This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft File: CnAgLDEt0sem_8MXqobk4gaSSaY.mft (raw, json) Hash identifier: z9enV024KPzA+TIKA4tafv24i3L6OBmJxXFcCQKviRQ= Subject key identifier: 07:EB:97:4F:15:53:D2:BD:5B:C3:F1:F6:75:08:61:B6:5D:62:D3:02 Authority key identifier: 0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6 Certificate issuer: /CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6 Certificate serial: 019AF208FA306026C7F0DB7528D7B24B18C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft Manifest number: 0A8E Signing time: Sat 06 Dec 2025 05:01:05 +0000 Manifest this update: Sat 06 Dec 2025 05:01:05 +0000 Manifest next update: Sun 07 Dec 2025 05:01:05 +0000 Files and hashes: 1: CnAgLDEt0sem_8MXqobk4gaSSaY.crl (hash: DVLcz8yYbB2O5zZ2zxnKoC/sE8u82qR90N8XtDZVAFc=) 2: eTuN91J09OBNoZtxEtruVhH4DbY.roa (hash: F1iOkNAfZrkXFWgz/sdsk9Ul6Wkc9BDyHiaUC1recQY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:fa:30:60:26:c7:f0:db:75:28:d7:b2:4b:18:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6 Validity Not Before: Dec 6 05:01:05 2025 GMT Not After : Dec 7 05:01:05 2025 GMT Subject: CN=07eb974f1553d2bd5bc3f1f6750861b65d62d302 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f1:a7:f6:7c:d6:7c:ab:7d:f4:bb:a8:01:9e: c2:01:25:89:52:01:36:3a:e1:70:2b:f2:78:d3:45: 25:61:c3:ae:ae:40:26:b2:dc:4b:8f:69:0f:bc:9e: 4f:d1:d4:68:74:b8:7c:5f:ee:e6:f2:60:1d:c1:da: 37:a8:19:b9:f3:5d:dd:5c:db:42:a3:0b:7d:f3:f7: 18:3e:bc:4a:4c:80:0f:92:0d:44:9e:7c:39:e9:77: a2:71:51:05:f4:01:b5:6f:58:98:9a:62:68:40:99: 13:87:d7:86:48:58:6b:6d:18:d2:8e:6d:1c:23:b9: 78:ec:d7:85:7c:b9:27:3e:1d:ea:56:ec:23:7c:d5: 79:b5:4f:0d:6c:2c:68:ce:f4:2c:20:24:66:97:28: c5:ef:01:26:d9:11:9c:42:ff:a9:0b:de:d1:1e:e0: 4b:be:14:18:d7:c5:0b:06:af:2e:c9:45:f0:21:30: 85:da:eb:f4:a3:71:00:9e:9a:02:ec:0e:8c:db:44: 45:85:3c:fa:44:b6:88:66:51:1c:b3:31:49:a6:b0: ae:25:f3:44:67:18:3b:b1:49:d3:a7:58:7a:64:88: 0d:d3:6d:e5:a6:bc:fa:41:63:77:f8:49:07:87:9e: 15:2f:c7:93:61:01:ca:68:1d:2b:10:e2:2d:20:63: c0:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:EB:97:4F:15:53:D2:BD:5B:C3:F1:F6:75:08:61:B6:5D:62:D3:02 X509v3 Authority Key Identifier: keyid:0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:bb:f3:a6:7c:d9:d2:1a:a6:38:36:38:2e:5e:dd:91:34:35: f6:66:95:f4:44:b7:4a:d8:40:da:09:f6:9c:6c:57:b1:d4:b7: 42:66:ec:3d:ce:6d:c3:8e:ed:b1:64:82:48:2c:21:14:fa:36: d8:eb:c1:a7:33:67:74:3f:64:ac:f6:0c:1a:0b:fc:9c:4f:e1: 0d:7c:d8:44:16:ea:94:cd:14:f6:da:6a:b1:d4:30:31:7f:60: 1b:ff:53:f5:ca:38:88:25:4c:1f:b3:ff:e8:96:33:93:5a:8b: 43:54:71:ab:77:ae:20:d7:c1:07:55:a1:af:aa:88:ac:22:76: 07:ea:75:6e:6a:a5:e9:84:83:c2:0e:b3:ab:35:dc:3e:12:38: a4:5c:ec:44:66:a2:64:6f:e5:6b:43:68:9b:e7:80:25:a9:49: e5:c8:65:f2:2d:71:ed:9a:92:d4:c1:2a:b9:c4:25:3b:f0:f7: 2a:a0:09:f0:d8:88:e4:9e:0f:82:36:18:c9:e6:a4:f4:e7:92: e4:c6:3e:84:4a:f2:13:c4:c8:8b:99:d1:e6:99:4a:55:72:a8: 11:19:51:fc:af:a0:05:e4:5e:dc:e4:7e:e4:19:06:31:1c:01: 71:2e:a9:ad:8d:d0:e7:d0:9b:1a:36:7e:62:e7:03:a4:dc:99: 35:07:f8:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCPowYCbH8Nt1KNeySxjDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhNzAyMDJjMzEyZGQyYzdhNmZmYzMxN2FhODZlNGUyMDY5 MjQ5YTYwHhcNMjUxMjA2MDUwMTA1WhcNMjUxMjA3MDUwMTA1WjAzMTEwLwYDVQQD EygwN2ViOTc0ZjE1NTNkMmJkNWJjM2YxZjY3NTA4NjFiNjVkNjJkMzAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvGn9nzWfKt99LuoAZ7CASWJUgE2 OuFwK/J400UlYcOurkAmstxLj2kPvJ5P0dRodLh8X+7m8mAdwdo3qBm5813dXNtC owt98/cYPrxKTIAPkg1Ennw56XeicVEF9AG1b1iYmmJoQJkTh9eGSFhrbRjSjm0c I7l47NeFfLknPh3qVuwjfNV5tU8NbCxozvQsICRmlyjF7wEm2RGcQv+pC97RHuBL vhQY18ULBq8uyUXwITCF2uv0o3EAnpoC7A6M20RFhTz6RLaIZlEcszFJprCuJfNE Zxg7sUnTp1h6ZIgN023lprz6QWN3+EkHh54VL8eTYQHKaB0rEOItIGPAAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAfrl08VU9K9W8Px9nUIYbZdYtMCMB8GA1UdIwQY MBaAFApwICwxLdLHpv/DF6qG5OIGkkmmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMt NjhjODQ5Mjc3ZDczLzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMtNjhjODQ5Mjc3ZDcz LzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX7vzpnzZ 0hqmODY4Ll7dkTQ19maV9ES3SthA2gn2nGxXsdS3QmbsPc5tw47tsWSCSCwhFPo2 2OvBpzNndD9krPYMGgv8nE/hDXzYRBbqlM0U9tpqsdQwMX9gG/9T9co4iCVMH7P/ 6JYzk1qLQ1Rxq3euINfBB1Whr6qIrCJ2B+p1bmql6YSDwg6zqzXcPhI4pFzsRGai ZG/la0Nom+eAJalJ5chl8i1x7ZqS1MEqucQlO/D3KqAJ8NiI5J4PgjYYyeak9OeS 5MY+hEryE8TIi5nR5plKVXKoERlR/K+gBeRe3OR+5BkGMRwBcS6prY3Q59CbGjZ+ YucDpNyZNQf4nA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:38:48 2025 by rpki-client