This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft File: 0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json) Hash identifier: AXpkR7C4vGSjR8YmY4f8U6TdQRWIDLlmbAT384v+hCQ= Subject key identifier: 50:25:62:71:C4:73:2C:20:E4:22:93:32:A5:E0:26:1C:C9:DD:3C:28 Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A Certificate issuer: /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a Certificate serial: 019AF31C0F5449FA357C966EF9227CFCBE26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft Manifest number: 0EC2 Signing time: Sat 06 Dec 2025 10:01:33 +0000 Manifest this update: Sat 06 Dec 2025 10:01:33 +0000 Manifest next update: Sun 07 Dec 2025 10:01:33 +0000 Files and hashes: 1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: eaczCgQfWGsH6ttxi4LnBK62DVY597mxNe1hVCnsnUU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:0f:54:49:fa:35:7c:96:6e:f9:22:7c:fc:be:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a Validity Not Before: Dec 6 10:01:33 2025 GMT Not After : Dec 7 10:01:33 2025 GMT Subject: CN=50256271c4732c20e4229332a5e0261cc9dd3c28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b4:85:f9:4e:79:9e:f8:c2:a5:17:2e:60:9e: 54:b1:29:03:f1:6c:bd:9e:05:9d:2b:ca:c3:2b:44: 71:29:4d:51:83:26:e7:dc:44:0e:29:a2:28:6e:3c: 85:50:f2:c9:ed:70:f2:b8:ac:0e:9d:32:67:c7:3e: 51:f1:2c:b6:4b:37:19:a8:93:14:85:ef:d9:d2:24: 49:5a:1a:e6:c7:a7:ea:96:e0:c1:4b:31:57:cc:6f: 74:55:95:8a:b7:b0:c0:1e:01:0d:45:41:ae:d7:5b: f7:5e:51:35:b2:da:18:e1:17:e9:38:83:18:e7:a8: 78:c8:e1:d0:eb:f5:f4:f0:00:8b:c5:f3:ac:38:74: 31:dc:56:a9:c3:43:17:3a:e5:b5:1a:13:52:d2:74: 0c:f9:21:55:bd:1e:08:74:61:db:24:ac:61:13:96: 2b:20:9e:46:52:62:8b:c9:59:75:a7:6a:79:e5:cc: e3:83:dd:e9:e5:3f:42:fb:fb:dc:b5:82:d5:5f:65: 4c:9d:85:d2:a0:84:e2:1f:22:2f:9a:ee:12:ea:4d: bd:b8:5a:7f:ec:6b:3d:1e:c1:f1:cb:34:84:a0:9c: 4c:17:30:25:99:7e:c3:90:51:b4:b4:6d:ed:d3:f6: 41:b5:68:bb:b4:bd:85:4f:0e:c8:86:c9:48:6d:98: 0f:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:25:62:71:C4:73:2C:20:E4:22:93:32:A5:E0:26:1C:C9:DD:3C:28 X509v3 Authority Key Identifier: keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:e2:63:15:1e:04:db:62:2d:04:6c:46:29:99:52:be:fd:a3: ba:52:75:18:e5:5d:94:fd:83:9e:c4:6f:a1:89:d1:1c:b8:ac: f4:33:91:4a:91:ce:d9:40:9a:de:91:6f:89:8d:92:e8:8f:1d: e2:4b:6b:c3:4d:d8:4e:fb:36:91:c4:e4:60:e8:38:6c:61:b8: ec:e8:a3:7e:3a:2b:6c:6d:54:42:f1:31:45:3d:ec:db:0a:e0: 80:33:66:88:40:37:b8:74:02:16:49:5f:76:78:a5:8e:93:f5: 17:92:d7:c0:9b:6b:72:6a:11:72:39:f5:1e:9e:2a:65:18:8f: 81:44:5f:00:37:d1:9e:2f:17:c9:9a:08:da:30:72:0b:17:10: da:a1:9f:99:0c:15:f5:87:cf:9f:c2:c1:a1:07:03:37:ef:31: 88:7f:2c:f4:92:1a:ad:1e:48:8d:cf:f6:88:7e:6e:7f:47:36: fe:fd:12:27:af:d5:6a:66:54:4e:07:9d:02:38:dc:84:2b:4c: 20:5c:87:8b:89:c7:bb:d1:c4:e1:a2:77:2a:dc:be:05:9a:0b: a7:b7:09:dc:f7:e8:f0:42:e1:5e:6c:87:dc:dc:87:40:27:6b: 95:ac:f1:3e:08:c9:82:45:69:95:b6:a7:ca:dc:37:56:56:48: a1:cc:bb:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHA9USfo1fJZu+SJ8/L4mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1 ODdmM2EwHhcNMjUxMjA2MTAwMTMzWhcNMjUxMjA3MTAwMTMzWjAzMTEwLwYDVQQD Eyg1MDI1NjI3MWM0NzMyYzIwZTQyMjkzMzJhNWUwMjYxY2M5ZGQzYzI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobSF+U55nvjCpRcuYJ5UsSkD8Wy9 ngWdK8rDK0RxKU1Rgybn3EQOKaIobjyFUPLJ7XDyuKwOnTJnxz5R8Sy2SzcZqJMU he/Z0iRJWhrmx6fqluDBSzFXzG90VZWKt7DAHgENRUGu11v3XlE1stoY4RfpOIMY 56h4yOHQ6/X08ACLxfOsOHQx3Fapw0MXOuW1GhNS0nQM+SFVvR4IdGHbJKxhE5Yr IJ5GUmKLyVl1p2p55czjg93p5T9C+/vctYLVX2VMnYXSoITiHyIvmu4S6k29uFp/ 7Gs9HsHxyzSEoJxMFzAlmX7DkFG0tG3t0/ZBtWi7tL2FTw7IhslIbZgPfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFAlYnHEcywg5CKTMqXgJhzJ3TwoMB8GA1UdIwQY MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0 LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPOJjFR4E 22ItBGxGKZlSvv2julJ1GOVdlP2DnsRvoYnRHLis9DORSpHO2UCa3pFviY2S6I8d 4ktrw03YTvs2kcTkYOg4bGG47OijfjorbG1UQvExRT3s2wrggDNmiEA3uHQCFklf dniljpP1F5LXwJtrcmoRcjn1Hp4qZRiPgURfADfRni8XyZoI2jByCxcQ2qGfmQwV 9YfPn8LBoQcDN+8xiH8s9JIarR5Ijc/2iH5uf0c2/v0SJ6/VamZUTgedAjjchCtM IFyHi4nHu9HE4aJ3Kty+BZoLp7cJ3Pfo8ELhXmyH3NyHQCdrlazxPgjJgkVplban ytw3VlZIocy7mg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:17:32 2025 by rpki-client