This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft File: 0mKOBpte2LRVk0O1tn9atPkiUf4.mft (raw, json) Hash identifier: iIIxkZmttPBHh949TE9FuzGl3tmbkd7N8WMwAq08Di0= Subject key identifier: B9:AB:9D:6D:88:89:AB:78:FC:EB:61:A8:85:E5:95:E9:71:2A:78:81 Authority key identifier: D2:62:8E:06:9B:5E:D8:B4:55:93:43:B5:B6:7F:5A:B4:F9:22:51:FE Certificate issuer: /CN=d2628e069b5ed8b4559343b5b67f5ab4f92251fe Certificate serial: 019AFCFABCA5140043F0887FD8470941DD68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mKOBpte2LRVk0O1tn9atPkiUf4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft Manifest number: 02B2 Signing time: Mon 08 Dec 2025 08:01:21 +0000 Manifest this update: Mon 08 Dec 2025 08:01:21 +0000 Manifest next update: Tue 09 Dec 2025 08:01:21 +0000 Files and hashes: 1: 0mKOBpte2LRVk0O1tn9atPkiUf4.crl (hash: XPQxQGHQGbmJjqUap40V/4r557xjLjx9+7zvEVNrrvo=) 2: IcIhqkwJl3oIn1TFze0JKC2ukZo.roa (hash: N9HPji4dA8H0kkRU9JW+TERsQXqgse1gQnpLkAfBwZU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.crl rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft rsync://rpki.ripe.net/repository/DEFAULT/0mKOBpte2LRVk0O1tn9atPkiUf4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fc:fa:bc:a5:14:00:43:f0:88:7f:d8:47:09:41:dd:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2628e069b5ed8b4559343b5b67f5ab4f92251fe Validity Not Before: Dec 8 08:01:21 2025 GMT Not After : Dec 9 08:01:21 2025 GMT Subject: CN=b9ab9d6d8889ab78fceb61a885e595e9712a7881 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c1:1f:3e:09:62:b9:dc:0a:14:1f:9c:7b:54: 6d:3c:79:28:78:6f:02:07:68:62:d7:59:58:0a:f2: 9e:d7:70:8c:aa:a4:f2:b1:d4:5f:79:2a:c0:46:da: 95:73:68:7d:9c:99:a5:48:d7:cd:3b:42:3d:5c:50: cd:ef:b2:98:d0:0a:bf:41:db:c4:28:13:b6:35:7e: f8:a7:21:e0:df:1c:b6:cd:f6:bb:a5:92:6b:6a:f1: 90:a6:d9:55:ab:fd:e1:26:95:02:d9:c3:c4:43:a0: ac:d2:62:15:aa:4e:3a:7d:d7:29:be:d9:70:d8:bc: e3:c1:72:30:49:a5:f5:7a:ff:cf:8b:8a:9b:79:48: 8d:e8:6b:a9:8f:06:3f:63:a3:26:d4:32:8f:8a:de: 08:c9:5f:a3:ed:54:14:7d:d5:9b:04:4e:ef:e8:55: 6c:52:e4:83:2f:d5:15:39:ec:68:2e:a8:7a:85:dd: e6:a8:a9:c2:47:73:38:e7:6a:fb:db:7a:04:c6:c6: fe:18:48:18:91:1b:89:5d:aa:d8:32:72:5d:6c:37: ac:16:04:5a:6d:db:6d:df:0b:94:ed:e0:04:3f:ab: 6d:bf:89:95:a7:14:79:fe:00:31:66:36:79:35:20: 1e:d8:f8:63:ec:50:bd:88:75:3e:c3:43:73:97:3e: b2:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:AB:9D:6D:88:89:AB:78:FC:EB:61:A8:85:E5:95:E9:71:2A:78:81 X509v3 Authority Key Identifier: keyid:D2:62:8E:06:9B:5E:D8:B4:55:93:43:B5:B6:7F:5A:B4:F9:22:51:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mKOBpte2LRVk0O1tn9atPkiUf4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:e5:72:23:f2:29:e4:8f:6f:9b:1c:28:e7:b8:8a:72:21:d7: fb:ac:cc:69:a1:b4:ed:42:a9:6f:2b:af:80:29:6d:5e:43:37: 9a:77:0c:37:20:80:eb:83:5e:46:7c:ec:1b:18:53:fc:e1:69: 71:1c:10:39:34:61:91:5d:c6:14:53:6e:05:78:5a:c0:24:45: 68:93:c3:15:cf:36:df:90:9c:cb:d0:9f:fd:b0:a4:7e:1f:37: ea:e3:6f:e5:4b:a3:d7:57:0c:3a:67:03:f1:11:6a:c9:a4:fb: 9d:fc:84:94:05:01:1c:35:c2:74:92:dd:06:5f:3d:4f:99:44: 17:e8:1b:c1:51:6a:da:d4:62:e1:7c:f3:d9:9c:c5:8b:94:c7: 81:3c:5b:5d:f6:b4:09:66:b1:43:89:85:c5:d1:0c:2e:2f:c3: d7:e3:c0:05:ff:80:f6:95:8e:77:19:ed:e2:a2:e6:48:17:c3: d0:40:48:61:0b:c6:70:93:24:eb:a4:80:b5:21:0d:99:27:53: 52:63:47:03:71:a9:6a:f2:08:89:c9:31:f3:e7:eb:52:9a:78: 19:2f:37:a8:db:18:35:75:f3:e0:1d:8f:01:99:19:60:2f:d7: 5b:22:5d:78:23:3f:21:34:ae:29:c2:1f:e9:14:ac:77:76:b7: 9b:28:cf:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr8+rylFABD8Ih/2EcJQd1oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNjI4ZTA2OWI1ZWQ4YjQ1NTkzNDNiNWI2N2Y1YWI0Zjky MjUxZmUwHhcNMjUxMjA4MDgwMTIxWhcNMjUxMjA5MDgwMTIxWjAzMTEwLwYDVQQD EyhiOWFiOWQ2ZDg4ODlhYjc4ZmNlYjYxYTg4NWU1OTVlOTcxMmE3ODgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsEfPgliudwKFB+ce1RtPHkoeG8C B2hi11lYCvKe13CMqqTysdRfeSrARtqVc2h9nJmlSNfNO0I9XFDN77KY0Aq/QdvE KBO2NX74pyHg3xy2zfa7pZJravGQptlVq/3hJpUC2cPEQ6Cs0mIVqk46fdcpvtlw 2LzjwXIwSaX1ev/Pi4qbeUiN6GupjwY/Y6Mm1DKPit4IyV+j7VQUfdWbBE7v6FVs UuSDL9UVOexoLqh6hd3mqKnCR3M452r723oExsb+GEgYkRuJXarYMnJdbDesFgRa bdtt3wuU7eAEP6ttv4mVpxR5/gAxZjZ5NSAe2Phj7FC9iHU+w0Nzlz6yMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLmrnW2Iiat4/OthqIXllelxKniBMB8GA1UdIwQY MBaAFNJijgabXti0VZNDtbZ/WrT5IlH+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMG1LT0JwdGUyTFJWazBPMXRuOWF0UGtpVWY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZWI5N2EtODNiZC00NDQ4LWIwOWUt YWY2NGE1N2FjOGQyLzEvMG1LT0JwdGUyTFJWazBPMXRuOWF0UGtpVWY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC8xZWI5N2EtODNiZC00NDQ4LWIwOWUtYWY2NGE1N2FjOGQy LzEvMG1LT0JwdGUyTFJWazBPMXRuOWF0UGtpVWY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS+VyI/Ip 5I9vmxwo57iKciHX+6zMaaG07UKpbyuvgCltXkM3mncMNyCA64NeRnzsGxhT/OFp cRwQOTRhkV3GFFNuBXhawCRFaJPDFc8235Ccy9Cf/bCkfh836uNv5Uuj11cMOmcD 8RFqyaT7nfyElAUBHDXCdJLdBl89T5lEF+gbwVFq2tRi4Xzz2ZzFi5THgTxbXfa0 CWaxQ4mFxdEMLi/D1+PABf+A9pWOdxnt4qLmSBfD0EBIYQvGcJMk66SAtSENmSdT UmNHA3GpavIIickx8+frUpp4GS83qNsYNXXz4B2PAZkZYC/XWyJdeCM/ITSuKcIf 6RSsd3a3myjPcQ== -----END CERTIFICATE-----Generated at Mon Dec 8 09:15:28 2025 by rpki-client