This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft File: PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json) Hash identifier: a6fKDPlqVg07O+nCPgMnltKE7LpEJYIbpNePiZ79JmU= Subject key identifier: D6:5A:F6:77:7E:B2:FB:A4:9B:7E:AF:FA:E6:76:8B:FF:CE:46:38:2B Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F Certificate issuer: /CN=3ceec6c47951b299c70806583d791d50cd816c5f Certificate serial: 019AF31BA4FC3F73B803C63E37CC914764C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft Manifest number: 03B1 Signing time: Sat 06 Dec 2025 10:01:06 +0000 Manifest this update: Sat 06 Dec 2025 10:01:06 +0000 Manifest next update: Sun 07 Dec 2025 10:01:06 +0000 Files and hashes: 1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: LmlRLw2gWtDVQhf16PZj2z2UAZR6drXAl+q+/ZYq8bw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:a4:fc:3f:73:b8:03:c6:3e:37:cc:91:47:64:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f Validity Not Before: Dec 6 10:01:06 2025 GMT Not After : Dec 7 10:01:06 2025 GMT Subject: CN=d65af6777eb2fba49b7eaffae6768bffce46382b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:77:31:43:7f:1e:b6:b9:5f:65:62:90:3a:79: 15:ef:ce:77:cc:c5:2a:88:49:57:f2:27:08:7f:b3: e6:b4:1e:ef:19:67:12:66:8b:e6:a5:af:db:37:55: a2:d4:87:5e:4c:e2:58:aa:26:f9:70:44:8d:fb:7b: 3b:cc:d1:fb:05:91:a1:8f:8d:be:fb:84:49:7b:65: 84:b8:70:fa:95:0c:df:23:62:05:56:6c:c2:1c:5f: 67:60:d4:99:60:6a:02:c9:bc:b9:92:04:15:14:87: 97:d3:15:d6:7a:cc:81:79:b6:46:6d:45:09:21:d5: fd:77:b4:17:9e:ef:20:27:da:fb:4a:03:4a:6a:d4: 93:7a:62:d3:29:11:a2:06:a7:14:c9:a8:a5:d6:be: 3c:56:38:b3:2c:8c:24:f1:b8:36:a6:74:0a:dd:ca: 25:4a:72:f6:06:63:26:9a:48:14:45:e1:38:3d:2d: ad:d3:8c:8d:a1:65:4a:72:26:c1:83:cb:a2:2c:bd: 6d:d5:eb:7f:c7:8e:b0:32:31:85:db:d6:78:7f:c4: 08:f1:49:dc:dc:c2:71:9d:59:d1:5a:b6:92:45:49: 38:72:ae:47:5b:c1:5f:5c:17:56:43:7c:31:60:be: 94:aa:31:e2:5a:08:df:ca:82:bf:41:d8:d2:3c:cd: 0f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:5A:F6:77:7E:B2:FB:A4:9B:7E:AF:FA:E6:76:8B:FF:CE:46:38:2B X509v3 Authority Key Identifier: keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:b9:4c:0c:29:f1:f5:27:42:b8:fc:32:c3:87:9a:53:70:ed: 45:4a:93:a0:cd:3c:ba:3a:78:98:71:18:dc:bd:f1:25:5f:d4: 36:1e:fa:d8:52:db:80:7d:06:67:70:a9:fe:f3:9c:fd:fa:08: 1f:01:93:e4:09:3f:df:65:4c:f8:31:d7:32:23:62:1a:45:74: b8:e9:b0:97:92:b9:47:2a:4f:69:03:16:dd:fa:5c:2e:b8:92: 4b:f1:cd:2f:bd:86:eb:56:73:03:ab:9f:f5:98:84:03:8e:ea: 15:4b:8f:26:f9:6b:48:8d:28:16:b4:d1:9c:19:38:92:3a:e6: f1:83:ff:40:b2:f2:66:85:06:b7:3b:f1:32:c4:67:7a:b9:7d: 0a:a3:53:c3:21:b7:f9:e9:6b:50:03:73:56:32:dd:34:7b:21: 1a:49:f7:8b:9b:3c:69:2c:f6:a6:4f:25:03:7b:82:2c:92:97: 82:52:81:60:75:61:ce:5f:a9:90:2e:b5:85:b2:cc:fe:89:11: 60:08:df:6a:e7:fe:4b:0a:3e:5c:b0:3c:12:c9:d1:fd:08:17: e6:e7:93:2f:7b:a3:4a:7d:cc:1f:e0:c9:8a:52:f3:23:72:c0: fc:b7:b2:57:76:96:9b:af:c1:c3:27:c6:3e:b2:60:b5:5e:98: f0:18:94:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG6T8P3O4A8Y+N8yRR2TJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4 MTZjNWYwHhcNMjUxMjA2MTAwMTA2WhcNMjUxMjA3MTAwMTA2WjAzMTEwLwYDVQQD EyhkNjVhZjY3NzdlYjJmYmE0OWI3ZWFmZmFlNjc2OGJmZmNlNDYzODJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAincxQ38etrlfZWKQOnkV7853zMUq iElX8icIf7PmtB7vGWcSZovmpa/bN1Wi1IdeTOJYqib5cESN+3s7zNH7BZGhj42+ +4RJe2WEuHD6lQzfI2IFVmzCHF9nYNSZYGoCyby5kgQVFIeX0xXWesyBebZGbUUJ IdX9d7QXnu8gJ9r7SgNKatSTemLTKRGiBqcUyail1r48VjizLIwk8bg2pnQK3col SnL2BmMmmkgUReE4PS2t04yNoWVKcibBg8uiLL1t1et/x46wMjGF29Z4f8QI8Unc 3MJxnVnRWraSRUk4cq5HW8FfXBdWQ3wxYL6UqjHiWgjfyoK/QdjSPM0PrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNZa9nd+svukm36v+uZ2i//ORjgrMB8GA1UdIwQY MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1 LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAarlMDCnx 9SdCuPwyw4eaU3DtRUqToM08ujp4mHEY3L3xJV/UNh762FLbgH0GZ3Cp/vOc/foI HwGT5Ak/32VM+DHXMiNiGkV0uOmwl5K5RypPaQMW3fpcLriSS/HNL72G61ZzA6uf 9ZiEA47qFUuPJvlrSI0oFrTRnBk4kjrm8YP/QLLyZoUGtzvxMsRnerl9CqNTwyG3 +elrUANzVjLdNHshGkn3i5s8aSz2pk8lA3uCLJKXglKBYHVhzl+pkC61hbLM/okR YAjfauf+Swo+XLA8EsnR/QgX5ueTL3ujSn3MH+DJilLzI3LA/LeyV3aWm6/BwyfG PrJgtV6Y8BiUVQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:58:59 2025 by rpki-client