This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft File: COKNBckBhf5-Yq8c7iXIg7b-IjY.mft (raw, json) Hash identifier: CQY3A6AR8v/v6K9Grzze+E4pVr+8nhbCynV7eGtJK2k= Subject key identifier: 40:36:A9:49:D5:C4:25:17:9E:9C:3B:AA:A9:92:BF:B0:7E:5A:10:95 Authority key identifier: 08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36 Certificate issuer: /CN=08e28d05c90185fe7e62af1cee25c883b6fe2236 Certificate serial: 019AF0518316B4A4BFDF604C870185CE9ECB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft Manifest number: 06BC Signing time: Fri 05 Dec 2025 21:01:05 +0000 Manifest this update: Fri 05 Dec 2025 21:01:05 +0000 Manifest next update: Sat 06 Dec 2025 21:01:05 +0000 Files and hashes: 1: COKNBckBhf5-Yq8c7iXIg7b-IjY.crl (hash: QqDV6Xaw/0zLXF3NTAeRcRROaAu2WudtlLsUffzK9Pw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:51:83:16:b4:a4:bf:df:60:4c:87:01:85:ce:9e:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08e28d05c90185fe7e62af1cee25c883b6fe2236 Validity Not Before: Dec 5 21:01:05 2025 GMT Not After : Dec 6 21:01:05 2025 GMT Subject: CN=4036a949d5c425179e9c3baaa992bfb07e5a1095 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:7a:50:8b:2c:28:f3:51:43:fd:25:d5:44:c4: 8e:52:62:74:b0:b5:24:e5:4a:6d:3d:66:85:9d:9d: cd:87:ef:c7:61:1b:7e:ce:23:13:c3:f5:51:f5:45: d1:3c:17:28:2d:a5:97:59:a2:1b:b1:84:a4:76:3c: 5a:e5:71:bd:99:ac:d3:f0:24:46:09:cf:81:c0:56: 43:d4:3b:2a:b1:a5:bf:7e:7e:4b:0f:6c:bc:af:ce: 1f:a4:6c:02:e8:85:e1:f2:49:a2:cb:6c:09:d9:1e: 88:4d:e1:a6:4c:74:41:e8:89:c3:29:6f:21:ad:ff: 6c:be:29:90:d2:33:51:ac:58:46:5c:b5:2f:8c:43: 0b:c0:fa:45:cb:ff:29:97:02:94:cc:44:18:b5:26: df:7f:e5:69:f4:e1:40:85:b2:d2:13:bd:f2:6b:7d: a4:6d:74:98:ad:14:c1:3b:ff:0f:c7:7b:c6:9a:6e: 31:4e:79:87:9f:ed:f1:b5:38:4f:25:ac:75:e1:58: 98:46:15:f9:f4:e0:80:98:1e:bb:d3:77:a5:26:06: 2e:5e:ac:ec:0a:6d:c7:f0:25:c7:47:a7:fb:1b:78: fd:a3:8a:6c:b1:bf:89:bc:49:a5:81:ad:73:d1:91: cf:07:e7:ae:12:2f:0d:47:84:b3:bc:98:34:f3:93: 4e:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:36:A9:49:D5:C4:25:17:9E:9C:3B:AA:A9:92:BF:B0:7E:5A:10:95 X509v3 Authority Key Identifier: keyid:08:E2:8D:05:C9:01:85:FE:7E:62:AF:1C:EE:25:C8:83:B6:FE:22:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COKNBckBhf5-Yq8c7iXIg7b-IjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/8d2ba7-c6b7-470b-85aa-0c47a41f3a90/1/COKNBckBhf5-Yq8c7iXIg7b-IjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:81:fb:d7:44:6e:cc:f9:83:63:73:34:1a:4f:0b:a3:39:cb: ce:a0:03:1f:6e:0f:4a:49:63:c4:b9:7d:31:1e:1b:4f:4f:7f: 4d:2d:7b:c3:13:73:21:d9:f2:b4:f9:22:e4:86:1b:16:8a:05: 55:10:29:e0:8e:4d:9b:ab:9b:ae:51:f4:dd:4b:a7:e7:08:f7: ff:c0:1c:e5:61:91:b7:d9:7d:e7:f5:eb:66:95:08:ba:5b:a7: 42:86:77:b9:90:3e:d9:95:06:5d:58:5a:ce:e3:5b:22:7c:91: 8c:b4:48:f6:3a:fd:04:78:53:46:9f:3d:76:8f:3d:00:f0:d1: 0a:c1:ae:54:41:1a:ee:cc:ac:f8:6c:0a:e2:83:7d:c6:51:50: ae:73:24:b0:f3:33:be:b8:36:3e:1a:b9:22:16:d8:b0:36:28: 9c:ce:b9:b3:c1:8d:d4:34:e0:ba:3b:bb:ea:06:5a:f4:07:f9: e3:d0:2b:f8:3f:34:d9:d0:bd:2d:ff:23:40:40:e5:f7:ca:67: ef:69:c6:bc:b9:a1:ae:ca:f0:66:00:6f:33:1c:a9:28:18:be: 87:40:bf:7c:cd:82:86:8f:fa:1b:39:d0:d1:fb:1c:af:d5:63: b3:1b:44:45:08:e5:23:70:a4:91:64:95:df:46:32:7e:04:22: 12:c6:59:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwUYMWtKS/32BMhwGFzp7LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ZTI4ZDA1YzkwMTg1ZmU3ZTYyYWYxY2VlMjVjODgzYjZm ZTIyMzYwHhcNMjUxMjA1MjEwMTA1WhcNMjUxMjA2MjEwMTA1WjAzMTEwLwYDVQQD Eyg0MDM2YTk0OWQ1YzQyNTE3OWU5YzNiYWFhOTkyYmZiMDdlNWExMDk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXpQiywo81FD/SXVRMSOUmJ0sLUk 5UptPWaFnZ3Nh+/HYRt+ziMTw/VR9UXRPBcoLaWXWaIbsYSkdjxa5XG9mazT8CRG Cc+BwFZD1DsqsaW/fn5LD2y8r84fpGwC6IXh8kmiy2wJ2R6ITeGmTHRB6InDKW8h rf9svimQ0jNRrFhGXLUvjEMLwPpFy/8plwKUzEQYtSbff+Vp9OFAhbLSE73ya32k bXSYrRTBO/8Px3vGmm4xTnmHn+3xtThPJax14ViYRhX59OCAmB6703elJgYuXqzs Cm3H8CXHR6f7G3j9o4pssb+JvEmlga1z0ZHPB+euEi8NR4SzvJg085NOWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEA2qUnVxCUXnpw7qqmSv7B+WhCVMB8GA1UdIwQY MBaAFAjijQXJAYX+fmKvHO4lyIO2/iI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEt MGM0N2E0MWYzYTkwLzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS84ZDJiYTctYzZiNy00NzBiLTg1YWEtMGM0N2E0MWYzYTkw LzEvQ09LTkJja0JoZjUtWXE4YzdpWElnN2ItSWpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA4H710Ru zPmDY3M0Gk8LoznLzqADH24PSkljxLl9MR4bT09/TS17wxNzIdnytPki5IYbFooF VRAp4I5Nm6ubrlH03Uun5wj3/8Ac5WGRt9l95/XrZpUIulunQoZ3uZA+2ZUGXVha zuNbInyRjLRI9jr9BHhTRp89do89APDRCsGuVEEa7sys+GwK4oN9xlFQrnMksPMz vrg2Phq5IhbYsDYonM65s8GN1DTguju76gZa9Af549Ar+D802dC9Lf8jQEDl98pn 72nGvLmhrsrwZgBvMxypKBi+h0C/fM2Cho/6GznQ0fscr9VjsxtERQjlI3CkkWSV 30YyfgQiEsZZ8A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:58 2025 by rpki-client