This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft File: sCnHJ8biLu2PvNHot2k5V40Nygo.mft (raw, json) Hash identifier: mS+rkaF5ECC898VUffx+bHE8oCmQbF70DWMzdJ3Qvao= Subject key identifier: 28:41:64:E4:57:E5:3A:10:DB:3B:B0:9F:03:28:DC:AB:BB:FC:83:CF Authority key identifier: B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A Certificate issuer: /CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a Certificate serial: 019AF12DF1BA99E4A820530C59197ECBDA90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft Manifest number: 175C Signing time: Sat 06 Dec 2025 01:01:51 +0000 Manifest this update: Sat 06 Dec 2025 01:01:51 +0000 Manifest next update: Sun 07 Dec 2025 01:01:51 +0000 Files and hashes: 1: sCnHJ8biLu2PvNHot2k5V40Nygo.crl (hash: zpsa2OMOyRYn8gF+pBy2dh7egbxbVAjY9TLzHQ+wK8U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:f1:ba:99:e4:a8:20:53:0c:59:19:7e:cb:da:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a Validity Not Before: Dec 6 01:01:51 2025 GMT Not After : Dec 7 01:01:51 2025 GMT Subject: CN=284164e457e53a10db3bb09f0328dcabbbfc83cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:fa:83:54:66:67:28:7b:38:57:b3:01:f4:ff: e4:89:a8:a0:a1:4e:53:97:3f:d9:5d:ca:8a:8e:ad: b5:aa:75:55:d6:44:44:43:76:96:c4:28:72:26:24: 33:ab:52:98:ab:d0:09:f4:af:9f:b6:4c:fa:51:c5: 1a:58:6e:03:e3:cb:47:d6:78:74:d8:f1:9d:18:e4: 36:bf:dd:c7:71:31:f2:76:68:ef:f0:85:14:0b:67: a1:d7:86:ef:63:d3:af:8b:fb:dc:b7:2a:94:48:78: 5d:3c:c9:d0:ce:e3:37:cc:a0:8d:e9:09:2c:6e:89: ca:77:f1:6c:65:04:fb:02:c9:43:b6:8f:c4:dd:c9: 76:d1:ad:c7:70:6f:a8:ad:f4:60:bf:89:19:03:14: d0:57:4f:d1:78:32:10:be:65:7f:ec:1e:65:b6:90: e1:02:1a:2b:b5:51:6d:c3:65:ed:b2:1f:7e:99:85: f1:c2:56:6b:f6:6a:ec:a5:99:7e:1d:28:3d:75:ff: 20:75:3c:34:48:05:d1:08:7e:6c:e3:a6:3c:9a:8f: 92:ac:aa:54:21:39:5f:e9:b6:7f:14:16:85:5c:4b: 96:89:0f:ce:4b:5d:57:dd:0c:d8:49:c6:00:ae:d7: 6a:64:c3:4e:d5:b3:ac:a7:74:5a:14:be:5e:1f:75: e9:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:41:64:E4:57:E5:3A:10:DB:3B:B0:9F:03:28:DC:AB:BB:FC:83:CF X509v3 Authority Key Identifier: keyid:B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:c1:d2:8c:22:14:45:ad:2a:8c:77:b0:4a:9f:1d:3d:c3:c0: a8:b0:09:dc:1f:8d:64:6b:72:40:8d:9c:7d:51:46:d9:67:52: e3:52:8e:c4:cf:04:b3:58:00:f4:7a:9d:f7:ef:be:f2:ce:71: bd:c7:ab:29:0e:74:55:b8:59:b8:b5:0f:31:bd:0f:47:65:4a: a1:8f:13:e8:f3:5f:c6:dc:f4:91:b8:be:74:50:13:2b:9f:e4: 40:d0:a8:c4:03:ce:3e:23:9d:80:e4:9f:16:23:f6:01:d0:0e: e1:04:c0:59:83:13:9f:53:76:07:16:97:e8:dd:b1:28:27:8b: 78:ac:88:21:a5:d8:f9:d7:88:9f:21:ae:92:6c:42:61:2c:a4: 85:b0:2b:c3:cd:53:05:4e:03:82:a0:52:3b:e8:29:9f:e2:aa: 40:5b:f5:c5:40:c4:d4:4d:e9:9c:b1:04:8d:4b:74:47:96:2a: 9e:4d:95:69:2c:a8:92:a7:5f:00:ae:1d:15:29:99:0c:5b:e5: 31:38:62:01:f8:51:c8:f6:0b:9b:50:29:1f:30:6b:cd:65:6e: a6:e2:25:a1:81:f0:35:b2:91:78:42:fd:e2:ec:01:38:72:cd: 09:6b:18:9e:93:2e:d5:3b:d7:07:27:9b:db:85:09:b0:9f:f6: b4:ad:d7:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLfG6meSoIFMMWRl+y9qQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwMjljNzI3YzZlMjJlZWQ4ZmJjZDFlOGI3NjkzOTU3OGQw ZGNhMGEwHhcNMjUxMjA2MDEwMTUxWhcNMjUxMjA3MDEwMTUxWjAzMTEwLwYDVQQD EygyODQxNjRlNDU3ZTUzYTEwZGIzYmIwOWYwMzI4ZGNhYmJiZmM4M2NmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vqDVGZnKHs4V7MB9P/kiaigoU5T lz/ZXcqKjq21qnVV1kREQ3aWxChyJiQzq1KYq9AJ9K+ftkz6UcUaWG4D48tH1nh0 2PGdGOQ2v93HcTHydmjv8IUUC2eh14bvY9Ovi/vctyqUSHhdPMnQzuM3zKCN6Qks bonKd/FsZQT7AslDto/E3cl20a3HcG+orfRgv4kZAxTQV0/ReDIQvmV/7B5ltpDh AhortVFtw2Xtsh9+mYXxwlZr9mrspZl+HSg9df8gdTw0SAXRCH5s46Y8mo+SrKpU ITlf6bZ/FBaFXEuWiQ/OS11X3QzYScYArtdqZMNO1bOsp3RaFL5eH3XpnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFChBZORX5ToQ2zuwnwMo3Ku7/IPPMB8GA1UdIwQY MBaAFLApxyfG4i7tj7zR6LdpOVeNDcoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQt YTBkNzk5MjRkYjZjLzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQtYTBkNzk5MjRkYjZj LzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb8HSjCIU Ra0qjHewSp8dPcPAqLAJ3B+NZGtyQI2cfVFG2WdS41KOxM8Es1gA9Hqd9+++8s5x vcerKQ50VbhZuLUPMb0PR2VKoY8T6PNfxtz0kbi+dFATK5/kQNCoxAPOPiOdgOSf FiP2AdAO4QTAWYMTn1N2BxaX6N2xKCeLeKyIIaXY+deInyGukmxCYSykhbArw81T BU4DgqBSO+gpn+KqQFv1xUDE1E3pnLEEjUt0R5Yqnk2VaSyokqdfAK4dFSmZDFvl MThiAfhRyPYLm1ApHzBrzWVupuIloYHwNbKReEL94uwBOHLNCWsYnpMu1TvXByeb 24UJsJ/2tK3XbQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:07:32 2025 by rpki-client