This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft File: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft (raw, json) Hash identifier: DmVEP8dxvcUtuyO2z9qBy97kqA1ZFBFOvG1TYj1eITA= Subject key identifier: 18:5A:54:6C:58:DC:D1:D8:93:4B:DC:79:A6:88:6D:5C:82:A2:8A:FA Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09 Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909 Certificate serial: 019AF2AE01C6FF472D2AF5392997FC6971CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 08:01:21 +0000 Manifest this update: Sat 06 Dec 2025 08:01:21 +0000 Manifest next update: Sun 07 Dec 2025 08:01:21 +0000 Files and hashes: 1: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl (hash: vb9NzNjQiLVu/66Q4GNQzcWWEuEJhUhtL5y01l84np0=) 2: uFIkyOKWSzQfZzP96vWM093yaBY.roa (hash: TWsqJU2I8/yV3h8FtJmMbNc3AlR1EJP1BU5hPExE0mk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ae:01:c6:ff:47:2d:2a:f5:39:29:97:fc:69:71:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909 Validity Not Before: Dec 6 08:01:21 2025 GMT Not After : Dec 7 08:01:21 2025 GMT Subject: CN=185a546c58dcd1d8934bdc79a6886d5c82a28afa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f9:ac:f6:b3:c0:61:16:ca:ea:0d:98:d7:3e: 8d:9c:51:6e:7b:69:0e:0c:61:98:ca:3c:e8:9f:e9: 00:3f:cf:52:9b:23:b1:62:8c:65:e5:88:ea:c3:e6: c0:da:84:ad:e0:12:1f:88:66:27:d1:b0:e9:65:a2: 22:73:bd:99:c6:57:ac:a5:49:d5:6c:aa:3a:01:fe: 55:c3:3d:47:c7:3c:5c:37:6e:95:14:5e:e6:2a:51: ea:01:38:84:5c:ec:80:b6:92:e7:fd:12:ca:00:61: 13:e3:34:39:3b:76:ee:e7:d0:12:20:ef:ed:73:10: 03:02:29:45:11:c1:d7:9f:49:3c:06:3f:7d:62:d0: 09:be:e6:70:5d:e3:f6:59:ea:b4:27:1f:ec:b6:f8: 2e:2e:ba:21:75:36:e1:39:e0:ac:db:a9:c2:a5:c8: b5:1c:97:70:5b:b1:f3:64:1c:cb:2e:b9:a2:39:36: 16:61:89:f8:f1:b8:6d:ab:30:34:92:f3:58:e9:5a: 6c:b2:7d:31:5a:b8:71:81:45:a8:7d:cb:9f:b1:5a: 03:b8:dd:59:6f:11:2f:d8:43:e0:2d:5d:35:aa:89: b5:61:4a:c7:81:3c:e3:b6:04:f1:d1:8c:c4:7d:8e: a9:b6:17:b4:fe:81:6c:de:e9:84:68:f6:0a:c2:f0: f5:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:5A:54:6C:58:DC:D1:D8:93:4B:DC:79:A6:88:6D:5C:82:A2:8A:FA X509v3 Authority Key Identifier: keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:bf:fd:24:89:91:7b:78:3d:84:81:7e:7b:18:4b:1a:fd:db: ce:5b:ef:ad:26:31:ed:35:a5:1d:2c:bd:42:12:c5:15:f3:02: 21:73:c9:00:8f:d9:c1:ac:4f:09:23:28:26:30:26:c7:3f:dd: ad:e7:b3:2f:82:53:ea:b0:b5:0f:0b:38:5b:10:e1:c8:20:ef: dd:d0:0e:fc:88:2a:52:64:cb:81:2f:db:17:c5:4d:a5:ac:d5: cf:49:df:10:f0:10:e5:27:b0:80:c8:b9:0d:61:42:79:c6:ff: 29:e2:fc:41:7b:11:2c:cf:fb:93:41:56:da:e2:1b:27:6d:98: 5a:65:c8:43:8a:ca:b0:93:b8:da:b6:ac:23:b5:29:00:98:94: 66:86:de:e0:6c:ff:33:70:2e:38:33:dd:b6:c0:0c:78:25:e5: 69:13:b6:42:82:07:7f:0a:7d:0b:fd:72:a2:79:43:61:45:07: e2:ca:af:01:7f:23:51:d5:f4:68:06:71:34:b0:d1:05:83:41: 98:44:be:a3:b0:cf:60:d6:9a:1e:49:ad:eb:fb:c7:10:11:56: 84:ef:66:0c:3f:0b:86:46:a1:57:b8:83:07:c1:d3:70:c9:76: c6:1a:97:aa:8e:fc:5f:b7:4c:51:d9:37:39:72:b7:9d:ae:4f: 31:d5:c4:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrgHG/0ctKvU5KZf8aXHOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz MmE5MDkwHhcNMjUxMjA2MDgwMTIxWhcNMjUxMjA3MDgwMTIxWjAzMTEwLwYDVQQD EygxODVhNTQ2YzU4ZGNkMWQ4OTM0YmRjNzlhNjg4NmQ1YzgyYTI4YWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvms9rPAYRbK6g2Y1z6NnFFue2kO DGGYyjzon+kAP89SmyOxYoxl5Yjqw+bA2oSt4BIfiGYn0bDpZaIic72ZxlespUnV bKo6Af5Vwz1HxzxcN26VFF7mKlHqATiEXOyAtpLn/RLKAGET4zQ5O3bu59ASIO/t cxADAilFEcHXn0k8Bj99YtAJvuZwXeP2Weq0Jx/stvguLrohdTbhOeCs26nCpci1 HJdwW7HzZBzLLrmiOTYWYYn48bhtqzA0kvNY6Vpssn0xWrhxgUWofcufsVoDuN1Z bxEv2EPgLV01qom1YUrHgTzjtgTx0YzEfY6pthe0/oFs3umEaPYKwvD1aQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBhaVGxY3NHYk0vceaaIbVyCoor6MB8GA1UdIwQY MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt Njk3NWNhZGIyMjYyLzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlb/9JImR e3g9hIF+exhLGv3bzlvvrSYx7TWlHSy9QhLFFfMCIXPJAI/ZwaxPCSMoJjAmxz/d reezL4JT6rC1Dws4WxDhyCDv3dAO/IgqUmTLgS/bF8VNpazVz0nfEPAQ5SewgMi5 DWFCecb/KeL8QXsRLM/7k0FW2uIbJ22YWmXIQ4rKsJO42rasI7UpAJiUZobe4Gz/ M3AuODPdtsAMeCXlaRO2QoIHfwp9C/1yonlDYUUH4sqvAX8jUdX0aAZxNLDRBYNB mES+o7DPYNaaHkmt6/vHEBFWhO9mDD8LhkahV7iDB8HTcMl2xhqXqo78X7dMUdk3 OXK3na5PMdXEuA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:56:20 2025 by rpki-client