This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft File: 0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json) Hash identifier: CgS/W4Zc+wMkkovIqZxrZ6StBRteKSS9Qbje6msyQLU= Subject key identifier: 71:49:89:86:A2:B6:48:68:43:67:B8:1F:E9:0B:7A:10:03:37:95:78 Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2 Certificate issuer: /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2 Certificate serial: 019AF31D00BA61BD83F4560CC2E243B396A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft Manifest number: 12AD Signing time: Sat 06 Dec 2025 10:02:35 +0000 Manifest this update: Sat 06 Dec 2025 10:02:35 +0000 Manifest next update: Sun 07 Dec 2025 10:02:35 +0000 Files and hashes: 1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: LmbMIR6Y2SDaTSsC3KYq/xHPJby88ffn1mLPJz2Fy3g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:00:ba:61:bd:83:f4:56:0c:c2:e2:43:b3:96:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2 Validity Not Before: Dec 6 10:02:35 2025 GMT Not After : Dec 7 10:02:35 2025 GMT Subject: CN=71498986a2b648684367b81fe90b7a1003379578 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:c0:4e:30:1e:70:ea:c5:bb:e6:7c:66:6f:38: cc:1f:ee:19:dd:03:22:68:8b:ea:8e:73:24:2c:1a: 83:b6:72:35:8c:66:35:4b:eb:4a:8d:dd:60:39:ad: 8c:d7:0b:d0:a3:9f:a7:22:58:1e:4b:50:63:df:7d: de:15:fb:8f:7e:d8:95:02:42:97:11:6f:93:c7:de: 76:09:08:f9:6c:f3:b3:69:81:90:ce:11:38:7e:66: 11:47:d5:44:71:20:f5:c8:57:d3:b4:bc:7f:18:54: 5d:bd:6a:f6:2f:a2:69:14:dd:a8:9d:b1:a8:cd:3d: 7f:22:c8:19:42:a5:1e:3b:63:de:29:ed:d2:09:80: f6:89:a6:13:1e:8c:f4:db:0e:6f:33:fe:6c:5f:05: 72:3a:ea:fd:ce:7a:f2:7a:7a:37:b4:ba:a1:74:81: fd:11:22:d6:a9:bd:91:47:85:7f:1f:3c:70:1e:ad: 97:fa:a5:d5:ec:de:75:bd:56:5b:93:0b:5d:3a:10: d6:be:46:ea:0f:63:af:bd:cd:06:7c:b7:6c:1a:b6: 10:98:d6:3a:df:ae:e1:db:9c:db:6a:eb:49:75:be: c1:73:79:ac:dc:51:a4:80:17:12:8f:1e:17:f7:84: 60:b7:ba:5b:7c:21:28:75:2a:e4:64:43:18:41:e8: 56:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:49:89:86:A2:B6:48:68:43:67:B8:1F:E9:0B:7A:10:03:37:95:78 X509v3 Authority Key Identifier: keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:72:95:70:15:fa:91:f6:78:b4:b3:6c:98:d6:8e:a6:e6:f8: 9e:8a:16:a8:bc:24:26:e1:d6:95:d5:d2:a7:8d:25:83:81:74: d9:48:b3:ea:7f:1a:19:b1:58:84:3c:9c:28:f8:76:50:39:2a: 70:c4:c4:1d:8c:85:18:b1:a7:9a:52:14:4b:98:b3:38:7c:b5: df:d0:00:f7:86:3d:6b:74:32:b4:c6:6d:71:97:bb:5a:b7:ba: a3:66:f4:44:a4:b0:47:2a:f9:65:07:63:e6:49:cc:22:28:2c: 3b:21:84:94:e3:a3:25:60:ac:dc:b4:e9:3f:70:9d:54:c7:f9: e4:c6:88:8a:f3:30:bf:9c:f5:c3:10:79:85:c1:b3:2f:3d:6e: 50:75:51:da:eb:ea:94:24:b8:f7:f4:73:9b:4a:e5:52:2a:17: 5f:e5:80:c5:c6:c2:b0:8c:53:b3:84:2d:0a:e8:e8:46:df:fb: ab:31:a0:79:44:59:1b:f0:f6:3b:e4:15:eb:2d:b3:8b:1d:38: a3:2f:3f:11:b6:ea:5c:d2:7a:78:44:45:b8:63:03:94:e5:8c: 19:76:c6:3f:80:6b:4e:44:04:0b:62:92:46:50:2b:8b:50:49: 37:e3:a2:74:ff:6c:00:43:ce:94:a4:de:e3:f3:d9:d6:86:cd: f0:a4:da:0d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHQC6Yb2D9FYMwuJDs5akMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4 ZjljYzIwHhcNMjUxMjA2MTAwMjM1WhcNMjUxMjA3MTAwMjM1WjAzMTEwLwYDVQQD Eyg3MTQ5ODk4NmEyYjY0ODY4NDM2N2I4MWZlOTBiN2ExMDAzMzc5NTc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucBOMB5w6sW75nxmbzjMH+4Z3QMi aIvqjnMkLBqDtnI1jGY1S+tKjd1gOa2M1wvQo5+nIlgeS1Bj333eFfuPftiVAkKX EW+Tx952CQj5bPOzaYGQzhE4fmYRR9VEcSD1yFfTtLx/GFRdvWr2L6JpFN2onbGo zT1/IsgZQqUeO2PeKe3SCYD2iaYTHoz02w5vM/5sXwVyOur9znryeno3tLqhdIH9 ESLWqb2RR4V/HzxwHq2X+qXV7N51vVZbkwtdOhDWvkbqD2Ovvc0GfLdsGrYQmNY6 367h25zbautJdb7Bc3ms3FGkgBcSjx4X94Rgt7pbfCEodSrkZEMYQehWSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHFJiYaitkhoQ2e4H+kLehADN5V4MB8GA1UdIwQY MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYnKVcBX6 kfZ4tLNsmNaOpub4nooWqLwkJuHWldXSp40lg4F02Uiz6n8aGbFYhDycKPh2UDkq cMTEHYyFGLGnmlIUS5izOHy139AA94Y9a3QytMZtcZe7Wre6o2b0RKSwRyr5ZQdj 5knMIigsOyGElOOjJWCs3LTpP3CdVMf55MaIivMwv5z1wxB5hcGzLz1uUHVR2uvq lCS49/Rzm0rlUioXX+WAxcbCsIxTs4QtCujoRt/7qzGgeURZG/D2O+QV6y2zix04 oy8/EbbqXNJ6eERFuGMDlOWMGXbGP4BrTkQEC2KSRlAri1BJN+OidP9sAEPOlKTe 4/PZ1obN8KTaDQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:14:59 2025 by rpki-client