This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft File: oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json) Hash identifier: Y8uqJc02EkG66MsRbX8LzMKVIgZCJ8vE7yPgG2/GcJ0= Subject key identifier: 56:08:52:3D:5F:C1:75:33:88:94:E1:C8:64:6E:18:79:B5:E3:8F:4F Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB Certificate issuer: /CN=a0252fe9b42a643f477e5846619aae886917effb Certificate serial: 019AF209578D9F52E46366F8A0CB51FB0B17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft Manifest number: 154A Signing time: Sat 06 Dec 2025 05:01:29 +0000 Manifest this update: Sat 06 Dec 2025 05:01:29 +0000 Manifest next update: Sun 07 Dec 2025 05:01:29 +0000 Files and hashes: 1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: 1VNx0C45miEQsCikXw3rf4mU8HwzozpV+s5HR0ayL7E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:57:8d:9f:52:e4:63:66:f8:a0:cb:51:fb:0b:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb Validity Not Before: Dec 6 05:01:29 2025 GMT Not After : Dec 7 05:01:29 2025 GMT Subject: CN=5608523d5fc175338894e1c8646e1879b5e38f4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:6c:a7:ba:6a:2d:85:b0:ef:a5:1e:b0:7d:32: f7:26:8e:96:a6:d5:b3:72:14:08:47:a1:8f:9f:fa: 14:ef:3a:f5:4c:e3:a4:6c:5d:eb:45:a1:d9:ce:99: 4a:aa:dd:eb:11:6e:49:99:17:71:fa:ae:e9:41:a1: b7:b0:d2:07:02:85:8e:0f:07:69:ac:29:55:59:7c: 7b:33:c2:d4:35:3b:74:7d:ea:79:74:98:42:9c:33: 74:6b:f7:39:23:ce:66:59:50:72:c1:48:ba:7c:3e: 04:94:3d:45:58:93:0d:79:ee:04:3c:96:4b:02:55: fb:b3:61:cf:03:08:d8:db:a5:ad:5a:0f:bb:4a:77: e3:f2:29:bb:28:f6:8c:d2:de:fa:57:ed:87:92:6c: 56:15:34:2f:da:fe:f8:2c:c5:a5:66:f6:4f:e6:23: 82:83:ab:82:ba:6d:fc:cc:6d:c9:04:35:14:e9:65: 90:71:6b:2b:08:92:98:36:fe:bb:08:cc:15:8f:b9: c5:18:87:2d:46:a5:0c:15:e9:f1:f7:13:cd:40:33: d8:c3:5d:bc:27:5d:89:d4:28:51:d7:6a:4d:cb:3b: 07:54:ef:5b:b0:2b:a4:47:56:69:d4:11:73:09:30: d3:41:3b:9b:2d:3e:2d:ff:0b:b3:e6:5c:bd:e2:ed: c0:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:08:52:3D:5F:C1:75:33:88:94:E1:C8:64:6E:18:79:B5:E3:8F:4F X509v3 Authority Key Identifier: keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:c0:ab:44:b8:8c:19:62:db:2e:35:a2:68:b9:d5:04:e9:0d: 00:6c:de:1f:1d:ea:4f:8e:9a:7a:3f:1a:8c:91:53:60:13:98: 72:45:3a:42:1c:9f:46:22:22:6e:93:a7:bd:fd:40:0d:38:45: 1e:96:7d:ef:b4:e4:45:69:12:38:6e:c8:4e:d6:80:b6:9a:7e: 4f:35:c3:a7:3e:6d:6d:57:54:2f:6e:09:e9:5d:e9:c5:94:f8: f4:17:dc:f2:e3:8d:67:cc:8e:0c:47:15:cd:76:85:38:88:5d: d4:5d:d6:5c:34:db:b0:95:cf:77:30:56:63:4c:c0:ff:78:88: e2:19:fd:ce:f8:39:58:62:30:f8:a6:5f:f7:d7:6b:3c:4f:95: 4c:c7:10:56:ca:0f:06:66:93:88:6b:b6:66:c2:dc:6e:45:21: d2:71:31:30:82:8a:2b:a9:f8:3a:c4:75:c3:3d:77:08:fe:36: 37:49:f8:7d:ef:be:f0:2e:57:31:31:2c:6a:57:d8:40:de:94: da:f3:d1:b3:70:14:a4:66:07:ee:8b:39:35:63:f5:bf:0b:d6: 0c:84:19:a1:35:b9:f8:94:7d:8a:01:1f:6c:4d:99:04:e6:da: f8:69:16:d8:4a:95:70:e8:6b:0f:8d:2b:ee:3b:15:2c:39:aa: 8a:f7:86:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCVeNn1LkY2b4oMtR+wsXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx N2VmZmIwHhcNMjUxMjA2MDUwMTI5WhcNMjUxMjA3MDUwMTI5WjAzMTEwLwYDVQQD Eyg1NjA4NTIzZDVmYzE3NTMzODg5NGUxYzg2NDZlMTg3OWI1ZTM4ZjRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WynumothbDvpR6wfTL3Jo6WptWz chQIR6GPn/oU7zr1TOOkbF3rRaHZzplKqt3rEW5JmRdx+q7pQaG3sNIHAoWODwdp rClVWXx7M8LUNTt0fep5dJhCnDN0a/c5I85mWVBywUi6fD4ElD1FWJMNee4EPJZL AlX7s2HPAwjY26WtWg+7Snfj8im7KPaM0t76V+2HkmxWFTQv2v74LMWlZvZP5iOC g6uCum38zG3JBDUU6WWQcWsrCJKYNv67CMwVj7nFGIctRqUMFenx9xPNQDPYw128 J12J1ChR12pNyzsHVO9bsCukR1Zp1BFzCTDTQTubLT4t/wuz5ly94u3A2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFYIUj1fwXUziJThyGRuGHm1449PMB8GA1UdIwQY MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3 LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8CrRLiM GWLbLjWiaLnVBOkNAGzeHx3qT46aej8ajJFTYBOYckU6QhyfRiIibpOnvf1ADThF HpZ977TkRWkSOG7ITtaAtpp+TzXDpz5tbVdUL24J6V3pxZT49Bfc8uONZ8yODEcV zXaFOIhd1F3WXDTbsJXPdzBWY0zA/3iI4hn9zvg5WGIw+KZf99drPE+VTMcQVsoP BmaTiGu2ZsLcbkUh0nExMIKKK6n4OsR1wz13CP42N0n4fe++8C5XMTEsalfYQN6U 2vPRs3AUpGYH7os5NWP1vwvWDIQZoTW5+JR9igEfbE2ZBOba+GkW2EqVcOhrD40r 7jsVLDmqiveGDw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:07:31 2025 by rpki-client