This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft File: 0mKOBpte2LRVk0O1tn9atPkiUf4.mft (raw, json) Hash identifier: o8FeyOnB8GOTif8bjlTKDaf1XJ0hpq86kTgqZ7ZwIn0= Subject key identifier: DA:45:10:36:75:D3:76:7B:04:A9:69:6A:18:CF:E5:DF:4B:13:E2:BF Authority key identifier: D2:62:8E:06:9B:5E:D8:B4:55:93:43:B5:B6:7F:5A:B4:F9:22:51:FE Certificate issuer: /CN=d2628e069b5ed8b4559343b5b67f5ab4f92251fe Certificate serial: 019B2B542DBAC461FDA6C0B1ECFC345CCB2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mKOBpte2LRVk0O1tn9atPkiUf4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft Manifest number: 02CA Signing time: Wed 17 Dec 2025 08:01:35 +0000 Manifest this update: Wed 17 Dec 2025 08:01:35 +0000 Manifest next update: Thu 18 Dec 2025 08:01:35 +0000 Files and hashes: 1: 0mKOBpte2LRVk0O1tn9atPkiUf4.crl (hash: s1+WmbF1VaGHc4ujL7MHPLeEfX5lNd2WlOEFdDZwQSU=) 2: IcIhqkwJl3oIn1TFze0JKC2ukZo.roa (hash: N9HPji4dA8H0kkRU9JW+TERsQXqgse1gQnpLkAfBwZU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.crl rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft rsync://rpki.ripe.net/repository/DEFAULT/0mKOBpte2LRVk0O1tn9atPkiUf4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 08:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:54:2d:ba:c4:61:fd:a6:c0:b1:ec:fc:34:5c:cb:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2628e069b5ed8b4559343b5b67f5ab4f92251fe Validity Not Before: Dec 17 08:01:35 2025 GMT Not After : Dec 18 08:01:35 2025 GMT Subject: CN=da45103675d3767b04a9696a18cfe5df4b13e2bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ef:df:65:fc:38:0d:94:82:a1:48:3f:5c:3e: cd:49:51:bf:e2:73:80:ba:0e:df:bf:e0:b1:c9:1f: 34:11:32:e5:8b:a4:5e:50:eb:84:cf:60:6d:e7:be: 8d:ec:4d:4b:65:82:10:09:9a:3b:c3:1c:0a:7d:27: 92:b9:a7:f9:45:25:0b:d7:64:6b:d1:9a:65:c0:e8: 5e:df:d0:6d:48:3d:30:93:ec:3f:97:36:63:98:03: 4d:f3:44:c1:6e:86:13:51:d5:62:f0:b1:9e:5c:f9: 77:38:1e:c9:72:ff:e8:08:74:93:46:d6:cb:4c:be: 9c:81:6c:e8:3c:26:5f:f0:54:22:c4:f9:1a:92:af: f4:3c:c9:14:24:93:23:1f:e8:44:ab:5b:ff:15:70: 64:83:33:c2:46:b9:26:0f:af:c5:25:bb:e9:3e:8c: 00:57:4f:30:db:bb:04:fa:e2:fd:3a:eb:72:9c:be: c5:62:6e:e3:32:49:3d:47:45:0d:ab:04:9f:97:62: 9e:40:aa:4b:64:ce:1e:5f:42:4e:9b:6e:9c:49:1d: 63:0f:0c:fc:8b:03:3a:a5:08:c7:10:a2:db:a0:a0: 58:66:06:e3:fd:df:e7:67:28:54:20:5b:4b:53:41: 83:7c:91:45:5f:29:e3:0a:40:c2:a5:e8:37:34:34: da:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:45:10:36:75:D3:76:7B:04:A9:69:6A:18:CF:E5:DF:4B:13:E2:BF X509v3 Authority Key Identifier: keyid:D2:62:8E:06:9B:5E:D8:B4:55:93:43:B5:B6:7F:5A:B4:F9:22:51:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mKOBpte2LRVk0O1tn9atPkiUf4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1eb97a-83bd-4448-b09e-af64a57ac8d2/1/0mKOBpte2LRVk0O1tn9atPkiUf4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:62:d9:a9:da:07:19:24:ae:46:93:0c:da:9d:b8:4a:9d:bf: bc:b0:54:9a:de:56:39:5f:c5:55:24:38:8f:e1:55:ff:9a:fa: 6f:bf:c3:0e:5d:13:4f:20:bb:35:4f:aa:d8:ae:f7:d9:57:a1: 83:3d:0f:df:23:b7:72:87:1d:b0:7e:6b:c6:43:22:75:e4:88: db:13:b3:9d:ae:ac:0f:75:8d:4a:67:0d:e1:e6:da:f5:6a:b0: 74:22:0d:f3:a9:00:ce:cb:ad:f2:31:7c:af:c5:a4:37:f8:77: d1:e0:30:e4:ce:44:1a:47:af:7b:82:18:dc:09:34:07:fa:c6: ca:1e:23:fc:93:ae:4e:06:7c:da:03:cb:7e:6e:c7:75:0f:7d: 32:50:95:d3:7f:4b:b7:c0:fd:53:e5:ca:c0:f7:1b:3c:12:1e: 36:18:4e:c1:f7:86:2b:56:54:2e:26:d1:c0:60:eb:8c:3c:5b: 4f:7c:68:f1:8c:fa:b8:47:a2:87:89:85:b3:44:2a:fd:f3:4c: d5:b2:aa:db:00:44:8a:2c:62:53:00:f5:b8:bd:27:0e:06:1b: 23:1c:f8:e0:31:fb:d6:04:e4:0d:cf:8e:e0:f6:ff:40:07:78: 37:9d:ea:9b:20:b6:bc:3f:bd:83:97:5e:25:83:72:7b:86:67: 6d:98:39:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrVC26xGH9psCx7Pw0XMsvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNjI4ZTA2OWI1ZWQ4YjQ1NTkzNDNiNWI2N2Y1YWI0Zjky MjUxZmUwHhcNMjUxMjE3MDgwMTM1WhcNMjUxMjE4MDgwMTM1WjAzMTEwLwYDVQQD EyhkYTQ1MTAzNjc1ZDM3NjdiMDRhOTY5NmExOGNmZTVkZjRiMTNlMmJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO/fZfw4DZSCoUg/XD7NSVG/4nOA ug7fv+CxyR80ETLli6ReUOuEz2Bt576N7E1LZYIQCZo7wxwKfSeSuaf5RSUL12Rr 0ZplwOhe39BtSD0wk+w/lzZjmANN80TBboYTUdVi8LGeXPl3OB7Jcv/oCHSTRtbL TL6cgWzoPCZf8FQixPkakq/0PMkUJJMjH+hEq1v/FXBkgzPCRrkmD6/FJbvpPowA V08w27sE+uL9OutynL7FYm7jMkk9R0UNqwSfl2KeQKpLZM4eX0JOm26cSR1jDwz8 iwM6pQjHEKLboKBYZgbj/d/nZyhUIFtLU0GDfJFFXynjCkDCpeg3NDTa0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNpFEDZ103Z7BKlpahjP5d9LE+K/MB8GA1UdIwQY MBaAFNJijgabXti0VZNDtbZ/WrT5IlH+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMG1LT0JwdGUyTFJWazBPMXRuOWF0UGtpVWY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZWI5N2EtODNiZC00NDQ4LWIwOWUt YWY2NGE1N2FjOGQyLzEvMG1LT0JwdGUyTFJWazBPMXRuOWF0UGtpVWY0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC8xZWI5N2EtODNiZC00NDQ4LWIwOWUtYWY2NGE1N2FjOGQy LzEvMG1LT0JwdGUyTFJWazBPMXRuOWF0UGtpVWY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtmLZqdoH GSSuRpMM2p24Sp2/vLBUmt5WOV/FVSQ4j+FV/5r6b7/DDl0TTyC7NU+q2K732Veh gz0P3yO3cocdsH5rxkMideSI2xOzna6sD3WNSmcN4eba9WqwdCIN86kAzsut8jF8 r8WkN/h30eAw5M5EGkeve4IY3Ak0B/rGyh4j/JOuTgZ82gPLfm7HdQ99MlCV039L t8D9U+XKwPcbPBIeNhhOwfeGK1ZULibRwGDrjDxbT3xo8Yz6uEeih4mFs0Qq/fNM 1bKq2wBEiixiUwD1uL0nDgYbIxz44DH71gTkDc+O4Pb/QAd4N53qmyC2vD+9g5de JYNye4ZnbZg5zg== -----END CERTIFICATE-----Generated at Wed Dec 17 16:44:29 2025 by rpki-client