This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft File: CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json) Hash identifier: hJh9b/pFoL4YQCpPtFbk7zq3noZxT66X5Ka0xygdnqk= Subject key identifier: E5:2E:D9:40:B0:D3:93:AF:F3:5A:E2:8F:06:C6:07:19:C8:6E:0A:0C Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21 Certificate issuer: /CN=08802a8621f87827fd59723ce66cb59c38f91f21 Certificate serial: 019AF389DE5C2702F52E78EC5CCD015BCA48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft Manifest number: 0ABA Signing time: Sat 06 Dec 2025 12:01:29 +0000 Manifest this update: Sat 06 Dec 2025 12:01:29 +0000 Manifest next update: Sun 07 Dec 2025 12:01:29 +0000 Files and hashes: 1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: zKeqsPoDyIR1Td0dzoMI/e19Shq0iiz1EDYWdzjCfg8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:de:5c:27:02:f5:2e:78:ec:5c:cd:01:5b:ca:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21 Validity Not Before: Dec 6 12:01:29 2025 GMT Not After : Dec 7 12:01:29 2025 GMT Subject: CN=e52ed940b0d393aff35ae28f06c60719c86e0a0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:b4:d8:e4:78:9e:6d:e5:35:73:33:c9:31:74: 3c:80:fc:24:53:12:33:77:ea:74:65:34:b5:fd:5c: 20:3b:d6:ae:df:bb:da:bf:96:d4:c8:81:43:13:b4: 1c:b4:d1:cc:ee:fb:21:46:53:8a:65:7b:27:1f:90: 0d:42:75:10:56:9b:10:bf:60:18:c5:d1:cd:23:a7: a0:68:9b:d7:20:44:dd:f5:ef:af:59:40:8a:b9:18: 45:ab:b4:ae:1a:28:86:60:67:45:9e:cc:11:80:df: b6:77:99:30:54:cf:13:37:c3:70:58:23:d2:29:f2: be:45:ac:a2:1c:aa:4a:5b:d8:0c:c7:99:26:02:0f: 75:4f:eb:5c:cd:6e:29:f6:9a:65:0b:1c:53:9d:8a: 11:aa:2e:c8:d4:cd:47:73:9d:90:b7:43:53:41:d7: 30:c7:31:92:65:77:97:69:aa:6d:c7:53:a0:ae:e1: 7a:a2:15:6c:75:05:7b:2e:73:72:74:c6:74:e6:58: 33:ab:aa:74:28:9b:d9:6a:8d:b9:a5:f9:be:71:79: 65:83:6a:de:ae:71:c7:c7:6e:31:d7:49:af:bf:ad: 3e:d8:e2:8e:70:a1:d5:ec:57:87:bc:54:8d:43:4d: 94:e5:81:24:4f:ae:13:50:ee:68:60:a4:59:7b:30: 05:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:2E:D9:40:B0:D3:93:AF:F3:5A:E2:8F:06:C6:07:19:C8:6E:0A:0C X509v3 Authority Key Identifier: keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:29:76:59:ab:d9:ef:87:0d:b9:17:64:37:fe:b6:1d:84:cf: 6c:11:49:4b:61:3c:dc:00:95:56:1b:5d:4d:15:5e:76:47:a7: e2:a7:c4:eb:c3:d0:b9:70:15:cb:2b:32:ac:27:e9:ba:98:14: 90:6e:3e:57:e5:1c:ec:94:09:14:78:e6:09:cd:d0:2a:5e:c6: 7d:bf:f9:cf:7a:bd:b7:d6:57:f0:5f:b9:c5:ae:7f:e1:92:e3: 00:ac:6a:71:83:8e:fb:8d:89:bf:b9:5b:21:0b:f3:86:a4:eb: 34:bb:37:66:32:fb:a8:94:15:d4:39:04:6a:34:35:03:36:4c: 3c:be:1b:58:60:52:70:57:b4:68:6c:86:fe:ef:53:26:4c:63: 15:e5:8a:73:8c:11:06:b3:c6:d3:a2:7b:05:a0:6a:0f:8c:2f: f0:18:0b:b7:41:0a:96:ca:22:23:f5:fe:11:28:47:53:51:ef: b7:4c:94:3b:33:ad:18:64:db:f5:a2:e3:b1:12:16:7b:f7:8c: b1:47:e6:aa:08:b6:32:30:00:50:21:90:03:98:92:96:48:2d: 71:de:ba:90:0b:ea:93:4d:3c:3a:ed:07:0a:9d:fb:a7:7a:32: 9d:0d:13:a2:29:2b:47:92:b5:08:f9:7c:a8:6d:21:25:40:77: f6:9f:1b:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzid5cJwL1LnjsXM0BW8pIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm OTFmMjEwHhcNMjUxMjA2MTIwMTI5WhcNMjUxMjA3MTIwMTI5WjAzMTEwLwYDVQQD EyhlNTJlZDk0MGIwZDM5M2FmZjM1YWUyOGYwNmM2MDcxOWM4NmUwYTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbTY5HiebeU1czPJMXQ8gPwkUxIz d+p0ZTS1/VwgO9au37vav5bUyIFDE7QctNHM7vshRlOKZXsnH5ANQnUQVpsQv2AY xdHNI6egaJvXIETd9e+vWUCKuRhFq7SuGiiGYGdFnswRgN+2d5kwVM8TN8NwWCPS KfK+RayiHKpKW9gMx5kmAg91T+tczW4p9pplCxxTnYoRqi7I1M1Hc52Qt0NTQdcw xzGSZXeXaaptx1OgruF6ohVsdQV7LnNydMZ05lgzq6p0KJvZao25pfm+cXllg2re rnHHx24x10mvv60+2OKOcKHV7FeHvFSNQ02U5YEkT64TUO5oYKRZezAFXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOUu2UCw05Ov81rijwbGBxnIbgoMMB8GA1UdIwQY MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyl2WavZ 74cNuRdkN/62HYTPbBFJS2E83ACVVhtdTRVedken4qfE68PQuXAVyysyrCfpupgU kG4+V+Uc7JQJFHjmCc3QKl7Gfb/5z3q9t9ZX8F+5xa5/4ZLjAKxqcYOO+42Jv7lb IQvzhqTrNLs3ZjL7qJQV1DkEajQ1AzZMPL4bWGBScFe0aGyG/u9TJkxjFeWKc4wR BrPG06J7BaBqD4wv8BgLt0EKlsoiI/X+EShHU1Hvt0yUOzOtGGTb9aLjsRIWe/eM sUfmqgi2MjAAUCGQA5iSlkgtcd66kAvqk008Ou0HCp37p3oynQ0ToikrR5K1CPl8 qG0hJUB39p8bOg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:49:08 2025 by rpki-client