This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft File: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft (raw, json) Hash identifier: CA3bdzcm539FnjM7A9tNEbAGJfyHFhABydEZXLu8UyA= Subject key identifier: DD:51:BF:BB:D0:FB:C0:56:D0:BD:70:7F:76:31:E3:06:8A:FA:43:D6 Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09 Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909 Certificate serial: 019B5CE4BF79AD6B89DD1BEFEE0BD09C31E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft Manifest number: 1797 Signing time: Fri 26 Dec 2025 23:00:53 +0000 Manifest this update: Fri 26 Dec 2025 23:00:53 +0000 Manifest next update: Sat 27 Dec 2025 23:00:53 +0000 Files and hashes: 1: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl (hash: x7RGmb9bPJKZkGJUELzQ3fyYKrTvFUX4zsOl0T7dFPY=) 2: uFIkyOKWSzQfZzP96vWM093yaBY.roa (hash: TWsqJU2I8/yV3h8FtJmMbNc3AlR1EJP1BU5hPExE0mk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:e4:bf:79:ad:6b:89:dd:1b:ef:ee:0b:d0:9c:31:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909 Validity Not Before: Dec 26 23:00:53 2025 GMT Not After : Dec 27 23:00:53 2025 GMT Subject: CN=dd51bfbbd0fbc056d0bd707f7631e3068afa43d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:91:cf:3f:50:1b:d5:c6:f1:cb:52:78:16:42: c7:64:31:56:e1:3f:85:65:e9:37:29:9a:23:43:c4: 6f:d2:39:e6:0f:b5:e4:0c:25:f5:f4:93:d6:0f:b5: 83:d2:ff:a0:75:af:82:67:2f:2d:40:52:fc:53:e4: 71:1b:35:a1:1c:d7:f1:57:a5:3f:97:a0:af:9d:1e: 44:f8:c5:31:93:19:5a:6e:a1:d4:59:b1:ee:b5:73: 04:b3:03:c1:d3:1e:4c:1d:3e:ef:bd:72:8f:97:eb: 60:7e:d6:8f:c7:81:b6:82:54:46:49:fd:ab:c4:5c: ee:79:e9:96:80:93:75:f6:2c:f2:78:85:a4:1a:18: 12:74:23:7e:21:d7:5d:e7:0d:f6:cb:94:67:74:f0: e0:1a:d7:ee:ef:0e:ac:42:84:20:06:53:2e:ed:a8: f8:ab:42:4b:2d:48:db:5d:cf:ab:8a:9b:e0:f0:bb: a6:e8:3d:53:da:5e:79:3a:dc:92:8f:38:16:fc:36: 39:52:4e:c8:3b:f9:dd:b2:37:05:24:e1:d3:53:8e: 28:70:ca:21:13:f1:5e:45:67:af:14:92:9a:c7:70: c2:6f:41:a3:e4:e2:d1:58:c8:74:1f:3e:f4:5c:02: 48:34:2a:1f:f9:9a:8a:19:da:2a:08:10:47:23:e2: 22:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:51:BF:BB:D0:FB:C0:56:D0:BD:70:7F:76:31:E3:06:8A:FA:43:D6 X509v3 Authority Key Identifier: keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:e6:1d:af:c0:f0:91:46:1c:ad:78:f7:46:f3:1e:7c:93:63: 78:16:b2:eb:59:76:92:41:9a:2f:62:a1:26:7a:ca:21:cc:ca: cd:95:87:0c:e7:f0:d4:8e:3d:46:fd:75:a6:ce:a8:09:b6:d8: 69:f8:df:96:d3:51:11:6d:f0:d7:d5:62:bc:ca:98:97:98:e3: 90:7f:8d:61:ef:bd:3d:fa:5f:bc:dd:63:de:a4:08:52:81:66: 44:06:d9:c3:06:bf:e5:c3:7e:ac:a1:06:ad:95:6a:5d:ae:0b: 1d:35:58:5c:49:70:31:0d:60:0d:33:c4:48:38:80:1a:a3:7b: 29:ea:af:b2:f4:d0:45:82:dd:a4:8a:2b:f9:70:09:a5:b2:0f: 5e:f3:e1:da:58:59:df:7e:ab:43:ff:78:95:73:d1:6b:60:2a: bf:60:27:65:05:c3:e9:ec:4a:e9:5a:69:bc:80:59:7e:7e:3b: 66:7f:06:a5:bf:62:3d:b6:74:d7:c9:e7:3a:c9:2c:76:07:68: 44:b7:5a:1d:ca:f6:82:10:3c:53:20:70:95:40:54:bc:06:6f: 13:06:bd:40:9a:0e:2f:be:c8:66:05:a6:1d:00:89:55:18:ee: 62:02:16:df:83:c6:6a:19:0a:05:17:09:a5:45:9a:74:9b:b2: 57:4e:f9:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtc5L95rWuJ3Rvv7gvQnDHkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz MmE5MDkwHhcNMjUxMjI2MjMwMDUzWhcNMjUxMjI3MjMwMDUzWjAzMTEwLwYDVQQD EyhkZDUxYmZiYmQwZmJjMDU2ZDBiZDcwN2Y3NjMxZTMwNjhhZmE0M2Q2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5HPP1Ab1cbxy1J4FkLHZDFW4T+F Zek3KZojQ8Rv0jnmD7XkDCX19JPWD7WD0v+gda+CZy8tQFL8U+RxGzWhHNfxV6U/ l6CvnR5E+MUxkxlabqHUWbHutXMEswPB0x5MHT7vvXKPl+tgftaPx4G2glRGSf2r xFzueemWgJN19izyeIWkGhgSdCN+Iddd5w32y5RndPDgGtfu7w6sQoQgBlMu7aj4 q0JLLUjbXc+ripvg8Lum6D1T2l55OtySjzgW/DY5Uk7IO/ndsjcFJOHTU44ocMoh E/FeRWevFJKax3DCb0Gj5OLRWMh0Hz70XAJINCof+ZqKGdoqCBBHI+IiBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN1Rv7vQ+8BW0L1wf3Yx4waK+kPWMB8GA1UdIwQY MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt Njk3NWNhZGIyMjYyLzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW+Ydr8Dw kUYcrXj3RvMefJNjeBay61l2kkGaL2KhJnrKIczKzZWHDOfw1I49Rv11ps6oCbbY afjfltNREW3w19VivMqYl5jjkH+NYe+9PfpfvN1j3qQIUoFmRAbZwwa/5cN+rKEG rZVqXa4LHTVYXElwMQ1gDTPESDiAGqN7KeqvsvTQRYLdpIor+XAJpbIPXvPh2lhZ 336rQ/94lXPRa2Aqv2AnZQXD6exK6VppvIBZfn47Zn8Gpb9iPbZ018nnOsksdgdo RLdaHcr2ghA8UyBwlUBUvAZvEwa9QJoOL77IZgWmHQCJVRjuYgIW34PGahkKBRcJ pUWadJuyV075pw== -----END CERTIFICATE-----Generated at Sat Dec 27 02:16:59 2025 by rpki-client