This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft File: o_60EOB9CI-2UbkTdJuBJX47mVI.mft (raw, json) Hash identifier: Fkt7+QduamBMOm4+9I8APybMu9yKFrcvoUDJ2GsukHw= Subject key identifier: B8:7A:C1:F3:EE:6A:B6:4B:50:60:AC:3A:4B:F0:13:76:0D:C4:93:B7 Authority key identifier: A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52 Certificate issuer: /CN=a3feb410e07d088fb651b913749b81257e3b9952 Certificate serial: 019AF31CF17CC7D95C7F8F02A85D293BEDCA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft Manifest number: 11AC Signing time: Sat 06 Dec 2025 10:02:31 +0000 Manifest this update: Sat 06 Dec 2025 10:02:31 +0000 Manifest next update: Sun 07 Dec 2025 10:02:31 +0000 Files and hashes: 1: o_60EOB9CI-2UbkTdJuBJX47mVI.crl (hash: UcWVukqUPAVpMlYa1D+PMFrPGs3czzqHaI3XImOsyQI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:f1:7c:c7:d9:5c:7f:8f:02:a8:5d:29:3b:ed:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3feb410e07d088fb651b913749b81257e3b9952 Validity Not Before: Dec 6 10:02:31 2025 GMT Not After : Dec 7 10:02:31 2025 GMT Subject: CN=b87ac1f3ee6ab64b5060ac3a4bf013760dc493b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:37:f9:18:32:6b:d4:78:89:8d:a2:7b:b4:05: 38:c1:1f:78:05:da:e5:29:5b:d3:74:3a:7c:5f:67: e9:27:4f:51:3b:d2:a1:41:e8:86:9e:2e:3c:64:7e: bf:18:c1:16:ed:2e:c5:ef:29:7f:28:62:73:ab:f5: 7b:c4:94:11:1c:9f:a4:45:4f:f7:ea:88:e3:72:70: e3:0d:83:db:6d:91:c3:8f:19:a7:53:38:56:8d:e7: f0:e7:af:1c:4a:86:4e:fa:7f:59:4e:db:ee:3e:68: 2d:1d:25:c9:07:b6:41:2d:e8:4c:47:cb:57:2b:fc: 80:ec:e9:5b:be:7e:b3:28:48:23:85:66:0c:21:62: 53:f0:13:9a:da:00:5b:f7:93:67:f0:48:69:93:6a: 62:45:4a:ee:bc:14:7c:43:84:31:8b:d4:03:b0:38: 10:f3:fd:e9:51:c7:47:3c:e5:c3:46:98:fe:8a:9a: 34:d1:59:c9:fe:1d:7c:66:25:ca:63:7e:4e:12:6c: 91:23:0a:76:7c:e5:d0:04:d4:48:9e:d5:a7:27:00: e9:d2:ec:43:cd:a2:92:81:e3:ba:fd:30:60:0c:9f: d7:8e:46:b3:e8:e5:d2:00:5d:67:96:f4:13:34:9e: 91:9d:b1:b5:e1:0d:fe:48:7d:c4:90:cb:2b:bf:9b: d8:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:7A:C1:F3:EE:6A:B6:4B:50:60:AC:3A:4B:F0:13:76:0D:C4:93:B7 X509v3 Authority Key Identifier: keyid:A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:95:b8:fb:61:8e:e0:df:39:61:3b:de:0b:95:61:e6:2b:a4: b7:74:c0:6c:e4:d4:61:44:18:89:1b:4c:5c:21:52:82:74:5e: 6c:16:2d:c1:5b:59:8e:0b:0a:be:3e:e0:d1:5b:5a:de:af:8d: 77:f1:f7:f0:44:6e:39:db:f8:e0:a3:3d:3f:46:e7:81:6b:d4: 0d:53:89:ea:b7:af:c1:12:bb:e9:98:5f:ea:de:5d:48:95:f6: 15:0d:37:8d:5d:ca:4b:a3:36:48:36:c3:f5:04:bc:8b:69:08: a6:b3:2a:85:34:3b:4e:53:c1:85:e3:ad:aa:95:5f:10:d6:0d: 2c:ef:85:02:a3:ef:e7:8f:86:a0:de:53:01:da:ca:2f:88:45: 04:19:8e:07:3f:02:a9:ba:ec:79:86:e8:7c:91:44:b0:b4:da: 57:4f:d3:d0:39:0f:f0:1a:8f:a0:d3:da:9b:62:1a:7f:9d:97: d3:e8:fe:4a:5b:65:bf:34:31:9a:39:d9:3a:ac:a7:96:c8:a9: af:86:f7:d2:ec:c5:93:33:8a:a6:17:74:37:eb:e9:e8:6f:a2: 41:08:17:5c:0d:37:67:dc:81:fc:a6:d9:d7:6a:f5:a6:cf:dd: 53:7e:d7:09:66:06:63:ad:4f:07:fd:45:fc:c3:0d:c1:db:39: 03:18:61:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHPF8x9lcf48CqF0pO+3KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzZmViNDEwZTA3ZDA4OGZiNjUxYjkxMzc0OWI4MTI1N2Uz Yjk5NTIwHhcNMjUxMjA2MTAwMjMxWhcNMjUxMjA3MTAwMjMxWjAzMTEwLwYDVQQD EyhiODdhYzFmM2VlNmFiNjRiNTA2MGFjM2E0YmYwMTM3NjBkYzQ5M2I3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDf5GDJr1HiJjaJ7tAU4wR94Bdrl KVvTdDp8X2fpJ09RO9KhQeiGni48ZH6/GMEW7S7F7yl/KGJzq/V7xJQRHJ+kRU/3 6ojjcnDjDYPbbZHDjxmnUzhWjefw568cSoZO+n9ZTtvuPmgtHSXJB7ZBLehMR8tX K/yA7Olbvn6zKEgjhWYMIWJT8BOa2gBb95Nn8Ehpk2piRUruvBR8Q4Qxi9QDsDgQ 8/3pUcdHPOXDRpj+ipo00VnJ/h18ZiXKY35OEmyRIwp2fOXQBNRIntWnJwDp0uxD zaKSgeO6/TBgDJ/Xjkaz6OXSAF1nlvQTNJ6RnbG14Q3+SH3EkMsrv5vYwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLh6wfPuarZLUGCsOkvwE3YNxJO3MB8GA1UdIwQY MBaAFKP+tBDgfQiPtlG5E3SbgSV+O5lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMt MjM0YjMyMmEwY2ZlLzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMtMjM0YjMyMmEwY2Zl LzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAJW4+2GO 4N85YTveC5Vh5iukt3TAbOTUYUQYiRtMXCFSgnRebBYtwVtZjgsKvj7g0Vta3q+N d/H38ERuOdv44KM9P0bngWvUDVOJ6revwRK76Zhf6t5dSJX2FQ03jV3KS6M2SDbD 9QS8i2kIprMqhTQ7TlPBheOtqpVfENYNLO+FAqPv54+GoN5TAdrKL4hFBBmOBz8C qbrseYbofJFEsLTaV0/T0DkP8BqPoNPam2Iaf52X0+j+SltlvzQxmjnZOqynlsip r4b30uzFkzOKphd0N+vp6G+iQQgXXA03Z9yB/KbZ12r1ps/dU37XCWYGY61PB/1F /MMNwds5AxhhIQ== -----END CERTIFICATE-----Generated at Sat Dec 6 17:51:40 2025 by rpki-client