This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft File: PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json) Hash identifier: IONyupRrPw6ZtkGDOEInCKMdlrzJAlDOAj3lnItn19k= Subject key identifier: 1D:20:C7:F9:97:A3:11:FC:8D:56:18:6A:1F:A6:6F:43:22:CF:39:4D Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F Certificate issuer: /CN=3ceec6c47951b299c70806583d791d50cd816c5f Certificate serial: 019B30E8E06FBB11CFC7BDFC6743E7A14A39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft Manifest number: 03D1 Signing time: Thu 18 Dec 2025 10:02:06 +0000 Manifest this update: Thu 18 Dec 2025 10:02:06 +0000 Manifest next update: Fri 19 Dec 2025 10:02:06 +0000 Files and hashes: 1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: EtM8P5O2qMGf+XC8tasnV9mX27ea2cOliPXlNtDfovE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 10:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e8:e0:6f:bb:11:cf:c7:bd:fc:67:43:e7:a1:4a:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f Validity Not Before: Dec 18 10:02:06 2025 GMT Not After : Dec 19 10:02:06 2025 GMT Subject: CN=1d20c7f997a311fc8d56186a1fa66f4322cf394d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:87:19:96:bc:da:fd:28:af:90:d6:b9:d6:d2: 50:4e:35:68:48:d8:5d:52:cd:38:ef:83:39:25:d4: 8a:1c:af:df:d7:c0:f3:72:25:f1:6b:4a:c0:1c:dc: 67:72:36:d4:1a:0e:e5:94:f2:1c:43:93:e2:fa:5a: 9a:d1:ba:7e:2a:8e:f0:c6:96:d5:5b:06:9c:f1:22: 6e:b5:79:0a:3d:34:4e:39:9c:b6:47:c0:27:4e:7d: c9:68:2a:a7:bf:81:19:82:68:f3:4e:13:c5:72:c3: c1:11:25:32:5b:2f:e1:47:3b:ee:1e:bc:ac:c4:08: ed:9b:fa:fb:1b:19:64:82:4c:e3:1e:4c:25:eb:53: 19:80:03:4f:b1:c1:fe:a0:bc:a7:38:08:35:a7:51: 31:7f:d2:c6:70:a6:f8:87:66:44:43:fd:ed:7d:68: 2f:58:d5:4d:1a:f0:db:89:72:0d:63:de:c6:c2:d7: a0:f5:e9:ce:81:bc:59:5e:5b:4d:b4:bd:46:16:e2: 62:8c:35:34:1d:66:bd:3b:ab:a6:bb:f9:84:06:6a: 77:f1:62:09:9d:ee:a4:ab:7c:78:9d:84:9c:07:e5: bd:0e:72:f5:0b:2a:63:75:9a:8c:58:4a:68:66:1c: 40:9d:24:6a:87:ba:a6:86:d4:43:cb:8c:94:71:8b: 5d:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:20:C7:F9:97:A3:11:FC:8D:56:18:6A:1F:A6:6F:43:22:CF:39:4D X509v3 Authority Key Identifier: keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:c6:ea:41:8c:11:7e:7f:f0:65:87:a3:85:cd:e1:b5:9a:44: e7:a5:71:88:b4:4e:c4:e3:be:3e:8c:c4:14:e9:d6:8a:12:96: 3f:e7:98:bf:5a:99:5b:d2:9b:27:fd:52:5a:0a:05:23:9b:01: 60:4e:81:ae:5d:2c:65:0e:3f:f4:9f:44:af:46:f1:e3:27:8e: a4:da:cc:3a:ca:1c:77:d5:33:0b:71:32:8b:43:ec:0d:3a:74: 78:cb:e2:24:64:90:2b:e1:1e:f5:af:41:a1:7b:84:9d:77:81: ad:11:a2:00:44:21:91:8d:87:d5:5b:7b:e3:16:27:e7:67:01: 62:9f:c0:ed:cb:0a:82:5e:50:cf:ca:0d:20:c8:eb:d8:1c:40: 8c:b4:94:b8:56:c4:8b:33:42:20:7e:b8:19:8b:67:aa:98:8b: 80:a7:a7:f0:c7:b6:f2:94:02:e1:1f:20:53:cb:5c:85:5b:d1: 92:82:1e:ea:08:d9:6f:48:a9:47:76:f5:6c:ed:39:e5:3d:eb: e1:7b:6a:e1:8a:10:0f:04:bb:4e:a9:e6:f1:8a:21:af:c8:b2: 78:8e:4d:bb:f8:5c:62:e7:43:53:bb:be:3e:0f:50:64:a8:cf: 9f:f7:a0:60:fe:ef:17:01:7b:b2:79:fd:09:7d:2e:1c:bb:2d: 12:00:b4:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw6OBvuxHPx738Z0PnoUo5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4 MTZjNWYwHhcNMjUxMjE4MTAwMjA2WhcNMjUxMjE5MTAwMjA2WjAzMTEwLwYDVQQD EygxZDIwYzdmOTk3YTMxMWZjOGQ1NjE4NmExZmE2NmY0MzIyY2YzOTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYcZlrza/SivkNa51tJQTjVoSNhd Us0474M5JdSKHK/f18DzciXxa0rAHNxncjbUGg7llPIcQ5Pi+lqa0bp+Ko7wxpbV Wwac8SJutXkKPTROOZy2R8AnTn3JaCqnv4EZgmjzThPFcsPBESUyWy/hRzvuHrys xAjtm/r7GxlkgkzjHkwl61MZgANPscH+oLynOAg1p1Exf9LGcKb4h2ZEQ/3tfWgv WNVNGvDbiXINY97Gwteg9enOgbxZXltNtL1GFuJijDU0HWa9O6umu/mEBmp38WIJ ne6kq3x4nYScB+W9DnL1CypjdZqMWEpoZhxAnSRqh7qmhtRDy4yUcYtdywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB0gx/mXoxH8jVYYah+mb0MizzlNMB8GA1UdIwQY MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1 LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPsbqQYwR fn/wZYejhc3htZpE56VxiLROxOO+PozEFOnWihKWP+eYv1qZW9KbJ/1SWgoFI5sB YE6Brl0sZQ4/9J9Er0bx4yeOpNrMOsocd9UzC3Eyi0PsDTp0eMviJGSQK+Ee9a9B oXuEnXeBrRGiAEQhkY2H1Vt74xYn52cBYp/A7csKgl5Qz8oNIMjr2BxAjLSUuFbE izNCIH64GYtnqpiLgKen8Me28pQC4R8gU8tchVvRkoIe6gjZb0ipR3b1bO055T3r 4Xtq4YoQDwS7Tqnm8Yohr8iyeI5Nu/hcYudDU7u+Pg9QZKjPn/egYP7vFwF7snn9 CX0uHLstEgC0uw== -----END CERTIFICATE-----Generated at Thu Dec 18 14:17:38 2025 by rpki-client