This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft File: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json) Hash identifier: NKWP9CPMfy4kAUYcKjv2+Imbow7tAbBbsr9Sksn7aCI= Subject key identifier: 23:CC:F2:B5:6E:D1:54:C1:BE:88:16:20:6A:53:11:4C:4C:DD:A3:55 Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0 Certificate issuer: /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0 Certificate serial: 019AF3890DA4482255456F1F597020FAF78B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft Manifest number: 0E0C Signing time: Sat 06 Dec 2025 12:00:36 +0000 Manifest this update: Sat 06 Dec 2025 12:00:36 +0000 Manifest next update: Sun 07 Dec 2025 12:00:36 +0000 Files and hashes: 1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: uBB7Tgvh/6hRfk1ghZUZ0V+ds6J/LH2Q0SfhXkN9Bec=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:0d:a4:48:22:55:45:6f:1f:59:70:20:fa:f7:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0 Validity Not Before: Dec 6 12:00:36 2025 GMT Not After : Dec 7 12:00:36 2025 GMT Subject: CN=23ccf2b56ed154c1be8816206a53114c4cdda355 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:db:c3:87:55:a1:8a:c7:70:f6:5f:ce:0d:e9: 41:44:df:81:9e:2a:26:b1:e3:25:5b:10:e4:47:f4: 20:97:b2:a9:b8:1b:be:f1:9e:85:c6:7c:0e:e7:b2: 7b:20:16:bb:48:1c:1f:64:b9:3f:83:b8:0d:45:fa: 12:79:af:5b:de:36:ad:32:e2:a7:e7:64:dd:f9:c8: 95:b3:74:9e:b4:a3:b0:a7:d6:63:b1:5c:e3:1a:33: e3:c8:3a:62:8b:8d:97:87:9b:93:66:0e:3d:c1:14: 0e:c2:6d:e1:ec:44:df:3c:9a:57:c8:d8:53:14:d1: c1:c3:1d:71:9b:ce:de:53:62:48:b6:79:25:49:c4: 5d:ff:1c:b9:31:93:fb:1d:e2:4e:c3:23:57:97:5b: a8:ad:9b:ce:03:e6:39:3e:1f:55:90:3f:0f:ff:00: 20:2b:b6:a8:7e:9d:9f:61:53:15:b9:33:b3:49:9f: 60:b6:a6:64:86:45:10:7d:16:0e:6d:e1:b0:16:49: 76:d8:32:44:d1:13:2a:bc:40:31:f5:04:79:2b:ad: b5:d5:31:c2:9c:20:7a:79:b2:6b:ac:aa:58:ef:5a: 74:a2:6f:db:c7:73:55:d3:fb:e2:cf:84:df:65:ba: ab:6e:5a:11:ed:32:11:a0:d3:ec:57:50:87:de:82: 55:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:CC:F2:B5:6E:D1:54:C1:BE:88:16:20:6A:53:11:4C:4C:DD:A3:55 X509v3 Authority Key Identifier: keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:4f:56:f2:bd:d8:2f:d0:1f:c7:a0:0e:b1:5c:42:f4:4b:50: 2a:17:97:6e:ff:8a:5c:ef:1f:3e:22:70:12:4d:94:c7:4d:c4: 4d:db:d3:83:15:f6:1f:e7:3e:3b:ee:5f:8a:16:7d:bd:4b:42: fb:13:d5:be:63:00:9a:38:47:38:bb:57:18:75:37:bc:5a:a5: ab:f9:2b:7b:33:5a:f6:54:a1:44:63:45:1f:5e:7d:ac:89:67: 23:63:45:00:07:a8:61:fa:cc:c3:63:20:80:7b:a4:af:8b:e0: 8c:96:81:3e:b9:9e:6b:7c:e3:79:02:1c:53:8a:4d:41:26:d2: 6b:41:ee:2e:55:c4:09:0f:d2:72:60:15:91:66:9a:bc:1e:6b: f2:b7:e0:00:62:2c:4b:2d:bb:0f:99:dc:62:7a:e6:34:d3:72: a7:66:90:ff:9a:4d:ff:e2:57:ac:1b:8f:e5:f9:ae:1c:00:44: fa:0b:19:ec:14:3e:6f:78:d5:14:10:1b:a5:fa:22:d8:05:c7: a7:2c:9b:65:ef:e6:a6:09:17:d6:fb:2b:a0:36:32:62:7e:9f: 2b:b1:bd:e5:08:b5:7b:81:4d:02:b0:b5:bd:82:b9:10:19:0b: ca:06:22:15:f5:39:4b:de:dd:be:12:12:25:c8:2b:7f:8a:00: 11:b5:6c:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziQ2kSCJVRW8fWXAg+veLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi ZTNkZTAwHhcNMjUxMjA2MTIwMDM2WhcNMjUxMjA3MTIwMDM2WjAzMTEwLwYDVQQD EygyM2NjZjJiNTZlZDE1NGMxYmU4ODE2MjA2YTUzMTE0YzRjZGRhMzU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdvDh1Whisdw9l/ODelBRN+Bniom seMlWxDkR/Qgl7KpuBu+8Z6FxnwO57J7IBa7SBwfZLk/g7gNRfoSea9b3jatMuKn 52Td+ciVs3SetKOwp9ZjsVzjGjPjyDpii42Xh5uTZg49wRQOwm3h7ETfPJpXyNhT FNHBwx1xm87eU2JItnklScRd/xy5MZP7HeJOwyNXl1uorZvOA+Y5Ph9VkD8P/wAg K7aofp2fYVMVuTOzSZ9gtqZkhkUQfRYObeGwFkl22DJE0RMqvEAx9QR5K6211THC nCB6ebJrrKpY71p0om/bx3NV0/viz4TfZbqrbloR7TIRoNPsV1CH3oJVswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCPM8rVu0VTBvogWIGpTEUxM3aNVMB8GA1UdIwQY MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2 LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIk9W8r3Y L9Afx6AOsVxC9EtQKheXbv+KXO8fPiJwEk2Ux03ETdvTgxX2H+c+O+5fihZ9vUtC +xPVvmMAmjhHOLtXGHU3vFqlq/krezNa9lShRGNFH159rIlnI2NFAAeoYfrMw2Mg gHukr4vgjJaBPrmea3zjeQIcU4pNQSbSa0HuLlXECQ/ScmAVkWaavB5r8rfgAGIs Sy27D5ncYnrmNNNyp2aQ/5pN/+JXrBuP5fmuHABE+gsZ7BQ+b3jVFBAbpfoi2AXH pyybZe/mpgkX1vsroDYyYn6fK7G95Qi1e4FNArC1vYK5EBkLygYiFfU5S97dvhIS Jcgrf4oAEbVsyg== -----END CERTIFICATE-----Generated at Sat Dec 6 22:26:07 2025 by rpki-client