This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft File: DOf4uSjz9S4LuXZD007OWeuWNKM.mft (raw, json) Hash identifier: 0N92m7sv878j10+q/eOJrpwmWZcE1UnEQwiolbQeoGY= Subject key identifier: 44:98:22:90:92:5D:AA:BD:57:AB:FE:51:F9:8E:9A:D5:08:9B:0A:FD Authority key identifier: 0C:E7:F8:B9:28:F3:F5:2E:0B:B9:76:43:D3:4E:CE:59:EB:96:34:A3 Certificate issuer: /CN=0ce7f8b928f3f52e0bb97643d34ece59eb9634a3 Certificate serial: 019AF12E92205906EEF9508D065BFC9F141D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft Manifest number: F5 Signing time: Sat 06 Dec 2025 01:02:32 +0000 Manifest this update: Sat 06 Dec 2025 01:02:32 +0000 Manifest next update: Sun 07 Dec 2025 01:02:32 +0000 Files and hashes: 1: DOf4uSjz9S4LuXZD007OWeuWNKM.crl (hash: k5o6AfqkWtd3Qf885T15YRq6pYM3xRkxM1Q3r1FNAhQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:92:20:59:06:ee:f9:50:8d:06:5b:fc:9f:14:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ce7f8b928f3f52e0bb97643d34ece59eb9634a3 Validity Not Before: Dec 6 01:02:32 2025 GMT Not After : Dec 7 01:02:32 2025 GMT Subject: CN=44982290925daabd57abfe51f98e9ad5089b0afd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2a:07:86:71:47:b7:dc:ed:08:d5:e9:16:91: a3:51:6b:49:c7:cb:73:e2:aa:fa:a8:e7:37:95:30: a6:f7:f3:af:e9:60:9f:3f:6e:63:7e:e4:90:19:9f: c3:2c:01:ae:8e:02:e8:70:a5:b0:03:08:e1:2a:78: 58:ab:13:0c:02:7b:52:50:ba:ca:1d:23:1d:99:c3: 53:c4:ff:0d:c5:c1:9e:d2:0f:42:d2:d4:57:68:9e: 82:70:1e:2c:ff:dd:e1:35:20:f1:38:a0:73:a4:a2: b8:9f:4d:6d:d6:0e:0c:b7:12:5f:e1:2e:43:ef:6a: eb:41:eb:79:1d:0f:31:41:cb:7a:2b:63:b0:05:b8: 0d:44:93:bf:03:2d:9c:94:40:a7:32:0d:1d:63:d7: f3:5d:b0:d0:3d:ca:bb:5a:b3:fe:2a:c0:ef:c2:e4: fb:76:46:82:45:98:e1:2e:e9:b2:74:9e:5e:9d:18: 76:92:9a:5f:ae:ac:0f:ec:22:ba:a3:96:ac:f1:d7: 64:c5:b7:21:22:b1:ef:42:7e:f1:31:14:4a:fe:91: e2:d2:82:9f:a3:41:b2:ab:08:8b:9c:ef:06:de:f8: e3:fe:9e:33:d7:56:69:af:dd:b5:9b:34:bf:d5:15: df:54:d9:f2:28:f7:7e:13:41:b0:ab:86:f2:6e:63: 8b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:98:22:90:92:5D:AA:BD:57:AB:FE:51:F9:8E:9A:D5:08:9B:0A:FD X509v3 Authority Key Identifier: keyid:0C:E7:F8:B9:28:F3:F5:2E:0B:B9:76:43:D3:4E:CE:59:EB:96:34:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:ed:bd:79:77:44:5a:62:16:48:07:ca:ac:91:28:d1:4a:fd: 48:a3:2c:06:e4:71:ac:6c:c4:f8:82:01:67:8e:59:ee:b3:7f: b4:12:a9:af:25:bc:16:b8:cc:f7:a7:d8:ee:1a:45:3a:0d:63: 93:7e:66:be:a3:ef:db:cf:b4:2b:a5:de:b9:58:bd:81:21:6e: 5f:54:b1:af:9e:f1:1b:69:06:03:cc:80:6d:8b:dc:7e:aa:ef: 23:31:63:4e:31:c1:46:f7:23:4d:7e:03:2c:d7:53:8d:71:3a: 5c:62:4d:4d:2f:f9:a0:20:cb:11:f4:43:85:4a:9d:d4:7e:5f: 52:f3:94:6e:0f:b6:8a:de:fb:16:5c:f3:dc:f9:66:b4:1d:50: 0f:b5:48:68:41:a6:7b:13:0f:c0:68:bf:f0:42:1a:39:26:0c: 8d:8c:3f:6d:24:1b:0a:cc:b1:ff:20:f2:f1:c3:b8:42:fc:dd: a3:dc:bd:a6:26:10:a8:19:cf:fe:80:28:82:46:26:87:92:ab: aa:1b:2f:ee:c5:eb:12:06:69:72:e4:78:10:60:d9:90:4d:61: c8:0c:40:e1:f4:70:b7:57:23:e9:4a:b7:8d:7d:47:81:72:77: e3:18:95:cf:9b:f6:c7:75:59:d8:75:41:62:eb:ed:4b:c0:83: 60:6e:8c:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLpIgWQbu+VCNBlv8nxQdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjZTdmOGI5MjhmM2Y1MmUwYmI5NzY0M2QzNGVjZTU5ZWI5 NjM0YTMwHhcNMjUxMjA2MDEwMjMyWhcNMjUxMjA3MDEwMjMyWjAzMTEwLwYDVQQD Eyg0NDk4MjI5MDkyNWRhYWJkNTdhYmZlNTFmOThlOWFkNTA4OWIwYWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyoHhnFHt9ztCNXpFpGjUWtJx8tz 4qr6qOc3lTCm9/Ov6WCfP25jfuSQGZ/DLAGujgLocKWwAwjhKnhYqxMMAntSULrK HSMdmcNTxP8NxcGe0g9C0tRXaJ6CcB4s/93hNSDxOKBzpKK4n01t1g4MtxJf4S5D 72rrQet5HQ8xQct6K2OwBbgNRJO/Ay2clECnMg0dY9fzXbDQPcq7WrP+KsDvwuT7 dkaCRZjhLumydJ5enRh2kppfrqwP7CK6o5as8ddkxbchIrHvQn7xMRRK/pHi0oKf o0GyqwiLnO8G3vjj/p4z11Zpr921mzS/1RXfVNnyKPd+E0Gwq4bybmOL6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFESYIpCSXaq9V6v+UfmOmtUImwr9MB8GA1UdIwQY MBaAFAzn+Lko8/UuC7l2Q9NOzlnrljSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iZTM1OTMtNzk3Mi00ZGEzLWFlMTYt MjkzZWM2MzIyOTY2LzEvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi9iZTM1OTMtNzk3Mi00ZGEzLWFlMTYtMjkzZWM2MzIyOTY2 LzEvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi+29eXdE WmIWSAfKrJEo0Ur9SKMsBuRxrGzE+IIBZ45Z7rN/tBKpryW8FrjM96fY7hpFOg1j k35mvqPv28+0K6XeuVi9gSFuX1Sxr57xG2kGA8yAbYvcfqrvIzFjTjHBRvcjTX4D LNdTjXE6XGJNTS/5oCDLEfRDhUqd1H5fUvOUbg+2it77Flzz3PlmtB1QD7VIaEGm exMPwGi/8EIaOSYMjYw/bSQbCsyx/yDy8cO4Qvzdo9y9piYQqBnP/oAogkYmh5Kr qhsv7sXrEgZpcuR4EGDZkE1hyAxA4fRwt1cj6Uq3jX1HgXJ34xiVz5v2x3VZ2HVB YuvtS8CDYG6M+A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:24:19 2025 by rpki-client