This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft File: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json) Hash identifier: VTqbHEMKJ6ztlagXGeu8TAvPq7OcyaBXG0yF7pZVvnY= Subject key identifier: 16:F4:AD:F6:4C:A6:3D:A3:21:58:41:B7:2A:6D:55:9E:3E:9E:F6:3F Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF Certificate issuer: /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf Certificate serial: 019AF389591C25C4F3DEB9365001CC646C40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft Manifest number: 05B8 Signing time: Sat 06 Dec 2025 12:00:55 +0000 Manifest this update: Sat 06 Dec 2025 12:00:55 +0000 Manifest next update: Sun 07 Dec 2025 12:00:55 +0000 Files and hashes: 1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: a/a5LbTKeBvijxKcw6XLjt7M/CSz5IL+168JO3sEqLU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:59:1c:25:c4:f3:de:b9:36:50:01:cc:64:6c:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf Validity Not Before: Dec 6 12:00:55 2025 GMT Not After : Dec 7 12:00:55 2025 GMT Subject: CN=16f4adf64ca63da3215841b72a6d559e3e9ef63f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:2f:6a:3f:53:cf:64:92:39:13:f8:8c:60:15: 1e:87:5c:0e:2e:de:96:aa:a5:37:60:cf:ec:a0:d6: ac:8e:5b:3f:31:1a:e0:30:3a:fc:39:9e:04:be:1d: eb:aa:1e:02:e7:41:1a:ac:77:f5:a5:5c:cc:a3:b5: 8c:e5:7e:45:4d:a9:24:51:1c:18:ac:14:c3:f7:6d: c0:37:11:b3:67:90:f4:72:13:63:ce:77:ad:31:ec: bb:58:cb:c6:de:b7:f6:25:5a:63:56:07:94:c8:03: c4:79:58:cb:98:05:c5:03:56:89:2c:26:68:d0:ef: 2d:d5:45:ed:52:5c:21:26:7c:99:52:cd:ef:7a:03: 31:4c:f6:14:8b:c6:b5:08:2d:72:a8:45:b7:72:b8: c2:73:81:f0:5c:e5:39:d7:4c:b2:a7:fa:f2:0c:e7: ce:ed:77:89:68:b3:22:9e:30:2b:4c:73:6a:bc:3f: 5b:a3:10:bd:e3:a3:e1:66:57:72:0a:3a:23:fe:5b: 53:c2:63:f5:44:50:0d:7b:b1:04:14:ea:15:bf:56: 20:b5:97:d9:9e:b6:67:5b:bc:6a:61:4b:d2:7c:57: 76:45:0c:ae:30:3c:50:72:dc:40:4b:62:3f:c5:34: 30:9d:69:f8:33:68:dd:77:b1:52:a3:ee:88:2e:c7: 0b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:F4:AD:F6:4C:A6:3D:A3:21:58:41:B7:2A:6D:55:9E:3E:9E:F6:3F X509v3 Authority Key Identifier: keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:fa:3d:be:b6:76:e5:aa:9d:ec:7b:5f:3c:22:42:06:68:67: e3:1e:fb:8a:70:99:ec:e7:27:f7:41:5f:75:0b:92:a8:63:0d: a8:37:d4:d0:65:49:09:db:ce:cf:b3:33:af:f2:e4:4b:80:d3: 82:83:66:4a:69:3e:30:1f:0a:c5:d8:96:37:8e:2f:33:5f:7f: f3:3c:1a:72:dd:94:9f:b8:da:77:00:e0:60:a4:99:3e:e4:5e: e8:17:b8:1d:b4:47:e2:b2:55:53:f7:d8:0a:a8:5b:ea:a5:7a: 28:7c:d5:49:14:f6:27:b9:6f:ad:08:33:8d:35:94:47:20:d6: 64:29:27:f1:b0:17:c6:af:da:01:af:00:93:0c:58:4c:10:31: e9:60:bf:4e:e8:6b:bc:fd:79:d7:21:bd:e5:dc:f8:df:a9:37: 0c:6d:f3:76:35:3e:f2:e0:6d:a5:f2:d3:4b:40:c2:a3:5d:05: 3c:bb:4f:ff:02:eb:b2:7a:a7:ca:30:5b:db:93:a9:17:77:24: 35:82:f2:b9:85:48:9c:b3:5a:2f:fa:1c:0b:26:e0:ee:0c:1d: fe:a4:ac:e3:52:25:14:33:f8:ee:d2:63:9b:74:99:30:03:09: 03:06:69:c4:d2:f5:e2:86:f8:69:85:7c:88:fa:a6:5d:ca:7c: 65:1e:a7:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziVkcJcTz3rk2UAHMZGxAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm MTFkYmYwHhcNMjUxMjA2MTIwMDU1WhcNMjUxMjA3MTIwMDU1WjAzMTEwLwYDVQQD EygxNmY0YWRmNjRjYTYzZGEzMjE1ODQxYjcyYTZkNTU5ZTNlOWVmNjNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyS9qP1PPZJI5E/iMYBUeh1wOLt6W qqU3YM/soNasjls/MRrgMDr8OZ4Evh3rqh4C50EarHf1pVzMo7WM5X5FTakkURwY rBTD923ANxGzZ5D0chNjznetMey7WMvG3rf2JVpjVgeUyAPEeVjLmAXFA1aJLCZo 0O8t1UXtUlwhJnyZUs3vegMxTPYUi8a1CC1yqEW3crjCc4HwXOU510yyp/ryDOfO 7XeJaLMinjArTHNqvD9boxC946PhZldyCjoj/ltTwmP1RFANe7EEFOoVv1YgtZfZ nrZnW7xqYUvSfFd2RQyuMDxQctxAS2I/xTQwnWn4M2jdd7FSo+6ILscLXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBb0rfZMpj2jIVhBtyptVZ4+nvY/MB8GA1UdIwQY MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAifo9vrZ2 5aqd7HtfPCJCBmhn4x77inCZ7Ocn90FfdQuSqGMNqDfU0GVJCdvOz7Mzr/LkS4DT goNmSmk+MB8KxdiWN44vM19/8zwact2Un7jadwDgYKSZPuRe6Be4HbRH4rJVU/fY Cqhb6qV6KHzVSRT2J7lvrQgzjTWURyDWZCkn8bAXxq/aAa8AkwxYTBAx6WC/Tuhr vP151yG95dz436k3DG3zdjU+8uBtpfLTS0DCo10FPLtP/wLrsnqnyjBb25OpF3ck NYLyuYVInLNaL/ocCybg7gwd/qSs41IlFDP47tJjm3SZMAMJAwZpxNL14ob4aYV8 iPqmXcp8ZR6njA== -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:48 2025 by rpki-client