9z4VoaHzTxlwKPeHRlrKL/PEcp HkvdkOUHXyc4iJGI4PN48V9bqdZVGg/iroY390aTga/UXGvZzpHFE59kM8nRC3Fc 25qSH/mjanv9irrdQ+4tXEg+TOMPn9RCbZ2Jj7W/hUP/Ty9J6zmdQzrGik87EKhR gmYmfPykxQh/tvORKwzfaau27ya47vCFSPfYBPhgPKbBR/YBC0e8N7KETxAD9x+k 0d6uE/kw1/agvjivZJ0alI9jgCS9jC7IUXx2Nf4+vQZTCkSiTgjo25HV/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKilcFiBwAOhIZ8Opc4p4wzQX/dpMB8GA1UdIwQY MBaAFKS/flwo1C5nFBnmLDJgSeXHnUjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2Et OTcwZmIwZTQ0YzQ3LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2EtOTcwZmIwZTQ0YzQ3 LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHXOv9idd ULEFIdmxllByIgGamKcA7QxMP7tl7unsmJBR8S7AsqjoNjfojW6KEVizUTQHxdlx CTY6tsumIS13EuuCpLeNf0lR3I/op1svaAimORx7oBBK3apdsd2NP+0PpgcvxXTi 60n6J/fUKgQ+BdymFYGohMT2jLCjhovj5dUYO7EXc45bMIIaitQdwgSOn0/qqfA2 4izMI8peFCCRO5wCXQrMcW037vLELZQBvP1c5Bt3tK/y5ig6ufYSY6BGxp7Hc3j9 oQ+y9HumaK2RNH0GCMKc4QkS1kpFgughZ+S7VOrIp8AE5i0fpRlgI1Ydd0rqa9zp KZ40Ejvur16weA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:21 2025 by rpki-client