This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft File: fKnhWNylWE83ofg0myiaaBLbkko.mft (raw, json) Hash identifier: Bho1nhQQLaTxxEOdm6OF/9DsdPdrH9zQQ5WWYWMSFGY= Subject key identifier: 32:39:EF:6C:01:BD:E6:5F:2E:65:51:CB:30:EA:75:6D:85:8B:A1:C1 Authority key identifier: 7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A Certificate issuer: /CN=7ca9e158dca5584f37a1f8349b289a6812db924a Certificate serial: 019AF23F9A2FF996B81111654EE59B57A18A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft Manifest number: 09CB Signing time: Sat 06 Dec 2025 06:00:45 +0000 Manifest this update: Sat 06 Dec 2025 06:00:45 +0000 Manifest next update: Sun 07 Dec 2025 06:00:45 +0000 Files and hashes: 1: fKnhWNylWE83ofg0myiaaBLbkko.crl (hash: n5In8VZa9ZmcL3+c6FudE5sjH9XI11BT4/UkWwrCfZQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:9a:2f:f9:96:b8:11:11:65:4e:e5:9b:57:a1:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ca9e158dca5584f37a1f8349b289a6812db924a Validity Not Before: Dec 6 06:00:45 2025 GMT Not After : Dec 7 06:00:45 2025 GMT Subject: CN=3239ef6c01bde65f2e6551cb30ea756d858ba1c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0b:ce:91:41:4d:78:54:d6:da:5b:86:a6:7f: 04:81:a9:5e:48:c0:6c:78:04:f9:74:cf:ea:30:90: 0a:71:c7:ac:dd:68:41:b2:7d:68:85:eb:9e:48:14: 58:a3:ee:3a:20:e7:d5:52:5e:90:e5:8c:fd:97:c4: b7:53:d8:cc:fe:92:66:a3:84:5a:66:e2:a4:e0:0e: fd:2c:71:b4:37:b4:97:e6:a9:c6:15:58:87:59:4d: 3f:a4:eb:25:9d:a7:7b:3a:90:0f:e6:18:aa:46:6b: ab:04:09:bb:06:45:7d:36:87:1f:d4:38:61:40:ee: 05:de:77:19:61:fd:a1:5d:50:99:00:0c:36:84:e1: ab:d7:f6:86:e9:e2:68:88:11:17:69:c3:13:35:5e: 09:f7:2c:29:c6:47:d1:42:b3:54:2c:f4:35:23:ef: 8b:1e:19:74:12:5c:45:00:c9:78:ed:ca:cc:2e:a1: 4e:22:e4:d2:95:04:c5:05:bc:5f:92:47:96:10:5f: 39:f8:5b:29:aa:cf:23:d2:61:36:b0:12:40:02:2b: 6e:dc:80:47:3f:b9:bd:7e:32:46:4b:10:49:d9:72: 31:06:4e:00:40:ba:70:4d:a8:2b:a1:7b:6b:7d:5b: 1e:79:d2:b1:56:76:89:b6:cb:d9:c8:14:10:27:dc: c0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:39:EF:6C:01:BD:E6:5F:2E:65:51:CB:30:EA:75:6D:85:8B:A1:C1 X509v3 Authority Key Identifier: keyid:7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:78:89:3d:f2:09:06:fe:57:af:40:27:c6:49:e4:5b:36:a7: b6:dd:b5:4c:02:c2:21:34:72:18:f3:ec:4a:8e:37:dc:2a:6f: 71:15:c5:0c:d0:c9:e4:ef:15:7b:06:d4:3a:42:ea:44:19:0b: f3:aa:46:72:2a:66:a1:ce:50:5c:ee:f8:8b:e8:82:53:ca:c5: 56:fd:af:75:a1:fb:ac:08:cf:d6:da:80:56:0a:84:8d:4a:1e: e0:37:4a:98:78:3c:69:95:e4:55:58:91:66:37:8c:42:66:d1: 84:49:61:2f:03:a1:c8:a1:e9:9a:bb:ff:38:08:49:4e:a3:07: 23:66:12:63:e0:ee:1d:73:6f:c2:81:ff:a6:15:02:d1:cd:2f: 70:3c:26:46:7b:64:bd:63:52:bc:48:21:2d:25:a8:5d:39:5d: 1b:dc:ba:15:59:7b:c9:12:d3:fd:14:59:ec:67:b4:b1:6d:97: 81:b4:8c:b8:67:85:f4:be:4a:01:f2:2f:75:e7:ab:17:ef:c7: 4d:4e:fa:33:2a:d0:69:12:9d:45:d0:4f:de:c4:10:ca:7f:fa: c6:23:12:aa:ae:3d:e0:ff:51:87:13:ba:54:79:91:b9:0c:c9: 63:1d:c3:3d:e6:c9:70:13:c8:fe:91:f4:08:b3:d4:0e:75:18: 06:b1:c4:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP5ov+Za4ERFlTuWbV6GKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjYTllMTU4ZGNhNTU4NGYzN2ExZjgzNDliMjg5YTY4MTJk YjkyNGEwHhcNMjUxMjA2MDYwMDQ1WhcNMjUxMjA3MDYwMDQ1WjAzMTEwLwYDVQQD EygzMjM5ZWY2YzAxYmRlNjVmMmU2NTUxY2IzMGVhNzU2ZDg1OGJhMWMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQvOkUFNeFTW2luGpn8EgaleSMBs eAT5dM/qMJAKcces3WhBsn1oheueSBRYo+46IOfVUl6Q5Yz9l8S3U9jM/pJmo4Ra ZuKk4A79LHG0N7SX5qnGFViHWU0/pOslnad7OpAP5hiqRmurBAm7BkV9Nocf1Dhh QO4F3ncZYf2hXVCZAAw2hOGr1/aG6eJoiBEXacMTNV4J9ywpxkfRQrNULPQ1I++L Hhl0ElxFAMl47crMLqFOIuTSlQTFBbxfkkeWEF85+Fspqs8j0mE2sBJAAitu3IBH P7m9fjJGSxBJ2XIxBk4AQLpwTagroXtrfVseedKxVnaJtsvZyBQQJ9zA0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDI572wBveZfLmVRyzDqdW2Fi6HBMB8GA1UdIwQY MBaAFHyp4VjcpVhPN6H4NJsommgS25JKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQt NzhhNzdmN2ExMzQyLzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQtNzhhNzdmN2ExMzQy LzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXiJPfIJ Bv5Xr0AnxknkWzantt21TALCITRyGPPsSo433CpvcRXFDNDJ5O8VewbUOkLqRBkL 86pGcipmoc5QXO74i+iCU8rFVv2vdaH7rAjP1tqAVgqEjUoe4DdKmHg8aZXkVViR ZjeMQmbRhElhLwOhyKHpmrv/OAhJTqMHI2YSY+DuHXNvwoH/phUC0c0vcDwmRntk vWNSvEghLSWoXTldG9y6FVl7yRLT/RRZ7Ge0sW2XgbSMuGeF9L5KAfIvdeerF+/H TU76MyrQaRKdRdBP3sQQyn/6xiMSqq494P9RhxO6VHmRuQzJYx3DPebJcBPI/pH0 CLPUDnUYBrHEqg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:04:02 2025 by rpki-client