This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft File: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft (raw, json) Hash identifier: JjOoRuLAjK06OYz/PN4alWyLeg/ie08EiWVNignFLFQ= Subject key identifier: 97:48:39:3D:6E:DA:2D:A4:FE:54:9D:55:F3:E0:CB:31:08:45:44:8D Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30 Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130 Certificate serial: 019AF352898C59117C2A2BADBB5D969E347D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft Manifest number: 03D1 Signing time: Sat 06 Dec 2025 11:01:03 +0000 Manifest this update: Sat 06 Dec 2025 11:01:03 +0000 Manifest next update: Sun 07 Dec 2025 11:01:03 +0000 Files and hashes: 1: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl (hash: wRJ4KBcArjq0TGYbLd3KtqmEvXruN3vylxus6xOg3bo=) 2: _O0LKSVD2FWQH20B8h-W2BSyf7E.roa (hash: /osVaD1xwsZSvzrjM1Npx7gTyOHOWobbSsuEq9U9lZY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:89:8c:59:11:7c:2a:2b:ad:bb:5d:96:9e:34:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d248185956e443b55b062200f964537bc10bc130 Validity Not Before: Dec 6 11:01:03 2025 GMT Not After : Dec 7 11:01:03 2025 GMT Subject: CN=9748393d6eda2da4fe549d55f3e0cb310845448d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ca:f8:b7:5a:c9:c4:16:13:d8:9e:42:eb:1a: bb:be:ac:07:7a:08:86:97:84:50:cc:30:aa:c7:26: 96:08:fe:fc:03:37:20:9c:dc:e8:e2:85:c9:77:bc: 5c:ad:ef:ea:b4:d8:5b:8d:b6:30:01:89:91:3b:18: 58:ce:1b:a1:b0:1c:f3:9c:e2:c7:f1:91:64:c5:f2: d1:1c:11:25:2e:80:90:29:dc:db:6d:08:56:dd:75: e7:85:7e:c0:28:48:dd:b1:ff:b3:f2:ea:37:d3:02: 69:f8:75:dc:4d:7b:36:2f:f0:90:b6:6e:14:44:bc: e1:04:41:05:e2:dc:1c:8f:95:6c:73:59:40:d0:5d: be:5e:9a:10:e3:08:08:aa:8a:75:05:d0:83:72:01: 41:06:99:c7:03:d2:57:68:1c:6c:e6:47:dc:0a:21: 64:15:4d:a2:da:77:13:d0:96:0f:69:6d:ac:41:57: 21:23:e0:25:e8:58:28:f8:b9:71:f7:e1:1b:d3:ab: 49:aa:ff:33:36:84:80:59:3d:b8:72:6c:9a:d3:d2: 11:64:13:68:f0:ff:cf:04:d3:b7:27:e0:e8:f0:c1: 8b:65:e4:ea:16:03:69:ac:0b:6b:3d:71:fb:aa:20: 17:be:2f:c3:03:f2:7e:1c:f3:e0:50:1b:17:45:ed: 0f:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:48:39:3D:6E:DA:2D:A4:FE:54:9D:55:F3:E0:CB:31:08:45:44:8D X509v3 Authority Key Identifier: keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:c9:40:f6:11:56:6e:0a:14:e4:f7:3a:94:78:05:8d:8a:52: 11:49:1b:8d:71:92:8f:7a:10:ef:50:a1:37:f2:7c:48:61:35: f6:73:be:cf:78:5d:02:6e:bd:af:51:86:07:90:42:86:ea:d5: a8:23:f4:67:04:41:24:40:9a:e3:fb:9a:4d:73:9d:40:08:e2: db:43:3d:7b:25:b7:21:5c:3d:a2:80:3e:7a:67:4a:72:e6:08: e2:d7:6b:20:4c:a5:9c:21:fe:3c:21:da:4a:b7:79:4e:3f:4a: 97:4c:17:22:2f:31:03:b7:84:d3:4f:70:b4:f5:d4:d6:1d:86: 77:c5:66:2b:02:07:9d:82:cc:94:5f:f5:f4:70:d5:b0:90:4f: 0f:29:f2:75:21:eb:91:cb:c5:f9:4c:35:3d:5b:fb:2b:31:34: 3a:a2:31:e4:3e:df:c8:01:72:27:eb:90:63:5f:1b:53:0e:a7: 2b:a2:a2:49:80:96:b8:f6:9f:d2:25:2f:4a:92:b6:6e:eb:41: 45:98:ab:cd:61:75:54:1b:ed:04:92:fb:1d:08:68:5e:37:e1: 34:e5:fd:ce:73:a7:f8:9d:09:32:87:5b:b3:fc:d4:9c:d5:54: b3:b5:d1:9a:dc:25:2e:9a:7e:18:a6:cb:75:23:1e:3d:09:66: 2d:f0:3b:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUomMWRF8Kiutu12WnjR9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw YmMxMzAwHhcNMjUxMjA2MTEwMTAzWhcNMjUxMjA3MTEwMTAzWjAzMTEwLwYDVQQD Eyg5NzQ4MzkzZDZlZGEyZGE0ZmU1NDlkNTVmM2UwY2IzMTA4NDU0NDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsr4t1rJxBYT2J5C6xq7vqwHegiG l4RQzDCqxyaWCP78AzcgnNzo4oXJd7xcre/qtNhbjbYwAYmROxhYzhuhsBzznOLH 8ZFkxfLRHBElLoCQKdzbbQhW3XXnhX7AKEjdsf+z8uo30wJp+HXcTXs2L/CQtm4U RLzhBEEF4twcj5Vsc1lA0F2+XpoQ4wgIqop1BdCDcgFBBpnHA9JXaBxs5kfcCiFk FU2i2ncT0JYPaW2sQVchI+Al6Fgo+Llx9+Eb06tJqv8zNoSAWT24cmya09IRZBNo 8P/PBNO3J+Do8MGLZeTqFgNprAtrPXH7qiAXvi/DA/J+HPPgUBsXRe0PuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJdIOT1u2i2k/lSdVfPgyzEIRUSNMB8GA1UdIwQY MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt YWVhMDU0Y2Y0M2JiLzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL8lA9hFW bgoU5Pc6lHgFjYpSEUkbjXGSj3oQ71ChN/J8SGE19nO+z3hdAm69r1GGB5BChurV qCP0ZwRBJECa4/uaTXOdQAji20M9eyW3IVw9ooA+emdKcuYI4tdrIEylnCH+PCHa Srd5Tj9Kl0wXIi8xA7eE009wtPXU1h2Gd8VmKwIHnYLMlF/19HDVsJBPDynydSHr kcvF+Uw1PVv7KzE0OqIx5D7fyAFyJ+uQY18bUw6nK6KiSYCWuPaf0iUvSpK2butB RZirzWF1VBvtBJL7HQhoXjfhNOX9znOn+J0JModbs/zUnNVUs7XRmtwlLpp+GKbL dSMePQlmLfA74w== -----END CERTIFICATE-----Generated at Sat Dec 6 19:06:18 2025 by rpki-client