This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft File: 352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json) Hash identifier: PBHKBx7pQMNzhaZQioaF5Ragyhv3g/wkA0LSKG3cHCw= Subject key identifier: AC:20:4B:0A:C5:30:F8:79:4F:C0:9A:BA:F8:60:D0:DA:E4:DC:19:BD Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B Certificate issuer: /CN=df9da51ba72784a04e44120f9ded478567794c1b Certificate serial: 019AF465A83511BD4A502E8E6CDEB67B697E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft Manifest number: 0B4B Signing time: Sat 06 Dec 2025 16:01:34 +0000 Manifest this update: Sat 06 Dec 2025 16:01:34 +0000 Manifest next update: Sun 07 Dec 2025 16:01:34 +0000 Files and hashes: 1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: v6cBMoc3NA49aNNBt0FP2HAuaPBE8XT+XcZvlIJ4vdk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:a8:35:11:bd:4a:50:2e:8e:6c:de:b6:7b:69:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b Validity Not Before: Dec 6 16:01:34 2025 GMT Not After : Dec 7 16:01:34 2025 GMT Subject: CN=ac204b0ac530f8794fc09abaf860d0dae4dc19bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:11:b6:75:38:5d:d3:d6:0d:1a:76:ec:d5:77: 56:bb:55:e0:81:6a:23:0c:68:a8:cd:8e:85:5d:34: 9f:87:0d:e4:13:a0:71:ea:46:20:6d:a7:3b:b3:34: bc:f7:03:1d:90:2e:5d:cd:ea:3e:29:7a:58:95:85: f5:aa:59:30:ba:f8:b4:37:b6:cf:6a:a1:c5:46:a5: eb:96:e2:4b:1e:44:22:fd:4e:70:26:84:dd:f2:18: bf:80:de:1c:81:c8:bf:24:87:c2:aa:3e:18:58:00: 03:b9:e9:33:70:cf:c4:0c:d7:d4:13:25:c7:bf:2b: 55:39:68:32:c9:6c:6d:82:1d:3d:9a:ea:93:43:e2: 90:65:c4:f3:c6:79:26:2d:8e:e6:12:34:43:ec:15: 73:e8:c5:2c:90:35:83:f7:63:7e:cd:82:c5:42:b7: 12:66:d1:75:e6:82:61:e2:e5:dd:20:e3:9b:01:d1: 9d:83:3a:20:12:12:e2:37:e7:61:96:6e:ae:a8:26: 3b:13:8b:fc:c5:39:2b:4c:15:17:06:64:45:86:5f: c7:e2:19:27:88:07:c2:52:50:42:a3:84:f7:bd:40: 78:7f:13:7c:ff:93:d3:ff:f5:ef:dc:b5:39:a4:91: 3a:85:00:35:13:23:c3:fa:ba:0d:84:ac:a9:34:7c: cf:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:20:4B:0A:C5:30:F8:79:4F:C0:9A:BA:F8:60:D0:DA:E4:DC:19:BD X509v3 Authority Key Identifier: keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:db:8a:6d:0c:29:db:fb:1d:0c:34:04:b5:2f:2e:d1:40:e8: d1:fa:43:ab:93:60:5e:83:bd:7e:f8:02:49:4a:7c:8f:40:4b: c0:b7:6e:32:48:57:9c:dd:a4:b4:f9:e6:ca:33:3a:40:cc:7b: 00:f4:37:a8:d5:48:cf:2b:56:e7:f1:52:b3:c1:94:12:c6:34: 40:14:19:f2:da:75:35:46:d5:aa:da:f1:7a:7d:ea:fa:26:94: 89:7c:c1:bd:95:f6:b3:27:15:43:90:91:ee:ed:80:17:f8:5b: ea:d2:31:59:56:b5:65:2c:fb:ff:dd:7d:af:68:00:4c:f4:88: ee:c4:1e:85:7f:be:4f:f4:55:65:e0:03:10:4b:cf:70:ef:8d: dd:bd:1d:88:57:a4:08:25:bb:01:09:63:db:9d:73:7d:db:e7: 08:ea:15:eb:8a:78:46:f0:78:41:1b:dd:9f:05:86:2b:7e:7f: d4:57:73:f5:0a:8e:ab:26:3d:69:aa:65:7d:48:25:04:e6:86: e1:c2:5e:11:26:94:57:7d:b1:31:4f:be:04:40:7f:59:20:53: a8:a8:d5:3a:5e:db:81:50:ec:16:57:9c:3e:0b:4e:b9:c7:27: 75:91:32:28:67:09:38:f4:82:06:a2:e8:17:6e:81:3c:c9:54: 2c:4a:0a:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0Zag1Eb1KUC6ObN62e2l+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3 OTRjMWIwHhcNMjUxMjA2MTYwMTM0WhcNMjUxMjA3MTYwMTM0WjAzMTEwLwYDVQQD EyhhYzIwNGIwYWM1MzBmODc5NGZjMDlhYmFmODYwZDBkYWU0ZGMxOWJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRG2dThd09YNGnbs1XdWu1XggWoj DGiozY6FXTSfhw3kE6Bx6kYgbac7szS89wMdkC5dzeo+KXpYlYX1qlkwuvi0N7bP aqHFRqXrluJLHkQi/U5wJoTd8hi/gN4cgci/JIfCqj4YWAADuekzcM/EDNfUEyXH vytVOWgyyWxtgh09muqTQ+KQZcTzxnkmLY7mEjRD7BVz6MUskDWD92N+zYLFQrcS ZtF15oJh4uXdIOObAdGdgzogEhLiN+dhlm6uqCY7E4v8xTkrTBUXBmRFhl/H4hkn iAfCUlBCo4T3vUB4fxN8/5PT//Xv3LU5pJE6hQA1EyPD+roNhKypNHzPfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKwgSwrFMPh5T8Cauvhg0Nrk3Bm9MB8GA1UdIwQY MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4 LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkNuKbQwp 2/sdDDQEtS8u0UDo0fpDq5NgXoO9fvgCSUp8j0BLwLduMkhXnN2ktPnmyjM6QMx7 APQ3qNVIzytW5/FSs8GUEsY0QBQZ8tp1NUbVqtrxen3q+iaUiXzBvZX2sycVQ5CR 7u2AF/hb6tIxWVa1ZSz7/919r2gATPSI7sQehX++T/RVZeADEEvPcO+N3b0diFek CCW7AQlj251zfdvnCOoV64p4RvB4QRvdnwWGK35/1Fdz9QqOqyY9aaplfUglBOaG 4cJeESaUV32xMU++BEB/WSBTqKjVOl7bgVDsFlecPgtOuccndZEyKGcJOPSCBqLo F26BPMlULEoKdg== -----END CERTIFICATE-----Generated at Sat Dec 6 19:15:54 2025 by rpki-client