This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft File: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json) Hash identifier: WLUs+oAm3gH4tO1169Ii7hFmCvcUPhQLloI/ValqYOs= Subject key identifier: 0A:AF:06:9F:36:5E:B6:D5:88:53:1B:B5:93:F2:A4:E2:25:20:44:4F Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC Certificate issuer: /CN=d271e4ed8425383f6c81c21a4894a43763675efc Certificate serial: 019AF276B3A302CFA18E2BAAD8E75BA8A4A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft Manifest number: 0269 Signing time: Sat 06 Dec 2025 07:00:56 +0000 Manifest this update: Sat 06 Dec 2025 07:00:56 +0000 Manifest next update: Sun 07 Dec 2025 07:00:56 +0000 Files and hashes: 1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: 0RcdaJs8/MgHekRvTvoy9uPruYw7TlkR/ry61+Ls7/k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:b3:a3:02:cf:a1:8e:2b:aa:d8:e7:5b:a8:a4:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc Validity Not Before: Dec 6 07:00:56 2025 GMT Not After : Dec 7 07:00:56 2025 GMT Subject: CN=0aaf069f365eb6d588531bb593f2a4e22520444f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:c7:d3:f8:9d:34:92:1b:34:bc:1d:25:c3:6d: a1:b2:7a:f4:9b:f8:00:cb:4a:6e:79:a0:bd:a0:c0: e0:bb:73:9f:66:07:f8:60:cd:5b:48:03:38:c4:e4: 0b:d6:52:b2:15:85:a4:1d:af:07:fa:f5:4f:4c:7b: 8d:2a:26:f5:18:28:e8:24:6f:ee:ea:e8:1e:6d:15: af:8e:c2:d3:e3:5a:79:aa:0d:a9:1c:b7:9a:a3:99: e8:e4:de:aa:1d:0f:bb:dd:81:cb:7c:b7:c9:80:ae: dc:7b:74:6b:0e:f7:b3:b5:e6:09:e8:1a:46:ae:b0: 87:be:9a:01:be:a3:b5:96:16:e1:f3:bf:cb:61:a9: a3:d1:e6:ca:51:74:39:96:1d:c3:33:35:66:71:ca: c7:df:33:a2:da:dc:bf:04:bf:b4:79:10:9c:54:09: 32:c8:6d:11:d5:76:78:77:ab:39:9c:49:34:cf:ee: de:d2:38:8a:f4:73:b0:99:92:cd:06:85:38:d5:58: 58:c4:e3:ad:c6:5d:11:f3:bf:0e:30:c9:31:42:fe: 72:db:f7:e4:6a:10:c3:be:b4:1b:bd:c0:78:00:a8: 5a:4c:0d:de:c5:a6:f7:db:95:e3:c9:b4:85:68:57: e0:b7:99:fe:87:99:f7:1a:0f:49:28:ce:3f:47:9b: 1a:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:AF:06:9F:36:5E:B6:D5:88:53:1B:B5:93:F2:A4:E2:25:20:44:4F X509v3 Authority Key Identifier: keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:e1:74:d6:e0:6c:db:8f:ac:a1:a5:cc:83:5a:42:ad:64:4f: 59:4e:0e:8c:92:0f:42:6b:84:6e:d0:f7:db:24:9d:30:ed:71: df:29:cd:e1:82:cd:a3:e1:59:1b:4c:9a:41:c1:b8:5a:02:63: 1c:6d:90:f4:5c:61:b4:2d:50:49:7f:01:af:31:2c:3b:0f:0e: c5:e3:18:fa:d5:81:39:97:d3:44:dc:ee:5c:a7:13:04:cb:ff: a9:29:59:54:b2:b2:1b:5c:03:e7:16:1c:60:cf:67:ca:77:aa: 32:a1:0d:e4:e3:cd:d4:83:bc:97:5b:1f:62:c0:c3:b0:44:ae: 02:57:37:c7:0a:62:5f:fb:cd:52:5c:b3:68:db:42:b5:94:3c: 67:b2:f3:e7:8c:dd:72:12:e7:a2:c2:3d:9b:52:8a:16:b0:a5: b3:01:5a:4c:06:5f:86:30:8f:99:97:b1:2f:8b:0d:0d:bb:36: 00:a2:78:59:b9:a0:55:ab:86:77:46:45:9b:f3:ad:b7:b8:25: 27:12:5b:ef:58:11:bd:3f:ee:04:1c:6d:37:57:92:fb:8c:0a: 7d:3b:d2:00:ca:1f:54:b4:d1:25:e0:7a:b9:e6:df:d1:9f:bc: 76:0b:4f:1f:3a:02:d5:2f:f8:a2:2e:3c:3f:83:09:ed:b0:e4: cc:73:44:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydrOjAs+hjiuq2OdbqKSmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2 NzVlZmMwHhcNMjUxMjA2MDcwMDU2WhcNMjUxMjA3MDcwMDU2WjAzMTEwLwYDVQQD EygwYWFmMDY5ZjM2NWViNmQ1ODg1MzFiYjU5M2YyYTRlMjI1MjA0NDRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncfT+J00khs0vB0lw22hsnr0m/gA y0pueaC9oMDgu3OfZgf4YM1bSAM4xOQL1lKyFYWkHa8H+vVPTHuNKib1GCjoJG/u 6ugebRWvjsLT41p5qg2pHLeao5no5N6qHQ+73YHLfLfJgK7ce3RrDvezteYJ6BpG rrCHvpoBvqO1lhbh87/LYamj0ebKUXQ5lh3DMzVmccrH3zOi2ty/BL+0eRCcVAky yG0R1XZ4d6s5nEk0z+7e0jiK9HOwmZLNBoU41VhYxOOtxl0R878OMMkxQv5y2/fk ahDDvrQbvcB4AKhaTA3exab325XjybSFaFfgt5n+h5n3Gg9JKM4/R5saAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAqvBp82XrbViFMbtZPypOIlIERPMB8GA1UdIwQY MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJOF01uBs 24+soaXMg1pCrWRPWU4OjJIPQmuEbtD32ySdMO1x3ynN4YLNo+FZG0yaQcG4WgJj HG2Q9FxhtC1QSX8BrzEsOw8OxeMY+tWBOZfTRNzuXKcTBMv/qSlZVLKyG1wD5xYc YM9nyneqMqEN5OPN1IO8l1sfYsDDsESuAlc3xwpiX/vNUlyzaNtCtZQ8Z7Lz54zd chLnosI9m1KKFrClswFaTAZfhjCPmZexL4sNDbs2AKJ4WbmgVauGd0ZFm/Ott7gl JxJb71gRvT/uBBxtN1eS+4wKfTvSAMofVLTRJeB6uebf0Z+8dgtPHzoC1S/4oi48 P4MJ7bDkzHNEig== -----END CERTIFICATE-----Generated at Sat Dec 6 11:43:27 2025 by rpki-client