This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft File: 0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft (raw, json) Hash identifier: mEasGUCTnPKKcUPnmI/4XKxxjU2QIhDmhvZKF7Gp02I= Subject key identifier: D0:5C:C5:CF:45:07:01:44:8D:A1:C1:4B:6A:AF:73:93:93:45:12:27 Authority key identifier: D2:B3:6A:D2:8E:52:1E:DA:B4:B4:DE:A3:49:A2:77:72:D4:B2:A7:BE Certificate issuer: /CN=d2b36ad28e521edab4b4dea349a27772d4b2a7be Certificate serial: 019AF163FCF8648BECBE6130ECDA91185BD7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft Manifest number: 14A5 Signing time: Sat 06 Dec 2025 02:00:52 +0000 Manifest this update: Sat 06 Dec 2025 02:00:52 +0000 Manifest next update: Sun 07 Dec 2025 02:00:52 +0000 Files and hashes: 1: 0rNq0o5SHtq0tN6jSaJ3ctSyp74.crl (hash: viqh3q5rhzE+92ckJBPzPFlY+OasZVu7IrLQu03Shcs=) 2: 5tz1cuLC3Spal7LSIEjI-Qlcl6U.roa (hash: XSoR4/ODhnGd0USG7NRxHx6V9kNwJuT3OUfa19EcNCE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:63:fc:f8:64:8b:ec:be:61:30:ec:da:91:18:5b:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2b36ad28e521edab4b4dea349a27772d4b2a7be Validity Not Before: Dec 6 02:00:52 2025 GMT Not After : Dec 7 02:00:52 2025 GMT Subject: CN=d05cc5cf450701448da1c14b6aaf739393451227 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d7:e5:50:1f:78:c6:ea:34:d0:1d:6a:59:cb: 1f:95:46:04:ee:14:24:d7:af:03:2b:40:6d:f9:eb: 8c:bd:91:b4:f1:76:81:cc:3c:a6:86:70:74:0a:f6: c4:c9:81:b4:17:b1:43:14:22:b0:0c:b3:a4:8c:1e: c6:83:d9:f5:bd:fa:ec:de:4f:2b:2b:8d:73:78:8b: f3:71:7b:0d:96:9e:36:b5:c8:0c:cf:e9:b2:13:ac: 6e:0f:53:6f:ce:0c:20:11:f0:fe:17:38:c5:4d:b2: cc:d1:1e:23:0f:86:3c:60:3e:4b:7a:b8:90:ec:f8: ae:aa:55:bc:e8:fc:37:89:75:ed:97:68:54:18:7c: 24:f2:44:46:62:81:cc:ee:b9:7a:c7:7e:cd:94:ef: 19:1f:90:18:70:42:68:cb:c3:70:16:97:6a:6e:0a: 73:c2:47:4c:1b:27:76:29:95:bc:78:67:c7:d8:de: 51:00:cd:8c:fe:57:a7:67:cd:a9:06:bd:89:d8:f9: 53:40:aa:5f:44:6f:97:32:83:f4:9c:4a:30:a2:73: 2e:ea:39:a2:3b:7c:b3:a3:60:99:bd:d1:7e:3b:4a: 07:5a:18:a1:00:91:32:b5:21:b1:1c:22:2f:20:a5: 01:2e:e8:f0:7f:ae:26:4d:c1:30:6a:b9:41:42:6a: 5e:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:5C:C5:CF:45:07:01:44:8D:A1:C1:4B:6A:AF:73:93:93:45:12:27 X509v3 Authority Key Identifier: keyid:D2:B3:6A:D2:8E:52:1E:DA:B4:B4:DE:A3:49:A2:77:72:D4:B2:A7:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:fb:5d:87:8f:5b:a4:f1:c5:44:8c:e8:84:8a:e4:92:70:23: 0f:82:2a:fc:f2:95:a7:06:2f:74:a2:94:5e:fe:e4:a6:cf:d9: e6:93:e3:31:4b:21:91:ca:8e:56:7b:a7:c5:c8:61:58:7a:e0: c4:cb:38:06:ac:a8:6b:f7:ba:56:44:b5:1d:21:66:48:f4:fd: 71:ae:ba:03:9c:c2:ea:1b:eb:24:4c:3e:f5:21:bf:c4:17:0d: 5b:a7:c2:b9:c4:ce:f2:82:97:95:a3:00:c5:2a:43:f7:c2:d0: cf:8d:9c:c1:3b:ae:73:35:7c:93:5e:14:c7:80:73:cc:08:7c: f0:62:5b:3a:c0:b8:08:8e:11:a0:24:a3:e1:66:ed:de:5e:f3: 09:db:e1:30:4f:f8:fa:ed:da:87:b9:b9:1c:1e:dd:84:df:b7: bf:f6:5a:57:e6:02:7d:63:fe:7e:f7:2b:ba:d9:dc:95:32:f9: ba:86:6a:d9:a7:5d:aa:72:48:e0:7b:96:4b:df:0f:20:69:9d: 8c:27:69:60:cc:d7:14:ca:22:ce:4d:09:e1:88:49:c0:c6:08: e3:72:65:bd:bb:7d:a5:38:e4:60:34:2c:77:dc:85:3a:58:2a: 8d:a9:46:93:23:43:63:31:dd:75:b3:17:79:f7:b5:c1:9d:c5: 0d:3e:52:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxY/z4ZIvsvmEw7NqRGFvXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYjM2YWQyOGU1MjFlZGFiNGI0ZGVhMzQ5YTI3NzcyZDRi MmE3YmUwHhcNMjUxMjA2MDIwMDUyWhcNMjUxMjA3MDIwMDUyWjAzMTEwLwYDVQQD EyhkMDVjYzVjZjQ1MDcwMTQ0OGRhMWMxNGI2YWFmNzM5MzkzNDUxMjI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9flUB94xuo00B1qWcsflUYE7hQk 168DK0Bt+euMvZG08XaBzDymhnB0CvbEyYG0F7FDFCKwDLOkjB7Gg9n1vfrs3k8r K41zeIvzcXsNlp42tcgMz+myE6xuD1NvzgwgEfD+FzjFTbLM0R4jD4Y8YD5LeriQ 7PiuqlW86Pw3iXXtl2hUGHwk8kRGYoHM7rl6x37NlO8ZH5AYcEJoy8NwFpdqbgpz wkdMGyd2KZW8eGfH2N5RAM2M/lenZ82pBr2J2PlTQKpfRG+XMoP0nEowonMu6jmi O3yzo2CZvdF+O0oHWhihAJEytSGxHCIvIKUBLujwf64mTcEwarlBQmpekQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNBcxc9FBwFEjaHBS2qvc5OTRRInMB8GA1UdIwQY MBaAFNKzatKOUh7atLTeo0mid3LUsqe+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHJOcTBvNVNIdHEwdE42alNhSjNjdFN5cDc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zYTlhMGItZDQyNC00ZWNhLWE5Mzgt OTJhODc3YmIxOWY3LzEvMHJOcTBvNVNIdHEwdE42alNhSjNjdFN5cDc0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8zYTlhMGItZDQyNC00ZWNhLWE5MzgtOTJhODc3YmIxOWY3 LzEvMHJOcTBvNVNIdHEwdE42alNhSjNjdFN5cDc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOftdh49b pPHFRIzohIrkknAjD4Iq/PKVpwYvdKKUXv7kps/Z5pPjMUshkcqOVnunxchhWHrg xMs4Bqyoa/e6VkS1HSFmSPT9ca66A5zC6hvrJEw+9SG/xBcNW6fCucTO8oKXlaMA xSpD98LQz42cwTuuczV8k14Ux4BzzAh88GJbOsC4CI4RoCSj4Wbt3l7zCdvhME/4 +u3ah7m5HB7dhN+3v/ZaV+YCfWP+fvcrutnclTL5uoZq2addqnJI4HuWS98PIGmd jCdpYMzXFMoizk0J4YhJwMYI43Jlvbt9pTjkYDQsd9yFOlgqjalGkyNDYzHddbMX efe1wZ3FDT5Ssg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:07 2025 by rpki-client