This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft File: 0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json) Hash identifier: 5l1fsKRe0hpl5V34eyCjC52rRPrVXms4d02RuKwnivM= Subject key identifier: 2E:7D:2C:5A:39:A4:3B:1F:F8:54:84:CB:70:DF:69:6C:BF:E6:89:C9 Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33 Certificate issuer: /CN=d2986777a44ed0940f29a795c75f45a62f44bb33 Certificate serial: 019AF31C0D5C2762ABB84D09B5236EA3C43E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft Manifest number: 074C Signing time: Sat 06 Dec 2025 10:01:33 +0000 Manifest this update: Sat 06 Dec 2025 10:01:33 +0000 Manifest next update: Sun 07 Dec 2025 10:01:33 +0000 Files and hashes: 1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: 5O2HnNPHHT6a0AwWHTSq6IS/1W5/5XPAyY+TaP/0MtI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:0d:5c:27:62:ab:b8:4d:09:b5:23:6e:a3:c4:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33 Validity Not Before: Dec 6 10:01:33 2025 GMT Not After : Dec 7 10:01:33 2025 GMT Subject: CN=2e7d2c5a39a43b1ff85484cb70df696cbfe689c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:40:e0:e6:0b:ce:a3:4c:a2:e2:7a:e2:31:c2: c2:66:82:dc:49:71:38:cd:5e:09:31:05:47:26:0b: ef:3e:5d:37:e2:cb:ae:30:19:08:33:e4:a5:70:ea: cb:bb:38:93:1d:54:c0:4f:bc:8d:ae:ca:8f:fd:1c: c8:e5:15:c3:d4:43:90:68:f6:3b:2a:14:49:39:b7: 6c:a0:08:ec:8b:33:2f:61:d4:2b:b2:9d:02:ed:6d: 87:a6:5c:29:35:29:ae:07:42:32:d8:86:0e:9c:06: a3:8b:dc:3c:78:b1:92:57:72:07:fd:5b:fd:d5:77: 3e:91:3d:06:d6:71:52:37:4f:ae:ae:c2:33:28:aa: 8f:e6:1d:83:72:1d:b2:78:3f:f7:82:dc:04:1a:04: 2e:2c:b7:47:67:37:01:da:ab:9c:94:67:3a:c1:e9: e3:97:ce:a9:a1:4a:d0:83:d3:ba:9c:c3:80:87:2c: 31:5c:44:76:8c:90:99:35:0c:11:53:2e:7c:d3:8b: 76:47:7c:1f:07:f9:0d:6e:9b:4a:89:95:1f:b3:58: 82:df:30:23:a2:90:0e:54:2d:52:ff:32:15:08:84: 1d:25:d8:6d:ec:b9:3a:57:41:5f:7b:e9:4e:88:ec: 86:b5:ec:00:14:9c:0b:ca:7d:f2:e7:b4:36:70:3e: 37:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:7D:2C:5A:39:A4:3B:1F:F8:54:84:CB:70:DF:69:6C:BF:E6:89:C9 X509v3 Authority Key Identifier: keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:02:61:d6:80:49:d8:79:b8:69:71:88:e3:4a:57:be:d0:7a: 43:b7:f2:e6:41:64:7d:ea:4c:7b:29:6b:77:6a:87:bd:b4:87: d5:97:79:50:52:1c:d1:ac:1d:3f:97:58:b8:a4:c4:10:e8:34: 40:bd:4e:a3:69:fd:5e:18:15:3e:3e:58:16:07:3f:e2:ce:02: 93:bd:87:8e:82:d3:18:15:1d:c7:ae:29:a1:6f:74:5e:17:e5: 3c:13:1b:7b:0b:9f:04:ac:d7:77:cf:96:02:e2:4f:96:0c:db: 84:ad:8e:65:7a:e9:ab:cc:6d:4f:22:47:0e:92:06:9a:8a:15: 27:55:02:48:f4:a2:5b:d9:19:a2:a2:2b:84:fb:4d:90:79:50: c9:a5:2d:4c:c4:16:6e:48:b3:48:f6:f3:07:d2:80:e6:3f:47: 8f:4d:f4:4f:70:f3:c5:12:42:78:82:65:d9:f1:3f:5b:38:75: 9d:b7:f3:fd:e8:3f:15:0f:d4:20:49:85:fd:a9:8e:89:49:f1: 2c:89:eb:d3:2d:0f:8d:fa:18:48:90:69:6e:ab:85:4a:ed:ef: 9c:b4:d6:a0:62:01:86:e0:fa:25:52:46:8f:45:57:9d:d6:40: dd:c4:93:ba:cb:20:a5:2e:63:03:ab:56:26:e4:94:49:ca:b4: 0c:61:4e:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHA1cJ2KruE0JtSNuo8Q+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0 NGJiMzMwHhcNMjUxMjA2MTAwMTMzWhcNMjUxMjA3MTAwMTMzWjAzMTEwLwYDVQQD EygyZTdkMmM1YTM5YTQzYjFmZjg1NDg0Y2I3MGRmNjk2Y2JmZTY4OWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0Dg5gvOo0yi4nriMcLCZoLcSXE4 zV4JMQVHJgvvPl034suuMBkIM+SlcOrLuziTHVTAT7yNrsqP/RzI5RXD1EOQaPY7 KhRJObdsoAjsizMvYdQrsp0C7W2HplwpNSmuB0Iy2IYOnAaji9w8eLGSV3IH/Vv9 1Xc+kT0G1nFSN0+ursIzKKqP5h2Dch2yeD/3gtwEGgQuLLdHZzcB2quclGc6wenj l86poUrQg9O6nMOAhywxXER2jJCZNQwRUy5804t2R3wfB/kNbptKiZUfs1iC3zAj opAOVC1S/zIVCIQdJdht7Lk6V0Ffe+lOiOyGtewAFJwLyn3y57Q2cD43JQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC59LFo5pDsf+FSEy3DfaWy/5onJMB8GA1UdIwQY MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMgJh1oBJ 2Hm4aXGI40pXvtB6Q7fy5kFkfepMeylrd2qHvbSH1Zd5UFIc0awdP5dYuKTEEOg0 QL1Oo2n9XhgVPj5YFgc/4s4Ck72HjoLTGBUdx64poW90XhflPBMbewufBKzXd8+W AuJPlgzbhK2OZXrpq8xtTyJHDpIGmooVJ1UCSPSiW9kZoqIrhPtNkHlQyaUtTMQW bkizSPbzB9KA5j9Hj030T3DzxRJCeIJl2fE/Wzh1nbfz/eg/FQ/UIEmF/amOiUnx LInr0y0PjfoYSJBpbquFSu3vnLTWoGIBhuD6JVJGj0VXndZA3cSTussgpS5jA6tW JuSUScq0DGFOZg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:50:58 2025 by rpki-client