This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.mft File: 0HNWUFJtK79SUNl5fknbHZ8cwn8.mft (raw, json) Hash identifier: VlgN0bH82apBK33COlxlZTUfMpWSK0hqCzm9hhImpxc= Subject key identifier: EA:1F:26:3D:36:D8:9B:B9:20:8F:75:12:6E:FE:C9:27:60:65:8C:F1 Authority key identifier: D0:73:56:50:52:6D:2B:BF:52:50:D9:79:7E:49:DB:1D:9F:1C:C2:7F Certificate issuer: /CN=d0735650526d2bbf5250d9797e49db1d9f1cc27f Certificate serial: 019AF16460CBFBEECD6CA414FA7BDB8EA515 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0HNWUFJtK79SUNl5fknbHZ8cwn8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.mft Manifest number: 68 Signing time: Sat 06 Dec 2025 02:01:18 +0000 Manifest this update: Sat 06 Dec 2025 02:01:18 +0000 Manifest next update: Sun 07 Dec 2025 02:01:18 +0000 Files and hashes: 1: 0HNWUFJtK79SUNl5fknbHZ8cwn8.crl (hash: 0k2c94sQgo5bDuuRjLgwN3eyW1kUwJpbNbEQOBcwutM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.mft rsync://rpki.ripe.net/repository/DEFAULT/0HNWUFJtK79SUNl5fknbHZ8cwn8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:60:cb:fb:ee:cd:6c:a4:14:fa:7b:db:8e:a5:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0735650526d2bbf5250d9797e49db1d9f1cc27f Validity Not Before: Dec 6 02:01:18 2025 GMT Not After : Dec 7 02:01:18 2025 GMT Subject: CN=ea1f263d36d89bb9208f75126efec92760658cf1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:d0:ce:d4:42:0b:82:2f:ce:19:79:02:b3:8f: 14:8e:d3:95:dc:45:35:7f:d0:58:bd:43:54:9a:a4: 81:ad:9f:30:75:34:9e:c3:af:10:58:fa:9f:92:5c: 1c:42:d8:ff:ec:5a:89:10:38:13:d9:38:01:8c:a2: 3b:5b:92:49:dc:89:83:14:6c:45:cd:67:3e:51:10: 0e:a5:5f:73:ba:59:25:72:a6:e3:75:69:e1:5c:3a: 5b:38:6f:c7:bc:52:23:98:36:2f:64:3d:b8:72:0d: 04:01:6f:04:29:74:94:fb:b2:df:95:ef:7c:ed:47: c7:e9:34:6a:77:f2:a1:18:89:eb:44:7d:95:1b:c8: d0:b6:cd:69:06:d1:8e:32:98:7e:36:00:cd:53:06: df:3d:9c:2f:78:9f:b6:9a:6d:b1:4f:dd:4e:89:d4: 45:70:6d:30:5a:8b:de:a6:97:d3:d1:cc:4b:ff:60: 4e:55:8c:b3:fc:2c:c3:8f:48:b8:20:53:2d:32:96: b1:8a:2c:d0:ad:35:51:71:fe:24:8b:45:e0:da:53: 8e:82:3c:68:b7:e8:6d:56:44:46:a5:12:c2:0b:b3: d9:98:25:a9:3e:cf:87:20:e3:e4:7b:a4:41:38:c1: b5:db:ff:07:bd:36:9c:76:f7:19:69:e6:51:3b:1b: a0:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:1F:26:3D:36:D8:9B:B9:20:8F:75:12:6E:FE:C9:27:60:65:8C:F1 X509v3 Authority Key Identifier: keyid:D0:73:56:50:52:6D:2B:BF:52:50:D9:79:7E:49:DB:1D:9F:1C:C2:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0HNWUFJtK79SUNl5fknbHZ8cwn8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b49500-0b74-4c45-a882-0c84fd757990/1/0HNWUFJtK79SUNl5fknbHZ8cwn8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:39:eb:20:d4:4e:df:d5:04:81:fa:60:2f:3c:54:d5:a5:a3: e6:de:8d:f8:d5:92:34:0d:99:5d:ec:23:51:b8:db:b5:8e:70: fe:0d:13:54:b2:cb:2d:50:7b:ac:77:3d:4d:72:86:b9:2f:7a: dd:b5:e8:81:27:34:ee:68:bb:a2:5e:7e:49:35:4f:83:b8:e2: 09:b9:45:c0:ac:a4:4d:34:10:b5:ea:08:00:54:f2:be:84:03: 6d:03:37:46:25:25:db:8a:ec:43:24:12:a8:cf:96:24:a1:0a: e1:1d:1e:e8:10:56:9a:57:ce:7a:b7:ef:b4:fb:c2:45:b2:0d: 7a:33:9c:1e:8e:79:e7:6e:90:00:c5:53:e6:d7:82:e5:e8:0b: df:cd:94:d3:09:48:78:a0:51:ec:2f:8b:db:0d:c7:ba:c9:34: 04:7a:35:31:64:8d:d1:05:52:6b:93:87:4e:be:85:9f:01:ce: 76:a3:b3:13:e7:93:76:87:c0:6e:1f:e8:73:5f:7f:3a:2d:93: 77:20:f0:fb:06:41:75:ae:f7:c5:12:2c:9b:51:dd:18:d1:99: d8:6c:a0:80:e0:5a:08:3a:22:c8:0b:02:eb:da:25:df:a3:bf: 01:4c:9c:5c:d1:57:00:da:f9:41:a7:57:f4:58:88:2a:0a:9a: a7:c8:85:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZGDL++7NbKQU+nvbjqUVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwNzM1NjUwNTI2ZDJiYmY1MjUwZDk3OTdlNDlkYjFkOWYx Y2MyN2YwHhcNMjUxMjA2MDIwMTE4WhcNMjUxMjA3MDIwMTE4WjAzMTEwLwYDVQQD EyhlYTFmMjYzZDM2ZDg5YmI5MjA4Zjc1MTI2ZWZlYzkyNzYwNjU4Y2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09DO1EILgi/OGXkCs48UjtOV3EU1 f9BYvUNUmqSBrZ8wdTSew68QWPqfklwcQtj/7FqJEDgT2TgBjKI7W5JJ3ImDFGxF zWc+URAOpV9zulklcqbjdWnhXDpbOG/HvFIjmDYvZD24cg0EAW8EKXSU+7Lfle98 7UfH6TRqd/KhGInrRH2VG8jQts1pBtGOMph+NgDNUwbfPZwveJ+2mm2xT91OidRF cG0wWoveppfT0cxL/2BOVYyz/CzDj0i4IFMtMpaxiizQrTVRcf4ki0Xg2lOOgjxo t+htVkRGpRLCC7PZmCWpPs+HIOPke6RBOMG12/8HvTacdvcZaeZROxugLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOofJj022Ju5II91Em7+ySdgZYzxMB8GA1UdIwQY MBaAFNBzVlBSbSu/UlDZeX5J2x2fHMJ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEhOV1VGSnRLNzlTVU5sNWZrbmJIWjhjd244LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNDk1MDAtMGI3NC00YzQ1LWE4ODIt MGM4NGZkNzU3OTkwLzEvMEhOV1VGSnRLNzlTVU5sNWZrbmJIWjhjd244Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9iNDk1MDAtMGI3NC00YzQ1LWE4ODItMGM4NGZkNzU3OTkw LzEvMEhOV1VGSnRLNzlTVU5sNWZrbmJIWjhjd244LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAojnrINRO 39UEgfpgLzxU1aWj5t6N+NWSNA2ZXewjUbjbtY5w/g0TVLLLLVB7rHc9TXKGuS96 3bXogSc07mi7ol5+STVPg7jiCblFwKykTTQQteoIAFTyvoQDbQM3RiUl24rsQyQS qM+WJKEK4R0e6BBWmlfOerfvtPvCRbINejOcHo55526QAMVT5teC5egL382U0wlI eKBR7C+L2w3Husk0BHo1MWSN0QVSa5OHTr6FnwHOdqOzE+eTdofAbh/oc19/Oi2T dyDw+wZBda73xRIsm1HdGNGZ2GyggOBaCDoiyAsC69ol36O/AUycXNFXANr5QadX 9FiIKgqap8iFJA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:42:28 2025 by rpki-client