This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft File: 0KNDo37K0r-yw1vZsm1_SLy1dTc.mft (raw, json) Hash identifier: yDSXah1RC3VO+8SKNqmgm3Zt5jLOJ6+eL9l916xmYy8= Subject key identifier: 2D:9D:09:33:AD:A3:6E:8A:FD:F2:8C:9F:6F:DB:E0:B8:8F:8E:5B:37 Authority key identifier: D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37 Certificate issuer: /CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537 Certificate serial: 019AF38947924B4093BBCF33CA97069D1835 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft Manifest number: 16F3 Signing time: Sat 06 Dec 2025 12:00:51 +0000 Manifest this update: Sat 06 Dec 2025 12:00:51 +0000 Manifest next update: Sun 07 Dec 2025 12:00:51 +0000 Files and hashes: 1: 0KNDo37K0r-yw1vZsm1_SLy1dTc.crl (hash: jDpu8QqHrOtJt3u+fxtS81HCbZ7PSDfpkHZ1/bSmRlM=) 2: cednPNYKxfRsr4W4osQ0UxWr_xg.roa (hash: bAnClABodJAGvw6mOL61pHv3A1a0Gmryz3vjrqAKOxo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:47:92:4b:40:93:bb:cf:33:ca:97:06:9d:18:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d0a343a37ecad2bfb2c35bd9b26d7f48bcb57537 Validity Not Before: Dec 6 12:00:51 2025 GMT Not After : Dec 7 12:00:51 2025 GMT Subject: CN=2d9d0933ada36e8afdf28c9f6fdbe0b88f8e5b37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:3e:25:af:1e:91:e9:d3:84:1c:f5:69:d1:45: 45:cc:28:d0:3f:a0:47:26:13:eb:82:6f:7d:34:e1: 5f:cc:87:0c:60:cb:60:9b:46:12:f5:b7:56:12:33: f6:8a:69:32:a3:53:ef:3c:48:c1:b5:17:6b:ff:bb: 80:3e:6f:02:b8:94:1f:c0:6a:06:af:36:64:6d:d6: 3c:f3:9b:48:2d:48:a1:ac:c4:5c:07:7e:fb:e0:8e: 79:1e:d7:86:40:1a:45:b5:5e:e2:fe:6a:63:11:26: d1:50:e4:29:14:12:9f:5d:25:3d:a9:a9:14:ec:e0: 37:ec:d7:9f:5d:7c:b6:ce:cb:7c:ea:72:38:5b:fb: ec:d5:23:89:8d:ed:1d:15:95:b6:64:f8:a2:46:c4: 22:ec:02:c4:16:19:db:bb:10:c2:bd:4c:3e:52:c9: 5a:d8:09:41:51:2a:35:b0:a6:b0:9b:43:12:d6:2c: 0c:f7:56:c9:21:fc:1b:a6:d7:3e:6e:54:66:0f:14: 42:51:a2:53:3f:ad:1f:d1:66:4a:09:36:5f:f8:2f: 01:a7:59:17:3e:d3:53:06:01:fa:dd:48:b5:b1:d3: a6:4e:36:70:98:97:75:c9:c2:ae:d3:74:ca:32:6d: 37:8f:f4:14:0c:f8:85:e9:ec:06:6a:07:1d:73:42: 2d:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:9D:09:33:AD:A3:6E:8A:FD:F2:8C:9F:6F:DB:E0:B8:8F:8E:5B:37 X509v3 Authority Key Identifier: keyid:D0:A3:43:A3:7E:CA:D2:BF:B2:C3:5B:D9:B2:6D:7F:48:BC:B5:75:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KNDo37K0r-yw1vZsm1_SLy1dTc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/201273-708d-4a46-9ab6-c7b36b8a2685/1/0KNDo37K0r-yw1vZsm1_SLy1dTc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:27:6c:4e:0b:e6:96:e1:7e:56:60:2d:94:f5:52:d0:31:53: bb:49:1f:be:25:9d:9f:45:e6:b9:55:2b:79:66:e3:15:d0:27: 8c:46:f4:bf:6a:5a:94:02:71:49:9a:85:dd:69:33:36:7b:86: 30:25:93:28:55:02:7d:7d:9c:f0:c6:73:77:37:d5:31:33:02: 00:53:42:de:cf:1b:9f:b4:61:d8:25:9c:56:79:ed:8d:17:8c: f2:a2:01:d9:f7:0c:82:56:58:fe:64:05:18:d2:ab:c4:0b:9c: a9:87:04:ba:53:9e:70:da:99:0e:38:94:31:03:22:82:1b:cb: 32:12:5c:d6:dd:83:ab:ba:17:c3:c0:16:78:8a:64:c2:fc:04: 4b:0d:5d:49:62:00:25:59:f8:58:6e:51:7a:2d:cf:11:03:e5: ab:c7:56:0c:97:52:e5:ca:a6:84:99:da:d2:19:7b:d6:78:9d: de:d9:b4:97:be:9a:a7:33:2d:34:d3:d9:c5:70:c7:d8:0c:32: 44:c0:c3:11:cd:99:ab:e9:1e:b6:b5:5e:ae:6d:49:31:c6:27: 2c:4a:e1:d3:92:ba:22:3f:24:43:5e:99:13:ab:05:85:56:9d: 85:97:5f:6e:b2:1c:35:d0:63:fb:0e:67:5f:b7:ec:71:90:fe: ac:ac:da:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziUeSS0CTu88zypcGnRg1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwYTM0M2EzN2VjYWQyYmZiMmMzNWJkOWIyNmQ3ZjQ4YmNi NTc1MzcwHhcNMjUxMjA2MTIwMDUxWhcNMjUxMjA3MTIwMDUxWjAzMTEwLwYDVQQD EygyZDlkMDkzM2FkYTM2ZThhZmRmMjhjOWY2ZmRiZTBiODhmOGU1YjM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD4lrx6R6dOEHPVp0UVFzCjQP6BH JhPrgm99NOFfzIcMYMtgm0YS9bdWEjP2imkyo1PvPEjBtRdr/7uAPm8CuJQfwGoG rzZkbdY885tILUihrMRcB3774I55HteGQBpFtV7i/mpjESbRUOQpFBKfXSU9qakU 7OA37NefXXy2zst86nI4W/vs1SOJje0dFZW2ZPiiRsQi7ALEFhnbuxDCvUw+Usla 2AlBUSo1sKawm0MS1iwM91bJIfwbptc+blRmDxRCUaJTP60f0WZKCTZf+C8Bp1kX PtNTBgH63Ui1sdOmTjZwmJd1ycKu03TKMm03j/QUDPiF6ewGagcdc0ItlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC2dCTOto26K/fKMn2/b4LiPjls3MB8GA1UdIwQY MBaAFNCjQ6N+ytK/ssNb2bJtf0i8tXU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYt YzdiMzZiOGEyNjg1LzEvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8yMDEyNzMtNzA4ZC00YTQ2LTlhYjYtYzdiMzZiOGEyNjg1 LzEvMEtORG8zN0swci15dzF2WnNtMV9TTHkxZFRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzSdsTgvm luF+VmAtlPVS0DFTu0kfviWdn0XmuVUreWbjFdAnjEb0v2palAJxSZqF3WkzNnuG MCWTKFUCfX2c8MZzdzfVMTMCAFNC3s8bn7Rh2CWcVnntjReM8qIB2fcMglZY/mQF GNKrxAucqYcEulOecNqZDjiUMQMighvLMhJc1t2Dq7oXw8AWeIpkwvwESw1dSWIA JVn4WG5Rei3PEQPlq8dWDJdS5cqmhJna0hl71nid3tm0l76apzMtNNPZxXDH2Awy RMDDEc2Zq+ketrVerm1JMcYnLErh05K6Ij8kQ16ZE6sFhVadhZdfbrIcNdBj+w5n X7fscZD+rKzaEg== -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:29 2025 by rpki-client