This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft File: OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json) Hash identifier: nbaemdnE3BO5nJmPDSmfwlSnTb2qkhBRBWgrwVUq/R0= Subject key identifier: 62:D1:F7:14:4A:99:4F:15:9E:D9:76:91:25:6F:6E:8B:72:B6:AB:70 Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2 Certificate issuer: /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2 Certificate serial: 019AF3C027786D5C4E251C3402BB745B7341 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft Manifest number: 1768 Signing time: Sat 06 Dec 2025 13:00:47 +0000 Manifest this update: Sat 06 Dec 2025 13:00:47 +0000 Manifest next update: Sun 07 Dec 2025 13:00:47 +0000 Files and hashes: 1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: woRNxvIVcfsSt65xPw6g30ioAQNyJQDRSRXUiZylg/M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:27:78:6d:5c:4e:25:1c:34:02:bb:74:5b:73:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2 Validity Not Before: Dec 6 13:00:47 2025 GMT Not After : Dec 7 13:00:47 2025 GMT Subject: CN=62d1f7144a994f159ed97691256f6e8b72b6ab70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:75:23:63:cd:77:0f:b0:fb:82:c7:3f:84:3d: 0d:2e:2f:b5:11:f9:69:73:da:25:86:65:5b:52:99: f8:90:c7:6d:67:00:e8:f3:35:e5:10:73:bc:d1:48: 3a:61:3e:be:97:4d:c4:85:17:28:c3:88:01:f9:ab: 4a:5e:37:3e:12:38:1a:6a:8b:97:5f:c1:0c:a4:1f: 0b:d2:98:06:15:53:bb:0b:6a:2e:7b:0a:f3:0b:96: a9:4f:c2:d8:99:f6:80:72:5d:3b:3b:1e:94:bb:6f: c6:29:3a:2e:07:22:ae:ba:24:bf:fb:e9:a4:8a:e9: f4:1a:82:58:32:53:89:d0:a0:aa:36:94:a8:cc:c5: 16:54:1c:37:60:7d:d6:95:ac:f6:a8:8a:6c:a9:d1: f0:4f:7b:4e:26:a3:4f:5b:36:38:80:c1:bb:bd:76: e9:97:0d:55:49:5b:88:b5:c6:b8:ac:fc:d5:05:86: 14:74:63:75:8b:b0:48:1a:c5:d3:0f:b8:4f:66:f6: 8b:1c:df:b3:ed:fd:ee:7d:28:fb:15:5b:1c:0b:ab: 5b:10:82:ac:d6:9b:f2:17:b2:56:93:99:32:e9:c5: 46:bd:03:9f:61:1c:66:9b:a6:84:67:18:ba:11:d7: 70:96:18:72:90:5d:20:3c:39:56:43:07:34:af:ce: ed:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:D1:F7:14:4A:99:4F:15:9E:D9:76:91:25:6F:6E:8B:72:B6:AB:70 X509v3 Authority Key Identifier: keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:db:62:9e:7b:e4:e8:c3:b5:14:04:f3:35:8b:a8:18:1f:e1: bb:c6:4b:59:31:e2:6f:a7:4c:20:39:0a:50:58:f5:bb:dd:e0: 7e:d7:5b:26:90:6f:a2:d5:10:b1:9f:1d:03:4b:6c:1c:1d:0f: af:6c:48:ba:41:3c:1d:d0:1f:b6:41:33:e2:7a:1c:d8:56:18: 25:9d:27:36:63:92:32:ed:75:e4:5c:0d:6f:d1:d7:e4:b7:11: ac:2d:72:43:6a:8d:54:e2:27:46:5b:17:67:02:e3:ef:0c:89: ca:78:6c:5f:8e:c8:29:39:59:2a:b0:b8:81:e3:5a:32:ae:f5: a9:11:d2:ea:47:a9:0a:af:de:98:1d:9c:98:cf:ab:52:04:ea: bc:9f:ae:08:d7:ec:c9:06:24:46:52:cc:cd:0b:c9:f2:b7:a4: 4b:42:27:90:bf:e8:9c:13:3a:42:cc:6e:72:98:1c:b2:2d:d6: ca:1f:c3:73:1a:a6:6e:73:e9:bc:92:31:25:d7:3f:df:4f:c7: 7b:dc:b4:14:26:88:fb:d2:74:f3:3a:08:f9:e9:36:f3:b8:39: 18:fe:33:b6:99:1f:ee:d7:8f:e6:e4:aa:a4:a7:e0:a5:5f:7c: 27:c4:b2:77:52:fe:c9:e4:97:18:c5:55:97:e1:2d:04:51:3e: d0:3c:92:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwCd4bVxOJRw0Art0W3NBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm NTFkZjIwHhcNMjUxMjA2MTMwMDQ3WhcNMjUxMjA3MTMwMDQ3WjAzMTEwLwYDVQQD Eyg2MmQxZjcxNDRhOTk0ZjE1OWVkOTc2OTEyNTZmNmU4YjcyYjZhYjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3UjY813D7D7gsc/hD0NLi+1Eflp c9olhmVbUpn4kMdtZwDo8zXlEHO80Ug6YT6+l03EhRcow4gB+atKXjc+EjgaaouX X8EMpB8L0pgGFVO7C2ouewrzC5apT8LYmfaAcl07Ox6Uu2/GKTouByKuuiS/++mk iun0GoJYMlOJ0KCqNpSozMUWVBw3YH3Wlaz2qIpsqdHwT3tOJqNPWzY4gMG7vXbp lw1VSVuItca4rPzVBYYUdGN1i7BIGsXTD7hPZvaLHN+z7f3ufSj7FVscC6tbEIKs 1pvyF7JWk5ky6cVGvQOfYRxmm6aEZxi6EddwlhhykF0gPDlWQwc0r87t7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGLR9xRKmU8Vntl2kSVvbotytqtwMB8GA1UdIwQY MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUNtinnvk 6MO1FATzNYuoGB/hu8ZLWTHib6dMIDkKUFj1u93gftdbJpBvotUQsZ8dA0tsHB0P r2xIukE8HdAftkEz4noc2FYYJZ0nNmOSMu115FwNb9HX5LcRrC1yQ2qNVOInRlsX ZwLj7wyJynhsX47IKTlZKrC4geNaMq71qRHS6kepCq/emB2cmM+rUgTqvJ+uCNfs yQYkRlLMzQvJ8rekS0InkL/onBM6Qsxucpgcsi3Wyh/DcxqmbnPpvJIxJdc/30/H e9y0FCaI+9J08zoI+ek287g5GP4ztpkf7teP5uSqpKfgpV98J8Syd1L+yeSXGMVV l+EtBFE+0DySxQ== -----END CERTIFICATE-----Generated at Sat Dec 6 17:31:18 2025 by rpki-client