This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft File: 02JOkIx0mP22E1QnU-9Wx1zXBL0.mft (raw, json) Hash identifier: C3NoTRhG76aiOLTaKmQe+ar4pbHfSjdkj76ADhv6qCQ= Subject key identifier: 03:8B:DD:8F:6F:C1:ED:8A:0F:A3:83:8F:C4:01:55:82:C2:6F:E4:60 Authority key identifier: D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD Certificate issuer: /CN=d3624e908c7498fdb613542753ef56c75cd704bd Certificate serial: 019AF1D1E582922B34C50F4532D228F93049 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft Manifest number: 0B9D Signing time: Sat 06 Dec 2025 04:00:56 +0000 Manifest this update: Sat 06 Dec 2025 04:00:56 +0000 Manifest next update: Sun 07 Dec 2025 04:00:56 +0000 Files and hashes: 1: 02JOkIx0mP22E1QnU-9Wx1zXBL0.crl (hash: lMSSZ34E4FqrNV3CRncKWOEPAK/Q61vR5AmaUXDtjd8=) 2: _l8jrf0myWSyZHEusIZ6cmnQafE.roa (hash: gjseV+JPjv3tCrp8kMrsCJYjL6BjqLfcHlxvbKTgJog=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:e5:82:92:2b:34:c5:0f:45:32:d2:28:f9:30:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3624e908c7498fdb613542753ef56c75cd704bd Validity Not Before: Dec 6 04:00:56 2025 GMT Not After : Dec 7 04:00:56 2025 GMT Subject: CN=038bdd8f6fc1ed8a0fa3838fc4015582c26fe460 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:04:a1:59:3f:60:a9:a6:36:2a:3a:98:a2:20: 9a:ef:e9:91:0b:80:b2:58:a3:68:59:08:d0:a6:30: a8:6d:8a:00:64:02:b3:94:58:c9:cd:91:4a:9b:c1: 0d:d8:ad:30:b8:d7:02:86:9c:53:26:51:7d:c8:31: cd:01:e9:f6:ee:6a:63:80:83:70:ae:4e:d1:00:84: 44:f8:b0:13:e3:e7:c5:78:de:3f:a4:8f:42:b6:4e: e2:4f:98:9d:83:25:14:2f:72:7e:93:b8:b3:98:18: c4:1e:3b:d5:af:64:a6:88:c5:cd:7f:4b:62:24:c7: 10:93:54:0f:89:f0:39:b0:7c:03:c2:7a:82:7f:82: 1b:21:aa:70:58:19:5a:fd:60:dd:4f:b8:74:04:b5: 1d:d3:fb:14:e9:05:5e:48:ee:7b:2a:7b:74:f5:d2: b9:80:99:36:99:44:91:53:39:ae:94:3b:a6:7a:47: 77:53:62:ab:24:1e:02:eb:73:49:11:d0:f1:92:f1: 5c:d2:a9:9e:be:9e:7a:30:2f:f3:3b:ae:92:d9:91: d3:0d:0a:36:a7:59:e5:95:80:29:01:16:78:7c:83: 91:4d:da:0c:7f:f9:b2:bf:c1:da:79:aa:cf:be:72: a7:ae:c4:58:12:f8:ea:ed:76:a9:36:de:a6:2a:7f: 7b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:8B:DD:8F:6F:C1:ED:8A:0F:A3:83:8F:C4:01:55:82:C2:6F:E4:60 X509v3 Authority Key Identifier: keyid:D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:d5:a9:50:b4:72:fe:b4:80:4e:bb:bd:d0:1a:11:19:03:e9: 33:80:ce:aa:c0:f3:59:09:97:8b:a9:56:b6:a3:fc:a6:b6:d7: 7c:47:36:cf:c5:c3:78:03:c1:bb:cb:6a:36:72:8c:a4:2f:4c: 18:1b:91:af:68:d7:39:64:34:a1:69:e7:20:56:f0:ad:b2:85: 99:a4:74:03:38:f3:ba:fe:74:e6:94:c5:4d:a3:05:d2:5a:ab: 19:70:b0:e7:77:42:96:08:6c:7a:d4:bd:53:59:33:92:08:23: e3:9c:95:b1:e9:d3:80:2b:3f:62:3a:4a:6c:e3:e8:8f:d7:6c: 2f:fa:fc:57:20:d9:c7:80:a9:92:52:62:f8:c3:01:1b:89:9e: 36:76:50:f4:6a:28:ef:e5:f6:c4:d0:91:15:97:57:7d:d8:4c: 11:1d:aa:20:db:ae:b7:07:9c:dd:e4:88:59:b3:56:bf:56:c0: e4:83:f9:16:79:e7:7f:0c:da:51:3e:b4:82:5c:ec:0c:22:16: 39:4a:88:2c:e0:44:f2:be:8a:ff:a9:49:3b:f1:54:74:2a:d2: ac:e1:75:ca:c6:b7:cc:2a:fd:1d:8f:ff:b4:69:98:1f:ca:d5: 13:2a:5c:6f:fc:71:b8:29:56:65:6d:b6:eb:9b:15:65:38:b9: f4:d2:9a:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0eWCkis0xQ9FMtIo+TBJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNjI0ZTkwOGM3NDk4ZmRiNjEzNTQyNzUzZWY1NmM3NWNk NzA0YmQwHhcNMjUxMjA2MDQwMDU2WhcNMjUxMjA3MDQwMDU2WjAzMTEwLwYDVQQD EygwMzhiZGQ4ZjZmYzFlZDhhMGZhMzgzOGZjNDAxNTU4MmMyNmZlNDYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgShWT9gqaY2KjqYoiCa7+mRC4Cy WKNoWQjQpjCobYoAZAKzlFjJzZFKm8EN2K0wuNcChpxTJlF9yDHNAen27mpjgINw rk7RAIRE+LAT4+fFeN4/pI9Ctk7iT5idgyUUL3J+k7izmBjEHjvVr2SmiMXNf0ti JMcQk1QPifA5sHwDwnqCf4IbIapwWBla/WDdT7h0BLUd0/sU6QVeSO57Knt09dK5 gJk2mUSRUzmulDumekd3U2KrJB4C63NJEdDxkvFc0qmevp56MC/zO66S2ZHTDQo2 p1nllYApARZ4fIORTdoMf/myv8HaearPvnKnrsRYEvjq7XapNt6mKn975QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAOL3Y9vwe2KD6ODj8QBVYLCb+RgMB8GA1UdIwQY MBaAFNNiTpCMdJj9thNUJ1PvVsdc1wS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMt NjQ1MGYxODQxMTIyLzEvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMtNjQ1MGYxODQxMTIy LzEvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkdWpULRy /rSATru90BoRGQPpM4DOqsDzWQmXi6lWtqP8prbXfEc2z8XDeAPBu8tqNnKMpC9M GBuRr2jXOWQ0oWnnIFbwrbKFmaR0Azjzuv505pTFTaMF0lqrGXCw53dClghsetS9 U1kzkggj45yVsenTgCs/YjpKbOPoj9dsL/r8VyDZx4CpklJi+MMBG4meNnZQ9Goo 7+X2xNCRFZdXfdhMER2qINuutwec3eSIWbNWv1bA5IP5FnnnfwzaUT60glzsDCIW OUqILOBE8r6K/6lJO/FUdCrSrOF1ysa3zCr9HY//tGmYH8rVEypcb/xxuClWZW22 65sVZTi59NKaOQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:17:23 2025 by rpki-client