This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft File: b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json) Hash identifier: 8I8UdYLY/sxoupiCXqCkYsi4TMr7BfK1R5HBDovet1I= Subject key identifier: C2:35:0E:DB:EA:58:23:0B:2E:93:20:7B:B7:F9:9F:75:5E:7D:81:6C Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D Certificate issuer: /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d Certificate serial: 019AF1D21AC0EAE41D2DDBF7371A5D33C18C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 04:01:09 +0000 Manifest this update: Sat 06 Dec 2025 04:01:09 +0000 Manifest next update: Sun 07 Dec 2025 04:01:09 +0000 Files and hashes: 1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: 9cpgVqlTjwBUGF1AyXP2AapgdcZ3iUq4fxHDgo6/6o8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:1a:c0:ea:e4:1d:2d:db:f7:37:1a:5d:33:c1:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d Validity Not Before: Dec 6 04:01:09 2025 GMT Not After : Dec 7 04:01:09 2025 GMT Subject: CN=c2350edbea58230b2e93207bb7f99f755e7d816c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:98:f0:ef:57:79:a7:f6:8e:90:5e:2b:44:c4: 6e:f1:8a:63:71:f3:a5:9d:b1:c3:79:b4:9c:eb:7c: 16:d6:35:0f:c9:6d:09:04:41:f8:2b:3d:f2:db:00: 29:61:c8:da:7f:3f:b7:66:7b:df:7d:a9:5c:9a:9d: ef:58:cd:de:d8:91:e3:f0:36:c9:71:f8:bf:bb:5c: ce:2c:3a:0b:76:d0:3f:d4:d8:a7:e8:27:95:17:b8: 6a:46:a4:6f:32:c2:a8:b2:bc:da:19:d0:a2:e9:49: 93:fd:b5:e0:96:e2:00:5e:b0:0b:bb:ca:d0:f6:b8: 6e:cf:e4:53:9c:b7:b7:86:d5:c5:4d:c9:4e:79:37: 9d:f5:60:6e:49:3c:db:7a:fc:da:3a:f0:f6:ec:6d: 46:45:82:ce:b6:67:80:e8:a2:75:79:6d:ff:67:4f: b6:8b:fc:3d:b9:ec:19:cc:88:50:7c:1b:b3:f2:37: c5:d5:47:b8:1a:c9:a2:6c:f9:74:30:9f:d0:ff:34: 4c:f6:e8:c4:1e:2e:90:d8:30:38:4c:a2:9c:42:fa: 0d:3c:40:67:1f:0e:33:87:9b:2d:c7:99:ba:c8:4c: 76:f5:94:c7:5b:e9:bc:ec:69:25:64:12:d8:10:06: e2:e9:44:ce:5c:1f:8e:be:e5:c9:25:ab:02:7a:ed: 00:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:35:0E:DB:EA:58:23:0B:2E:93:20:7B:B7:F9:9F:75:5E:7D:81:6C X509v3 Authority Key Identifier: keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:aa:b7:39:77:2e:51:46:29:f9:ae:6a:7b:3a:56:28:68:b0: 96:e1:a7:70:66:fb:df:b1:8d:3b:4b:bc:15:11:33:04:01:99: 5b:d8:c2:a3:47:e8:67:6d:a9:03:9f:11:46:94:21:f8:ac:5c: d8:c2:ea:ca:5e:79:76:c4:84:58:ec:95:66:7b:66:9d:98:6d: 59:09:ed:d9:2a:7d:7c:5a:d0:5c:ad:36:59:ab:9c:c1:90:10: 53:2b:fc:81:0f:9f:df:de:26:ec:2d:57:f3:b1:17:82:a9:f5: 39:b7:fe:0f:c1:49:f3:76:59:5b:91:71:15:ca:ad:59:d2:1a: fc:da:7d:28:4d:4d:81:8a:b6:69:cf:5a:3d:e7:dc:a3:b1:61: 18:42:f9:59:bd:12:3d:a6:c6:29:d7:a6:fe:e3:77:20:8f:c8: 29:d0:8f:67:0d:f0:f4:d2:f3:9c:f1:54:03:08:54:be:f0:04: 3a:50:6d:cf:19:7d:15:1f:ca:c4:a4:31:11:70:b0:8c:6b:ed: 93:c3:d7:14:d3:39:71:a5:c0:ea:2b:1b:a7:9f:de:06:a8:de: 16:75:3b:69:d5:ba:8c:dc:c2:a3:99:4a:83:e1:4a:b5:ad:9d: db:81:73:73:8d:d6:6d:e6:04:da:02:ea:ae:5e:9d:9f:dc:cc: ca:55:b5:c1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0hrA6uQdLdv3NxpdM8GMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz YmE5MmQwHhcNMjUxMjA2MDQwMTA5WhcNMjUxMjA3MDQwMTA5WjAzMTEwLwYDVQQD EyhjMjM1MGVkYmVhNTgyMzBiMmU5MzIwN2JiN2Y5OWY3NTVlN2Q4MTZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pjw71d5p/aOkF4rRMRu8YpjcfOl nbHDebSc63wW1jUPyW0JBEH4Kz3y2wApYcjafz+3Znvffalcmp3vWM3e2JHj8DbJ cfi/u1zOLDoLdtA/1Nin6CeVF7hqRqRvMsKosrzaGdCi6UmT/bXgluIAXrALu8rQ 9rhuz+RTnLe3htXFTclOeTed9WBuSTzbevzaOvD27G1GRYLOtmeA6KJ1eW3/Z0+2 i/w9uewZzIhQfBuz8jfF1Ue4GsmibPl0MJ/Q/zRM9ujEHi6Q2DA4TKKcQvoNPEBn Hw4zh5stx5m6yEx29ZTHW+m87GklZBLYEAbi6UTOXB+OvuXJJasCeu0AewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMI1DtvqWCMLLpMge7f5n3VefYFsMB8GA1UdIwQY MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4 LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaq3OXcu UUYp+a5qezpWKGiwluGncGb737GNO0u8FREzBAGZW9jCo0foZ22pA58RRpQh+Kxc 2MLqyl55dsSEWOyVZntmnZhtWQnt2Sp9fFrQXK02WaucwZAQUyv8gQ+f394m7C1X 87EXgqn1Obf+D8FJ83ZZW5FxFcqtWdIa/Np9KE1NgYq2ac9aPefco7FhGEL5Wb0S PabGKdem/uN3II/IKdCPZw3w9NLznPFUAwhUvvAEOlBtzxl9FR/KxKQxEXCwjGvt k8PXFNM5caXA6isbp5/eBqjeFnU7adW6jNzCo5lKg+FKta2d24Fzc43WbeYE2gLq rl6dn9zMylW1wQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:27 2025 by rpki-client