This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft File: R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json) Hash identifier: FwPLghrDIaocr4inyFq42dX88MLt2+Kbk9MKMgb0Xwc= Subject key identifier: CA:59:0C:A0:E2:D2:9D:6A:11:91:18:2D:74:F7:3D:B5:76:01:FB:D4 Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6 Certificate issuer: /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6 Certificate serial: 019AF50ACF083BD20C76581A394241A2E7DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft Manifest number: 0195 Signing time: Sat 06 Dec 2025 19:01:57 +0000 Manifest this update: Sat 06 Dec 2025 19:01:57 +0000 Manifest next update: Sun 07 Dec 2025 19:01:57 +0000 Files and hashes: 1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: OTYEtd4V4Ql33O59tu5TV6M/xasucja2sgXzq/1hQwU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:cf:08:3b:d2:0c:76:58:1a:39:42:41:a2:e7:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6 Validity Not Before: Dec 6 19:01:57 2025 GMT Not After : Dec 7 19:01:57 2025 GMT Subject: CN=ca590ca0e2d29d6a1191182d74f73db57601fbd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:86:31:16:19:17:75:95:ad:6b:cc:8e:15:3e: 41:2a:85:c7:be:0a:3d:81:e4:fd:56:15:9d:39:be: c0:8c:f8:87:96:7a:13:25:fe:c0:63:b8:ad:02:21: 52:91:45:80:07:fa:4c:cf:ec:27:c9:c4:fd:52:76: f4:05:e9:3c:97:bb:32:94:11:52:39:47:8d:05:50: b8:8c:93:ff:e9:71:5f:3d:14:6c:91:ff:88:8d:47: 1a:44:ae:99:14:59:6a:e2:cb:4e:83:72:9f:b6:b6: 96:25:f7:f2:35:0a:8c:ef:b3:32:d6:5f:d1:87:dd: 8c:36:4c:69:81:ef:e7:7a:b3:41:10:6a:ff:3b:a9: 6e:f6:49:82:2d:37:cc:c3:38:c8:0e:fb:74:b2:20: ee:39:54:36:a7:e4:dd:17:67:9a:c2:21:81:61:fd: c2:bd:54:bb:2a:75:18:37:d8:c3:56:69:cb:4b:9e: 70:46:00:13:db:ee:d7:88:d4:51:a5:3b:9c:a4:95: ff:8e:d6:d8:26:e3:1c:02:be:ae:29:1e:4d:19:b1: 1a:e4:fd:1c:ad:71:b4:c3:92:76:9c:e5:71:85:32: 49:0d:89:a0:94:5c:e8:62:c0:fb:78:b0:ad:a4:24: 3b:c3:a4:f0:62:e1:d9:f7:b9:7b:34:99:7e:62:90: d3:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:59:0C:A0:E2:D2:9D:6A:11:91:18:2D:74:F7:3D:B5:76:01:FB:D4 X509v3 Authority Key Identifier: keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:d9:09:0d:33:c8:19:8d:12:9a:56:cc:27:b6:e3:c6:d1:05: 79:a3:bb:74:bd:35:71:39:70:6c:3f:e9:58:09:f3:df:c7:6a: c4:09:3c:9a:ed:6b:e6:f3:fd:2d:31:e7:44:b3:d6:5a:bf:77: 26:1b:e2:1c:de:3e:1a:dd:c9:3c:f8:d7:8d:52:47:65:0a:f4: c9:57:dd:48:21:05:80:5f:1e:c7:d0:eb:13:a7:ee:13:28:c3: 08:40:05:f1:7e:ef:02:d8:31:c0:f1:e2:fc:c6:79:b7:b6:65: dc:1c:e1:ea:ab:dd:5f:c2:08:e5:1b:15:c4:e5:08:bf:ef:1f: 39:08:cb:cc:64:73:ce:88:74:59:39:d8:27:e2:03:ce:24:5a: 91:b6:00:12:60:b8:28:a9:3f:1c:60:2f:23:fb:56:d7:71:fa: 06:29:50:a4:10:ab:82:e8:4a:82:35:1a:09:eb:01:1a:0a:e2: af:a6:78:43:d3:1b:04:58:94:42:2d:b2:f5:6a:bb:cb:80:83: 93:df:a0:d9:52:76:86:a0:8e:19:5b:09:94:ee:c9:e6:ae:37: 9b:e5:f3:8e:0f:ad:c4:c1:31:28:60:da:c7:25:08:e1:f5:89: 50:7f:35:dd:14:8b:15:a6:5c:51:de:51:5c:7c:c2:0d:25:15: 73:91:38:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cs8IO9IMdlgaOUJBoufbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh OTg4YjYwHhcNMjUxMjA2MTkwMTU3WhcNMjUxMjA3MTkwMTU3WjAzMTEwLwYDVQQD EyhjYTU5MGNhMGUyZDI5ZDZhMTE5MTE4MmQ3NGY3M2RiNTc2MDFmYmQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YYxFhkXdZWta8yOFT5BKoXHvgo9 geT9VhWdOb7AjPiHlnoTJf7AY7itAiFSkUWAB/pMz+wnycT9Unb0Bek8l7sylBFS OUeNBVC4jJP/6XFfPRRskf+IjUcaRK6ZFFlq4stOg3KftraWJffyNQqM77My1l/R h92MNkxpge/nerNBEGr/O6lu9kmCLTfMwzjIDvt0siDuOVQ2p+TdF2eawiGBYf3C vVS7KnUYN9jDVmnLS55wRgAT2+7XiNRRpTucpJX/jtbYJuMcAr6uKR5NGbEa5P0c rXG0w5J2nOVxhTJJDYmglFzoYsD7eLCtpCQ7w6TwYuHZ97l7NJl+YpDTSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMpZDKDi0p1qEZEYLXT3PbV2AfvUMB8GA1UdIwQY MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQNkJDTPI GY0SmlbMJ7bjxtEFeaO7dL01cTlwbD/pWAnz38dqxAk8mu1r5vP9LTHnRLPWWr93 JhviHN4+Gt3JPPjXjVJHZQr0yVfdSCEFgF8ex9DrE6fuEyjDCEAF8X7vAtgxwPHi /MZ5t7Zl3Bzh6qvdX8II5RsVxOUIv+8fOQjLzGRzzoh0WTnYJ+IDziRakbYAEmC4 KKk/HGAvI/tW13H6BilQpBCrguhKgjUaCesBGgrir6Z4Q9MbBFiUQi2y9Wq7y4CD k9+g2VJ2hqCOGVsJlO7J5q43m+Xzjg+txMExKGDaxyUI4fWJUH813RSLFaZcUd5R XHzCDSUVc5E4Lg== -----END CERTIFICATE-----Generated at Sat Dec 6 23:12:06 2025 by rpki-client