This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft File: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft (raw, json) Hash identifier: +/4ZdDJZIzGMMLOq1vHhcruOJTj4gJL9g4yaLBe4J/Q= Subject key identifier: 78:17:74:D1:61:64:4A:94:19:F4:BD:55:43:DF:7E:83:1E:D5:F8:B3 Authority key identifier: B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4 Certificate issuer: /CN=b284cdf0507443e16e509d57a229e914f73566a4 Certificate serial: 019AF2771A898AE046F0D3C1B93ECAFCCE40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft Manifest number: 1608 Signing time: Sat 06 Dec 2025 07:01:23 +0000 Manifest this update: Sat 06 Dec 2025 07:01:23 +0000 Manifest next update: Sun 07 Dec 2025 07:01:23 +0000 Files and hashes: 1: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl (hash: s43JX+b/J376NKS3YaeLx5JTzkZ5YGUUXXwgA6fcwyo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:1a:89:8a:e0:46:f0:d3:c1:b9:3e:ca:fc:ce:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b284cdf0507443e16e509d57a229e914f73566a4 Validity Not Before: Dec 6 07:01:23 2025 GMT Not After : Dec 7 07:01:23 2025 GMT Subject: CN=781774d161644a9419f4bd5543df7e831ed5f8b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1f:27:bc:b5:64:85:9d:93:b3:57:ae:d1:8c: 8c:c2:fe:3e:90:c4:61:50:48:f0:ac:07:6f:c4:6d: 9f:1e:d2:87:f9:da:54:ad:3e:db:b3:24:39:1e:9d: 2c:df:73:6d:68:b1:f4:a9:d4:25:a5:95:c0:d5:55: ff:ca:89:cb:f7:da:7c:ba:33:be:07:3f:3a:c4:c4: e6:e1:8e:a8:35:8e:fb:02:43:98:4e:6d:29:71:ed: 5c:df:d2:d7:3a:f8:ea:ec:83:54:69:30:46:53:38: 3d:04:f6:08:81:28:d6:1b:88:40:4f:a7:d1:83:9f: 2a:2a:68:a6:d3:72:96:29:62:69:36:75:87:e3:2c: 03:5e:eb:4a:4c:c4:ca:38:c9:61:e4:be:d7:92:c9: 4a:3c:c2:8d:69:ac:27:ce:69:b0:17:60:a5:bd:cf: 73:0c:f7:52:0e:cc:f4:8f:6c:da:cb:a9:18:d8:38: 4e:43:d2:56:38:d6:60:7b:cd:1e:74:09:9c:37:ea: 26:74:94:ba:d0:25:9e:90:8c:3c:28:01:3f:dd:2e: f4:02:bf:dc:8f:67:55:3a:c9:10:9f:a7:8a:0e:a4: d3:50:fb:bc:58:58:63:f7:3a:3a:a9:ed:78:58:a5: a4:6e:36:ac:e5:d4:d2:19:17:84:43:88:a3:e8:a2: c9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:17:74:D1:61:64:4A:94:19:F4:BD:55:43:DF:7E:83:1E:D5:F8:B3 X509v3 Authority Key Identifier: keyid:B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:23:25:b4:77:da:8c:a3:9d:47:c9:b4:03:8e:f7:59:b8:c2: e3:b0:67:21:8c:ef:1a:a7:20:90:50:ef:db:71:72:19:64:6a: c3:1c:2a:6c:6c:7b:2f:13:be:cf:18:94:38:c9:b5:00:1f:3b: 68:e7:9a:22:d0:2e:51:e4:50:d7:3f:0f:b3:11:08:bc:c8:a3: 91:87:6e:03:ad:97:e1:51:78:99:65:10:c9:17:c6:c1:67:04: b9:6b:22:e9:7b:ce:60:4b:29:37:10:16:0c:26:e7:f3:93:ad: 99:ca:45:30:2f:38:92:b5:f3:1a:5c:ef:ed:e0:3b:91:bf:76: 93:a6:f9:b2:d2:65:5f:69:70:e5:14:cf:f2:c4:3a:5d:d1:97: 8e:3a:78:8f:3b:6a:44:56:9a:09:aa:72:0b:b4:77:91:20:65: b3:3e:0f:4e:c0:d3:32:5e:d8:7a:57:27:04:eb:de:22:58:91: 12:18:8b:ca:b3:88:98:a5:45:71:45:8e:b6:69:93:9c:d3:9e: 9b:85:4a:d5:e8:7c:3f:39:ec:38:65:3c:96:ba:a2:57:52:6d: 6c:1f:a5:fb:be:71:1e:ec:06:e2:66:6e:95:15:08:97:26:c3: 25:2b:68:6a:55:6d:af:76:9a:78:51:15:bd:ae:9b:0c:9c:fd: e9:f6:ac:49 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydxqJiuBG8NPBuT7K/M5AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyODRjZGYwNTA3NDQzZTE2ZTUwOWQ1N2EyMjllOTE0Zjcz NTY2YTQwHhcNMjUxMjA2MDcwMTIzWhcNMjUxMjA3MDcwMTIzWjAzMTEwLwYDVQQD Eyg3ODE3NzRkMTYxNjQ0YTk0MTlmNGJkNTU0M2RmN2U4MzFlZDVmOGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh8nvLVkhZ2Ts1eu0YyMwv4+kMRh UEjwrAdvxG2fHtKH+dpUrT7bsyQ5Hp0s33NtaLH0qdQlpZXA1VX/yonL99p8ujO+ Bz86xMTm4Y6oNY77AkOYTm0pce1c39LXOvjq7INUaTBGUzg9BPYIgSjWG4hAT6fR g58qKmim03KWKWJpNnWH4ywDXutKTMTKOMlh5L7XkslKPMKNaawnzmmwF2Clvc9z DPdSDsz0j2zay6kY2DhOQ9JWONZge80edAmcN+omdJS60CWekIw8KAE/3S70Ar/c j2dVOskQn6eKDqTTUPu8WFhj9zo6qe14WKWkbjas5dTSGReEQ4ij6KLJ+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHgXdNFhZEqUGfS9VUPffoMe1fizMB8GA1UdIwQY MBaAFLKEzfBQdEPhblCdV6Ip6RT3NWakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMt ZGY1NmEyNDEwOThmLzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMtZGY1NmEyNDEwOThm LzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANSMltHfa jKOdR8m0A473WbjC47BnIYzvGqcgkFDv23FyGWRqwxwqbGx7LxO+zxiUOMm1AB87 aOeaItAuUeRQ1z8PsxEIvMijkYduA62X4VF4mWUQyRfGwWcEuWsi6XvOYEspNxAW DCbn85OtmcpFMC84krXzGlzv7eA7kb92k6b5stJlX2lw5RTP8sQ6XdGXjjp4jztq RFaaCapyC7R3kSBlsz4PTsDTMl7YelcnBOveIliREhiLyrOImKVFcUWOtmmTnNOe m4VK1eh8PznsOGU8lrqiV1JtbB+l+75xHuwG4mZulRUIlybDJStoalVtr3aaeFEV va6bDJz96fasSQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:13:26 2025 by rpki-client