This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft File: sCnHJ8biLu2PvNHot2k5V40Nygo.mft (raw, json) Hash identifier: z65HjJY+4O8jGFuhZHUvYEThurq7KUWHi8P2i8dXn5I= Subject key identifier: FC:17:F6:FA:CF:07:1A:78:27:28:55:26:D0:1B:42:82:8E:CA:8B:C7 Authority key identifier: B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A Certificate issuer: /CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a Certificate serial: 019B2D0C6140ECC87541BE2823DCA654B9C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft Manifest number: 177B Signing time: Wed 17 Dec 2025 16:02:24 +0000 Manifest this update: Wed 17 Dec 2025 16:02:24 +0000 Manifest next update: Thu 18 Dec 2025 16:02:24 +0000 Files and hashes: 1: sCnHJ8biLu2PvNHot2k5V40Nygo.crl (hash: mchXaQOIkymCMgGTLKBe1JUjzFjd5N2+MrrryOWToTo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0c:61:40:ec:c8:75:41:be:28:23:dc:a6:54:b9:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a Validity Not Before: Dec 17 16:02:24 2025 GMT Not After : Dec 18 16:02:24 2025 GMT Subject: CN=fc17f6facf071a7827285526d01b42828eca8bc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:dc:43:aa:49:ae:40:12:41:3f:37:a9:f5:7c: ad:e1:59:90:05:13:af:9f:aa:61:aa:08:fa:02:81: e0:82:f3:e5:26:c0:e0:90:a3:e2:9b:b8:81:8b:50: 24:71:b1:12:70:3e:94:87:ff:93:8e:16:0d:5b:23: 40:de:c8:97:b6:7c:4f:1c:fb:d6:ed:09:47:98:b8: 70:24:d9:6e:e6:c3:23:23:de:98:22:63:4b:e4:cf: da:90:84:ed:81:dc:54:86:5e:00:69:24:03:ff:1f: 16:85:00:3f:9b:c0:8a:11:93:b5:40:73:ce:6a:cb: a9:d2:df:cb:34:3e:1e:21:bc:45:0e:31:c5:04:70: 14:77:a9:5b:0d:6b:e8:2e:3d:74:08:49:03:b7:f1: e8:f5:12:9f:61:99:23:b8:89:9f:58:9a:6c:72:5b: 01:19:f3:d3:c4:d7:6c:0e:f8:d4:5d:87:15:55:92: d1:25:5d:f0:2f:5f:51:56:de:14:7f:21:0a:77:b1: a5:7f:09:13:eb:c9:5d:1b:26:67:67:3d:7e:2e:99: 4b:9b:4f:e1:03:6b:e7:84:f4:86:c5:f0:ff:2a:38: 3a:b2:da:44:d5:60:58:d1:d8:55:77:49:ff:66:f0: aa:4f:67:0c:1a:32:5e:0c:82:e1:92:64:31:b8:bc: d6:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:17:F6:FA:CF:07:1A:78:27:28:55:26:D0:1B:42:82:8E:CA:8B:C7 X509v3 Authority Key Identifier: keyid:B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:14:d6:b7:7a:90:83:73:7d:bb:e9:86:11:b3:69:3e:aa:6d: 77:f1:d5:76:47:32:20:8a:88:d9:a9:99:e1:82:f9:01:fc:e5: 9f:e3:4c:80:14:42:c8:b3:83:dd:64:6f:6e:27:b7:83:4f:cb: 2d:07:e7:7d:8b:28:5f:99:d3:27:6c:59:d4:7a:10:37:06:35: 40:bc:09:fc:35:b4:c2:8e:0a:57:4e:72:9d:e6:97:a2:a9:9b: ad:95:d1:69:b9:e0:11:fd:5a:42:e9:e6:c0:73:6f:00:00:81: 6d:6c:1c:8a:7f:2e:18:c1:fb:1a:85:18:78:4d:ec:64:7c:9f: 12:99:ff:38:37:f4:a7:da:bc:75:64:55:ff:e6:23:4f:47:11: cd:50:5d:88:5f:c9:d7:23:f6:68:60:f8:11:f9:db:1a:2e:6c: 4f:8e:cf:cc:7e:76:9a:7d:9e:0f:76:ce:e2:47:c0:03:68:39: 15:8a:36:b0:17:b8:3b:f3:d3:a2:72:aa:1d:48:95:40:97:47: eb:41:ca:44:3f:2b:2b:b3:10:e3:cf:3c:27:21:7f:8b:ab:8b: 2e:ba:6c:d2:9a:c7:98:79:d0:20:8a:4f:09:fe:5d:a3:9c:34: e0:83:f6:55:3d:b8:13:e2:44:75:0e:45:9c:ad:05:64:0a:10: de:f5:6c:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstDGFA7Mh1Qb4oI9ymVLnBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwMjljNzI3YzZlMjJlZWQ4ZmJjZDFlOGI3NjkzOTU3OGQw ZGNhMGEwHhcNMjUxMjE3MTYwMjI0WhcNMjUxMjE4MTYwMjI0WjAzMTEwLwYDVQQD EyhmYzE3ZjZmYWNmMDcxYTc4MjcyODU1MjZkMDFiNDI4MjhlY2E4YmM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutxDqkmuQBJBPzep9Xyt4VmQBROv n6phqgj6AoHggvPlJsDgkKPim7iBi1AkcbEScD6Uh/+TjhYNWyNA3siXtnxPHPvW 7QlHmLhwJNlu5sMjI96YImNL5M/akITtgdxUhl4AaSQD/x8WhQA/m8CKEZO1QHPO asup0t/LND4eIbxFDjHFBHAUd6lbDWvoLj10CEkDt/Ho9RKfYZkjuImfWJpsclsB GfPTxNdsDvjUXYcVVZLRJV3wL19RVt4UfyEKd7GlfwkT68ldGyZnZz1+LplLm0/h A2vnhPSGxfD/Kjg6stpE1WBY0dhVd0n/ZvCqT2cMGjJeDILhkmQxuLzWnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPwX9vrPBxp4JyhVJtAbQoKOyovHMB8GA1UdIwQY MBaAFLApxyfG4i7tj7zR6LdpOVeNDcoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQt YTBkNzk5MjRkYjZjLzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQtYTBkNzk5MjRkYjZj LzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxTWt3qQ g3N9u+mGEbNpPqptd/HVdkcyIIqI2amZ4YL5Afzln+NMgBRCyLOD3WRvbie3g0/L LQfnfYsoX5nTJ2xZ1HoQNwY1QLwJ/DW0wo4KV05yneaXoqmbrZXRabngEf1aQunm wHNvAACBbWwcin8uGMH7GoUYeE3sZHyfEpn/ODf0p9q8dWRV/+YjT0cRzVBdiF/J 1yP2aGD4EfnbGi5sT47PzH52mn2eD3bO4kfAA2g5FYo2sBe4O/PTonKqHUiVQJdH 60HKRD8rK7MQ4888JyF/i6uLLrps0prHmHnQIIpPCf5do5w04IP2VT24E+JEdQ5F nK0FZAoQ3vVssw== -----END CERTIFICATE-----Generated at Wed Dec 17 18:28:16 2025 by rpki-client