This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft File: 0cpnYQKGq3OPhs6TX99e1iDwLZY.mft (raw, json) Hash identifier: +zda3nMa9IiQcnhrTz1l3RnM9LrEsqfMMh86tRnCPAE= Subject key identifier: 56:FF:1C:AF:98:62:18:95:26:F4:6F:C5:2C:B0:5E:82:07:29:0F:C5 Authority key identifier: D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96 Certificate issuer: /CN=d1ca67610286ab738f86ce935fdf5ed620f02d96 Certificate serial: 019AF23FF81C461CF1F1D8D66871DE96982A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft Manifest number: 065A Signing time: Sat 06 Dec 2025 06:01:09 +0000 Manifest this update: Sat 06 Dec 2025 06:01:09 +0000 Manifest next update: Sun 07 Dec 2025 06:01:09 +0000 Files and hashes: 1: 0cpnYQKGq3OPhs6TX99e1iDwLZY.crl (hash: jBF+sxd3hL+FultpnLK1hJH1bLcsjYpRL+X1DeZMu8g=) 2: oFJn2DbPMhZS_Tmm-DmxNkpMyhE.roa (hash: Y5qFxScEcaicbV90jLVdvKg9QlaEEdGk/0uix/Osd6k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:f8:1c:46:1c:f1:f1:d8:d6:68:71:de:96:98:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1ca67610286ab738f86ce935fdf5ed620f02d96 Validity Not Before: Dec 6 06:01:09 2025 GMT Not After : Dec 7 06:01:09 2025 GMT Subject: CN=56ff1caf9862189526f46fc52cb05e8207290fc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:dc:14:3c:d1:1e:a8:2d:17:d5:83:78:7e:96: 73:78:04:23:c1:10:a9:6d:d8:19:d5:89:a4:a6:4b: 12:37:09:bc:ba:1b:5d:73:4e:3d:a0:75:c0:3f:f9: b6:2b:8f:d1:64:b5:1c:fc:ed:2d:ee:1c:33:84:1e: 32:86:98:99:1d:ae:ec:cd:be:2b:a4:75:bc:96:fc: c0:af:3c:6c:bf:5b:9b:96:eb:6c:49:3d:39:9e:cb: 9a:ef:a5:ff:09:2e:e6:57:68:4a:c5:66:91:af:63: c8:f5:42:c7:2e:0c:5a:4f:eb:b5:a4:ba:d7:45:43: 92:39:09:a6:3c:11:15:46:48:fe:8d:22:98:e5:b4: 3a:d5:27:43:20:b5:40:0f:16:d2:1e:f4:0c:15:4b: 67:aa:f0:ff:88:4c:81:d4:1c:06:dd:f8:01:e4:93: d4:e3:57:5c:c3:a4:30:83:b1:36:df:62:13:41:33: 12:44:5e:93:20:a0:8a:dd:56:94:63:bb:95:73:d7: 9e:1a:10:7c:c5:82:d2:49:08:01:56:4b:71:09:44: 51:e7:fe:e8:04:62:cf:c4:52:61:19:6a:d9:55:23: a6:54:32:d4:42:5e:d4:36:ed:c1:6a:fd:18:da:de: 57:76:69:f1:7d:17:3c:85:36:bb:8b:c2:b8:da:8d: 89:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:FF:1C:AF:98:62:18:95:26:F4:6F:C5:2C:B0:5E:82:07:29:0F:C5 X509v3 Authority Key Identifier: keyid:D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:e6:6d:3f:89:03:81:ce:a7:5c:12:2f:6b:63:38:26:9e:d0: 45:00:9f:9f:de:41:74:bd:6e:e6:50:8d:0d:02:ce:8c:0d:18: 77:4d:04:bb:42:6a:8e:c4:d2:c9:46:f9:24:a7:c1:f7:6e:14: 92:d0:25:df:41:72:6f:29:f3:8b:69:b1:4b:54:2e:97:28:1c: 6f:a1:6d:bd:8f:a2:c9:9b:f2:d9:ff:60:c7:f0:28:8c:79:8e: 19:6a:1f:f4:5c:f2:bf:29:0d:cf:f9:af:28:fc:dc:f7:a0:19: f5:df:d7:9e:5a:4e:15:b0:a4:1f:2b:1c:4a:03:15:bb:77:c6: 05:90:02:c9:62:52:b0:c2:c9:ae:a4:7a:a3:f2:b8:d4:24:73: 15:30:1a:89:fa:4b:f9:7a:65:ef:5e:ad:78:ca:69:f6:47:0b: 94:77:a2:2a:7d:17:d0:8f:a3:80:71:47:1d:87:d3:36:1c:20: 22:d7:c6:ee:3d:df:f0:cd:7f:62:76:b1:45:10:bf:9b:2f:6c: ce:fd:da:ad:93:fd:74:48:8d:00:f0:a8:3a:f0:b5:86:20:5a: 5c:bb:83:20:c1:4c:9d:b7:e4:dc:15:8e:80:e9:c9:81:22:ab: 4a:58:ae:98:41:30:33:b0:82:44:b6:05:46:5d:a4:72:f4:4a: ec:e5:a6:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP/gcRhzx8djWaHHelpgqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxY2E2NzYxMDI4NmFiNzM4Zjg2Y2U5MzVmZGY1ZWQ2MjBm MDJkOTYwHhcNMjUxMjA2MDYwMTA5WhcNMjUxMjA3MDYwMTA5WjAzMTEwLwYDVQQD Eyg1NmZmMWNhZjk4NjIxODk1MjZmNDZmYzUyY2IwNWU4MjA3MjkwZmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtwUPNEeqC0X1YN4fpZzeAQjwRCp bdgZ1YmkpksSNwm8uhtdc049oHXAP/m2K4/RZLUc/O0t7hwzhB4yhpiZHa7szb4r pHW8lvzArzxsv1ublutsST05nsua76X/CS7mV2hKxWaRr2PI9ULHLgxaT+u1pLrX RUOSOQmmPBEVRkj+jSKY5bQ61SdDILVADxbSHvQMFUtnqvD/iEyB1BwG3fgB5JPU 41dcw6Qwg7E232ITQTMSRF6TIKCK3VaUY7uVc9eeGhB8xYLSSQgBVktxCURR5/7o BGLPxFJhGWrZVSOmVDLUQl7UNu3Bav0Y2t5XdmnxfRc8hTa7i8K42o2J+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFb/HK+YYhiVJvRvxSywXoIHKQ/FMB8GA1UdIwQY MBaAFNHKZ2EChqtzj4bOk1/fXtYg8C2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUt MzViZmY5NmRhNGM1LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUtMzViZmY5NmRhNGM1 LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAROZtP4kD gc6nXBIva2M4Jp7QRQCfn95BdL1u5lCNDQLOjA0Yd00Eu0JqjsTSyUb5JKfB924U ktAl30Fybynzi2mxS1Qulygcb6FtvY+iyZvy2f9gx/AojHmOGWof9FzyvykNz/mv KPzc96AZ9d/XnlpOFbCkHyscSgMVu3fGBZACyWJSsMLJrqR6o/K41CRzFTAaifpL +Xpl716teMpp9kcLlHeiKn0X0I+jgHFHHYfTNhwgItfG7j3f8M1/YnaxRRC/my9s zv3arZP9dEiNAPCoOvC1hiBaXLuDIMFMnbfk3BWOgOnJgSKrSliumEEwM7CCRLYF Rl2kcvRK7OWm+g== -----END CERTIFICATE-----Generated at Sat Dec 6 15:19:28 2025 by rpki-client