This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft File: soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json) Hash identifier: isTzLeh19+LvadHVbDBRlU61OAQ2RfsuxD1TjUF1J1w= Subject key identifier: 28:70:67:2C:18:78:2B:A6:F4:9C:55:F6:25:1D:06:D4:94:8E:64:C2 Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9 Certificate issuer: /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9 Certificate serial: 019B34C4D6D542D3C501BC8AE168BEF5FBDE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft Manifest number: 1226 Signing time: Fri 19 Dec 2025 04:01:13 +0000 Manifest this update: Fri 19 Dec 2025 04:01:13 +0000 Manifest next update: Sat 20 Dec 2025 04:01:13 +0000 Files and hashes: 1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: 2X9P5IJCcpb90BNwNduYVnjSjGu4siZ/RYDQdADtcFc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:d6:d5:42:d3:c5:01:bc:8a:e1:68:be:f5:fb:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9 Validity Not Before: Dec 19 04:01:13 2025 GMT Not After : Dec 20 04:01:13 2025 GMT Subject: CN=2870672c18782ba6f49c55f6251d06d4948e64c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:93:d2:fe:76:12:ce:77:5e:17:49:a8:bb:3a: 13:3a:a5:d1:c6:26:6e:f0:ad:3b:c7:4d:14:32:9b: 16:9c:3f:09:10:43:e1:45:3e:15:bb:b0:f5:7e:8d: 30:fb:62:09:25:c9:dd:86:d2:62:dc:99:43:fa:09: 0f:96:38:23:b3:2b:53:31:6d:ea:16:80:1e:6a:70: 1c:fb:78:fd:88:69:bb:b2:13:2a:91:b1:60:86:7b: bc:d0:dc:12:08:e8:d1:e6:bb:1a:af:28:28:ac:fd: b6:05:f5:8d:8d:85:f7:fe:ca:44:dd:c9:3b:7e:98: 6a:9f:25:7b:6f:3c:ca:e9:39:11:ae:ef:a1:19:bb: bb:4a:6e:5d:9d:d2:23:23:32:f8:2a:50:bd:e1:f1: e1:b1:35:5f:a0:cf:f5:a6:ac:d8:ba:63:5b:dc:03: 01:50:28:8b:bc:77:2e:d5:1a:dc:c3:9a:6a:89:2a: 28:22:25:d3:b5:67:e5:7a:c7:46:8f:56:20:2d:d1: f8:4a:8b:71:8b:b0:d6:fd:6a:17:9d:d6:32:c7:83: af:b7:88:f9:a3:4b:10:4f:66:79:96:bf:16:eb:b5: 5d:5c:22:42:3c:ed:9d:1b:ec:18:6f:82:86:99:a3: 47:19:13:9f:7e:84:5b:66:ed:b1:d8:35:76:c5:ac: 71:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:70:67:2C:18:78:2B:A6:F4:9C:55:F6:25:1D:06:D4:94:8E:64:C2 X509v3 Authority Key Identifier: keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:10:16:37:00:14:b5:b4:c5:42:f8:a4:da:f9:fb:68:a9:21: e7:1c:15:a9:fb:16:34:34:bd:d4:d2:09:c1:ef:af:32:b3:e1: a6:9a:60:9b:c0:f2:da:19:ef:47:9a:32:b7:07:2a:c4:95:7b: 07:70:b8:d7:50:21:64:2d:16:b1:e9:a4:6c:8f:61:f7:4f:ec: 01:ec:e6:c7:e2:31:67:90:90:1d:81:f9:95:59:1c:39:d2:83: 8f:7b:db:6c:79:13:44:02:f3:7e:5d:a7:4b:f1:d8:3f:56:ea: d3:db:30:ee:e3:2f:e5:f5:e6:f3:fe:55:23:53:7e:e3:15:f7: af:b5:f6:da:3b:64:1d:b7:34:a0:c3:9e:d9:cd:93:09:8e:ce: e2:c8:da:00:1b:df:a8:68:4a:72:25:38:67:ac:fa:75:ed:6e: 52:a8:a7:85:92:04:c8:75:fc:ec:67:63:ef:b0:76:58:6a:99: 5a:4e:3a:79:6d:98:05:5e:ca:79:4a:10:ef:79:c2:23:22:6a: f3:a2:19:60:6c:4d:b1:d4:89:8f:d3:60:5a:35:a8:69:87:cd: 71:04:df:53:ec:d6:29:d7:08:a1:7a:9b:03:50:1e:48:e7:1b: fb:01:e9:53:8c:be:fe:7c:17:89:b6:19:2e:19:7e:77:7e:95: ee:ab:05:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xNbVQtPFAbyK4Wi+9fveMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4 ZjE0YjkwHhcNMjUxMjE5MDQwMTEzWhcNMjUxMjIwMDQwMTEzWjAzMTEwLwYDVQQD EygyODcwNjcyYzE4NzgyYmE2ZjQ5YzU1ZjYyNTFkMDZkNDk0OGU2NGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJPS/nYSzndeF0mouzoTOqXRxiZu 8K07x00UMpsWnD8JEEPhRT4Vu7D1fo0w+2IJJcndhtJi3JlD+gkPljgjsytTMW3q FoAeanAc+3j9iGm7shMqkbFghnu80NwSCOjR5rsarygorP22BfWNjYX3/spE3ck7 fphqnyV7bzzK6TkRru+hGbu7Sm5dndIjIzL4KlC94fHhsTVfoM/1pqzYumNb3AMB UCiLvHcu1Rrcw5pqiSooIiXTtWflesdGj1YgLdH4Sotxi7DW/WoXndYyx4Ovt4j5 o0sQT2Z5lr8W67VdXCJCPO2dG+wYb4KGmaNHGROffoRbZu2x2DV2xaxxHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFChwZywYeCum9JxV9iUdBtSUjmTCMB8GA1UdIwQY MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghAWNwAU tbTFQvik2vn7aKkh5xwVqfsWNDS91NIJwe+vMrPhpppgm8Dy2hnvR5oytwcqxJV7 B3C411AhZC0WsemkbI9h90/sAezmx+IxZ5CQHYH5lVkcOdKDj3vbbHkTRALzfl2n S/HYP1bq09sw7uMv5fXm8/5VI1N+4xX3r7X22jtkHbc0oMOe2c2TCY7O4sjaABvf qGhKciU4Z6z6de1uUqinhZIEyHX87Gdj77B2WGqZWk46eW2YBV7KeUoQ73nCIyJq 86IZYGxNsdSJj9NgWjWoaYfNcQTfU+zWKdcIoXqbA1AeSOcb+wHpU4y+/nwXibYZ Lhl+d36V7qsFQA== -----END CERTIFICATE-----Generated at Fri Dec 19 08:06:36 2025 by rpki-client