This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft File: 0kSCMx_jdh3lOpm9N8j9am-foAc.mft (raw, json) Hash identifier: GqCxoNwWqUR7wVjJEE9sNZgH4tdoydvhHwV+m0KGtG8= Subject key identifier: 87:F4:52:2A:B1:1F:75:5A:BC:A0:67:99:D9:E5:B5:27:A1:10:5A:D7 Authority key identifier: D2:44:82:33:1F:E3:76:1D:E5:3A:99:BD:37:C8:FD:6A:6F:9F:A0:07 Certificate issuer: /CN=d24482331fe3761de53a99bd37c8fd6a6f9fa007 Certificate serial: 019AF1D23AE66FB226AFC6968BE97F71A08B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kSCMx_jdh3lOpm9N8j9am-foAc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft Manifest number: 0194 Signing time: Sat 06 Dec 2025 04:01:17 +0000 Manifest this update: Sat 06 Dec 2025 04:01:17 +0000 Manifest next update: Sun 07 Dec 2025 04:01:17 +0000 Files and hashes: 1: 0kSCMx_jdh3lOpm9N8j9am-foAc.crl (hash: DXAug+gLx34df6oL2sqPyuV/F9xxMMCG5Rl7Q4AdCOQ=) 2: M95FjIFFe7FE8GSWYSZYw7JDajo.roa (hash: NrgUx/KwCI45z+00qu3mq53IxB/PSBwR22i9a5VwK5U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.crl rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft rsync://rpki.ripe.net/repository/DEFAULT/0kSCMx_jdh3lOpm9N8j9am-foAc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:3a:e6:6f:b2:26:af:c6:96:8b:e9:7f:71:a0:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d24482331fe3761de53a99bd37c8fd6a6f9fa007 Validity Not Before: Dec 6 04:01:17 2025 GMT Not After : Dec 7 04:01:17 2025 GMT Subject: CN=87f4522ab11f755abca06799d9e5b527a1105ad7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:15:b4:57:e8:97:48:41:78:0b:c8:8d:0f:81: e6:33:52:b6:df:33:a5:34:2e:fd:f3:5e:ed:e3:1e: 72:eb:4d:f0:29:27:23:2b:e6:a1:c4:ae:54:1f:8d: 53:f8:44:41:c4:c9:51:65:f6:d6:fb:64:23:6f:8c: 1a:f9:00:30:dd:96:ec:99:8e:70:93:f3:fb:e8:bf: 21:79:10:18:b3:34:95:75:ce:db:74:c0:27:21:3c: 4d:85:cf:8d:5c:b4:16:58:6e:09:92:d0:47:94:f8: 18:56:6c:61:64:c9:db:b1:2d:e1:9f:38:45:d9:e7: 22:78:98:1d:ba:8c:e8:7d:cd:01:a5:d6:f8:3d:f5: 65:0b:59:d4:a5:b1:04:2f:b7:30:29:c1:72:49:7a: 02:5b:38:42:76:c9:4a:ca:a7:6f:c9:95:f0:24:fd: 99:d0:d4:42:d3:7c:4f:b1:30:9a:9c:3f:75:c7:e1: 26:99:04:5c:3e:da:95:0f:eb:87:c7:7a:5c:be:80: 4c:cd:3a:9a:e3:91:18:db:6e:b0:bb:4a:22:95:4c: a8:72:1d:17:9f:bc:e1:3b:91:92:10:24:44:b0:b4: 6a:18:fd:88:98:8e:ca:81:75:c2:e7:f1:8a:e0:22: 79:1c:14:54:a2:7b:1c:95:53:c4:fb:63:57:9e:b9: 1d:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:F4:52:2A:B1:1F:75:5A:BC:A0:67:99:D9:E5:B5:27:A1:10:5A:D7 X509v3 Authority Key Identifier: keyid:D2:44:82:33:1F:E3:76:1D:E5:3A:99:BD:37:C8:FD:6A:6F:9F:A0:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kSCMx_jdh3lOpm9N8j9am-foAc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/25b61b-37e9-4408-acc1-87c03cdd7f9f/1/0kSCMx_jdh3lOpm9N8j9am-foAc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:a5:8c:0e:c2:7a:08:bd:9e:4f:3c:fd:b8:82:3b:40:f6:6b: 34:1b:69:78:65:81:4e:73:9c:76:6d:56:b2:f2:33:8f:bd:19: ef:ee:6c:93:b6:20:36:dd:ee:d4:2d:71:8f:86:29:a0:04:fa: ec:fb:5e:39:98:87:5a:19:31:39:8f:9d:59:cf:88:36:e9:5c: 9c:d4:55:82:45:6d:17:7e:43:e9:9d:00:71:3e:9c:ce:7d:cc: a0:92:6c:c0:49:24:ce:03:1b:35:e3:4f:aa:f6:19:e0:91:05: 75:04:b4:99:84:8f:0d:4a:0e:15:a1:c8:c7:84:0e:46:6d:39: 76:12:f8:ee:2b:8c:71:88:21:3b:50:3c:64:4c:75:df:5e:c5: 3e:65:62:6d:5f:90:fa:2f:a0:9a:d4:46:4f:19:50:b1:64:3f: 26:cc:fe:1e:e9:ab:ab:5d:05:17:3b:75:bc:71:e8:10:bc:b4: 90:ee:f1:ff:c1:42:ed:03:85:0f:ce:e3:f0:a5:63:5f:c4:10: 8a:22:a5:25:e0:e4:5e:1a:a5:fb:34:ee:21:6d:28:c2:58:c4: ad:f2:e5:0b:96:d1:13:c8:4a:2f:ec:7f:5b:13:a6:a7:83:a1: fe:a1:4d:a9:b6:36:e7:f4:0d:6d:07:13:aa:70:96:00:16:7a: ee:9f:a1:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0jrmb7Imr8aWi+l/caCLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNDQ4MjMzMWZlMzc2MWRlNTNhOTliZDM3YzhmZDZhNmY5 ZmEwMDcwHhcNMjUxMjA2MDQwMTE3WhcNMjUxMjA3MDQwMTE3WjAzMTEwLwYDVQQD Eyg4N2Y0NTIyYWIxMWY3NTVhYmNhMDY3OTlkOWU1YjUyN2ExMTA1YWQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RW0V+iXSEF4C8iND4HmM1K23zOl NC79817t4x5y603wKScjK+ahxK5UH41T+ERBxMlRZfbW+2Qjb4wa+QAw3ZbsmY5w k/P76L8heRAYszSVdc7bdMAnITxNhc+NXLQWWG4JktBHlPgYVmxhZMnbsS3hnzhF 2ecieJgduozofc0Bpdb4PfVlC1nUpbEEL7cwKcFySXoCWzhCdslKyqdvyZXwJP2Z 0NRC03xPsTCanD91x+EmmQRcPtqVD+uHx3pcvoBMzTqa45EY226wu0oilUyoch0X n7zhO5GSECREsLRqGP2ImI7KgXXC5/GK4CJ5HBRUonsclVPE+2NXnrkdpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIf0UiqxH3VavKBnmdnltSehEFrXMB8GA1UdIwQY MBaAFNJEgjMf43Yd5TqZvTfI/Wpvn6AHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGtTQ014X2pkaDNsT3BtOU44ajlhbS1mb0FjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yNWI2MWItMzdlOS00NDA4LWFjYzEt ODdjMDNjZGQ3ZjlmLzEvMGtTQ014X2pkaDNsT3BtOU44ajlhbS1mb0FjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi8yNWI2MWItMzdlOS00NDA4LWFjYzEtODdjMDNjZGQ3Zjlm LzEvMGtTQ014X2pkaDNsT3BtOU44ajlhbS1mb0FjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGKWMDsJ6 CL2eTzz9uII7QPZrNBtpeGWBTnOcdm1WsvIzj70Z7+5sk7YgNt3u1C1xj4YpoAT6 7PteOZiHWhkxOY+dWc+INulcnNRVgkVtF35D6Z0AcT6czn3MoJJswEkkzgMbNeNP qvYZ4JEFdQS0mYSPDUoOFaHIx4QORm05dhL47iuMcYghO1A8ZEx1317FPmVibV+Q +i+gmtRGTxlQsWQ/Jsz+Humrq10FFzt1vHHoELy0kO7x/8FC7QOFD87j8KVjX8QQ iiKlJeDkXhql+zTuIW0owljErfLlC5bRE8hKL+x/WxOmp4Oh/qFNqbY25/QNbQcT qnCWABZ67p+haQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:31:04 2025 by rpki-client