This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft File: VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json) Hash identifier: TZ8oHDoYw2DJaUuNW9lIoRiIkw+IVbYhQNOIKcqnZMg= Subject key identifier: DC:14:A1:92:39:84:4C:53:D1:A0:AB:B1:5D:CA:CF:C2:90:C8:02:2B Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70 Certificate issuer: /CN=5476e09001c3186526190d1f35d2a5b99fcaa270 Certificate serial: 019AF12EA77FEB3F693B4DA66A30DC2BBD0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 01:02:37 +0000 Manifest this update: Sat 06 Dec 2025 01:02:37 +0000 Manifest next update: Sun 07 Dec 2025 01:02:37 +0000 Files and hashes: 1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: Mya2bCPpYrg9oJGRhtCmp2jEK7tRYxOQgdF/TIKVnZg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:a7:7f:eb:3f:69:3b:4d:a6:6a:30:dc:2b:bd:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270 Validity Not Before: Dec 6 01:02:37 2025 GMT Not After : Dec 7 01:02:37 2025 GMT Subject: CN=dc14a19239844c53d1a0abb15dcacfc290c8022b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:30:f7:f9:65:8a:0d:27:cd:a5:7a:17:9b:96: 09:50:46:c6:98:8b:27:59:ea:5c:40:60:e4:92:f4: 1a:81:a9:de:77:2c:82:78:e4:0a:0f:d3:82:e1:fa: 1e:88:b5:1f:1e:0b:7f:eb:71:7f:16:09:f4:d2:2d: 32:b2:09:ac:8f:a4:51:5a:08:bf:43:97:6f:3a:d2: c1:90:94:30:8f:4e:91:05:8c:5f:2f:21:a9:1b:2b: 15:77:c3:6a:8d:56:51:03:cd:df:e2:13:0d:6a:f9: 55:cb:51:f0:f8:80:b0:cb:b6:e6:eb:61:da:72:ea: cd:5d:14:c8:58:95:fe:c3:82:03:1a:20:25:eb:52: 80:52:91:fb:b6:c7:fb:12:5b:ba:57:da:2a:fd:b3: bc:c4:01:72:2f:21:5b:02:19:6d:9f:f5:3e:54:38: 81:66:b1:df:df:fd:4d:47:df:03:22:7c:a6:c9:98: 58:0d:06:88:20:7f:24:e6:db:4d:ea:94:a4:00:88: ab:f0:98:ab:aa:78:17:67:e1:67:7c:44:47:e0:b7: 1e:9d:de:5d:6d:c0:5c:76:6a:eb:44:2b:78:dd:e2: 6a:da:03:53:55:26:91:4f:d5:5f:3a:5c:8a:b8:fa: e2:9f:e6:b1:7f:77:45:d9:23:70:b8:d7:92:35:12: 85:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:14:A1:92:39:84:4C:53:D1:A0:AB:B1:5D:CA:CF:C2:90:C8:02:2B X509v3 Authority Key Identifier: keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:f7:e4:5c:3a:5d:41:e7:67:97:a1:33:c5:a5:21:a1:ec:1d: 7d:be:dd:96:1d:39:0e:58:12:88:01:1b:42:be:ed:2f:62:da: 46:d6:29:e2:88:fe:9a:ce:8d:7a:04:50:f3:d5:06:de:3e:95: 51:7f:2c:a3:9a:aa:5a:f7:a5:7c:12:92:09:cd:66:ad:77:9e: 0b:1d:67:06:a0:05:c6:d8:90:33:5d:ef:cc:1f:27:8f:54:ed: e6:3b:c6:c9:76:56:9a:be:ba:3c:89:af:fd:a9:7b:40:14:59: d6:93:12:94:45:08:0a:27:38:1f:f1:f9:df:72:98:dd:06:67: f5:3c:50:7f:47:7f:b2:79:b7:49:21:c3:ba:f3:20:e2:23:61: 98:c2:1c:a5:c3:c4:57:1e:0c:ab:ac:8e:f4:6d:20:e4:ba:14: a0:b2:28:55:73:15:43:ce:99:f0:96:08:01:99:ac:99:8d:31: 69:51:1f:29:a8:4d:e4:e7:cd:01:d5:84:d9:b1:a8:db:17:e9: 51:ca:e4:3f:38:39:04:fa:55:2d:95:3d:7b:00:77:ed:d2:e8: 64:8e:8d:dd:be:d6:33:f7:3b:7f:55:12:c2:f4:55:21:a8:88: 3a:c9:61:fe:67:55:fd:97:d7:51:4c:c2:5f:c6:86:7b:8b:4b: 9c:21:ea:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLqd/6z9pO02majDcK70OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj YWEyNzAwHhcNMjUxMjA2MDEwMjM3WhcNMjUxMjA3MDEwMjM3WjAzMTEwLwYDVQQD EyhkYzE0YTE5MjM5ODQ0YzUzZDFhMGFiYjE1ZGNhY2ZjMjkwYzgwMjJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDD3+WWKDSfNpXoXm5YJUEbGmIsn WepcQGDkkvQaganedyyCeOQKD9OC4foeiLUfHgt/63F/Fgn00i0ysgmsj6RRWgi/ Q5dvOtLBkJQwj06RBYxfLyGpGysVd8NqjVZRA83f4hMNavlVy1Hw+ICwy7bm62Ha curNXRTIWJX+w4IDGiAl61KAUpH7tsf7Elu6V9oq/bO8xAFyLyFbAhltn/U+VDiB ZrHf3/1NR98DInymyZhYDQaIIH8k5ttN6pSkAIir8JirqngXZ+FnfERH4Lcend5d bcBcdmrrRCt43eJq2gNTVSaRT9VfOlyKuPrin+axf3dF2SNwuNeSNRKFSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNwUoZI5hExT0aCrsV3Kz8KQyAIrMB8GA1UdIwQY MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgPfkXDpd Qednl6EzxaUhoewdfb7dlh05DlgSiAEbQr7tL2LaRtYp4oj+ms6NegRQ89UG3j6V UX8so5qqWvelfBKSCc1mrXeeCx1nBqAFxtiQM13vzB8nj1Tt5jvGyXZWmr66PImv /al7QBRZ1pMSlEUICic4H/H533KY3QZn9TxQf0d/snm3SSHDuvMg4iNhmMIcpcPE Vx4Mq6yO9G0g5LoUoLIoVXMVQ86Z8JYIAZmsmY0xaVEfKahN5OfNAdWE2bGo2xfp UcrkPzg5BPpVLZU9ewB37dLoZI6N3b7WM/c7f1USwvRVIaiIOslh/mdV/ZfXUUzC X8aGe4tLnCHqiA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:08:46 2025 by rpki-client