This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft File: cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft (raw, json) Hash identifier: dmv9iboJfTPX0oO6/PGgRadRa4bnMToVIGfEuU+d8uE= Subject key identifier: F4:10:48:DF:0D:F1:12:DB:EA:01:40:06:CC:53:A2:1C:EB:4A:24:D0 Authority key identifier: 70:A0:B5:AC:A7:31:EA:71:F2:6D:63:D2:3C:22:C1:23:B2:BB:12:0F Certificate issuer: /CN=70a0b5aca731ea71f26d63d23c22c123b2bb120f Certificate serial: 019AF68A3BE219ABB225C20891ACF786FDED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft Manifest number: 0A9C Signing time: Sun 07 Dec 2025 02:00:45 +0000 Manifest this update: Sun 07 Dec 2025 02:00:45 +0000 Manifest next update: Mon 08 Dec 2025 02:00:45 +0000 Files and hashes: 1: 5K2zlrIHADlFytOUhc54zx-uCAw.roa (hash: VJ3nEApsPTUcM1XeIb75bGQ+CbjZ/H8pdnWKdP3UYOg=) 2: cKC1rKcx6nHybWPSPCLBI7K7Eg8.crl (hash: BYI4H5K4tlhMnOXQS4ZrFQ4uv4Ys/seCNok2lP3eWDU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.crl rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:8a:3b:e2:19:ab:b2:25:c2:08:91:ac:f7:86:fd:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70a0b5aca731ea71f26d63d23c22c123b2bb120f Validity Not Before: Dec 7 02:00:45 2025 GMT Not After : Dec 8 02:00:45 2025 GMT Subject: CN=f41048df0df112dbea014006cc53a21ceb4a24d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:31:61:b1:fb:94:cc:cc:af:02:fd:b4:e9:1b: c2:4e:73:89:2a:05:e6:c6:95:aa:aa:3b:f2:6f:77: 0e:b4:cc:23:8d:26:2b:40:ad:9a:a6:a8:14:f5:80: 0e:dc:79:77:b0:92:a0:34:71:56:b5:47:c5:07:c7: e4:79:48:9a:92:6c:12:e2:0f:51:ef:b6:bf:69:76: ef:95:9d:18:4a:1a:38:a8:d8:f5:3c:f4:c3:fb:a5: 39:5a:7a:9b:4f:21:7f:ca:13:35:73:19:21:1c:c8: 10:cc:cf:03:2c:a0:b8:09:ca:09:3a:54:ab:c6:dc: 4e:fe:3e:43:45:22:27:fd:4b:7b:01:af:9b:ea:99: 3d:5a:da:e2:7a:b9:49:7e:f3:23:02:fc:82:59:cd: 95:85:45:83:7c:68:83:ff:2e:17:c4:67:96:56:5b: c7:04:16:85:a2:7c:49:dc:c1:e9:26:58:77:97:e2: 15:cd:ec:79:6c:fa:b0:a6:bc:39:7a:97:f3:97:bd: df:ef:e3:0f:df:93:b3:a7:4b:47:23:33:aa:cf:ad: 99:04:70:ac:5d:d1:5b:cf:64:72:aa:2f:73:72:02: 24:b9:5d:f0:82:49:a3:30:73:b6:56:bc:4d:97:e1: 67:a0:c8:69:f6:ec:19:1a:3a:23:11:7b:09:be:8f: df:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:10:48:DF:0D:F1:12:DB:EA:01:40:06:CC:53:A2:1C:EB:4A:24:D0 X509v3 Authority Key Identifier: keyid:70:A0:B5:AC:A7:31:EA:71:F2:6D:63:D2:3C:22:C1:23:B2:BB:12:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:e4:0f:90:56:ca:a2:03:cc:07:27:2c:63:ac:c9:02:65:1f: 29:4b:12:d7:3d:b4:60:c9:2c:bc:d4:3f:8b:05:92:c8:8e:74: ec:4b:c3:58:f9:cc:b4:49:79:f8:af:c0:60:93:06:fb:a4:a8: 06:54:49:e7:f2:6c:1b:47:d3:f3:a8:1e:69:a9:dd:fe:3d:ff: af:66:3c:af:d3:f0:90:41:3e:f9:52:2d:c0:79:75:c0:ec:7b: 46:35:57:69:87:7a:c9:51:64:62:c0:ba:87:03:05:12:a9:99: 42:56:fd:a8:73:44:f3:aa:8c:0d:c1:f4:56:bb:e5:41:18:9c: cb:62:ac:97:3f:68:1b:59:03:c4:f5:8e:76:bd:a3:84:f1:33: b3:e3:2d:79:c2:4f:ec:2a:f3:14:5f:5d:58:43:e2:f9:04:77: d5:b7:56:f3:9f:b5:a1:de:07:23:88:77:20:16:3c:d1:40:63: c0:99:a9:fd:12:e5:c3:af:a7:11:5a:34:38:fe:62:9b:5b:a0: 76:e1:1b:36:22:aa:b8:13:8b:e3:8f:69:1a:50:d2:0c:d6:9d: 60:5e:3f:2e:b0:af:0d:3e:bc:ae:68:d5:1b:88:62:e6:6f:6b: 6e:11:c1:6a:bc:ca:f7:0a:0b:90:b1:b9:34:86:7b:d6:55:0a: dc:2e:97:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2ijviGauyJcIIkaz3hv3tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwYTBiNWFjYTczMWVhNzFmMjZkNjNkMjNjMjJjMTIzYjJi YjEyMGYwHhcNMjUxMjA3MDIwMDQ1WhcNMjUxMjA4MDIwMDQ1WjAzMTEwLwYDVQQD EyhmNDEwNDhkZjBkZjExMmRiZWEwMTQwMDZjYzUzYTIxY2ViNGEyNGQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TFhsfuUzMyvAv206RvCTnOJKgXm xpWqqjvyb3cOtMwjjSYrQK2apqgU9YAO3Hl3sJKgNHFWtUfFB8fkeUiakmwS4g9R 77a/aXbvlZ0YSho4qNj1PPTD+6U5WnqbTyF/yhM1cxkhHMgQzM8DLKC4CcoJOlSr xtxO/j5DRSIn/Ut7Aa+b6pk9WtrierlJfvMjAvyCWc2VhUWDfGiD/y4XxGeWVlvH BBaFonxJ3MHpJlh3l+IVzex5bPqwprw5epfzl73f7+MP35Ozp0tHIzOqz62ZBHCs XdFbz2Ryqi9zcgIkuV3wgkmjMHO2VrxNl+FnoMhp9uwZGjojEXsJvo/fVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPQQSN8N8RLb6gFABsxTohzrSiTQMB8GA1UdIwQY MBaAFHCgtaynMepx8m1j0jwiwSOyuxIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNjQ5ZTUtYTdjYi00MjE4LTkzZTAt NDNlMzE4MDBkZjBjLzEvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9mNjQ5ZTUtYTdjYi00MjE4LTkzZTAtNDNlMzE4MDBkZjBj LzEvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdeQPkFbK ogPMBycsY6zJAmUfKUsS1z20YMksvNQ/iwWSyI507EvDWPnMtEl5+K/AYJMG+6So BlRJ5/JsG0fT86geaand/j3/r2Y8r9PwkEE++VItwHl1wOx7RjVXaYd6yVFkYsC6 hwMFEqmZQlb9qHNE86qMDcH0VrvlQRicy2Kslz9oG1kDxPWOdr2jhPEzs+MtecJP 7CrzFF9dWEPi+QR31bdW85+1od4HI4h3IBY80UBjwJmp/RLlw6+nEVo0OP5im1ug duEbNiKquBOL449pGlDSDNadYF4/LrCvDT68rmjVG4hi5m9rbhHBarzK9woLkLG5 NIZ71lUK3C6XhA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:54:57 2025 by rpki-client