This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft File: soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json) Hash identifier: Li1sk+99CYwM4JKaPA9L0XyRp33dM8KqwcZuOIYa55s= Subject key identifier: A4:74:92:FF:BC:15:40:2F:90:D8:B0:40:94:61:D5:D4:97:36:D6:A0 Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9 Certificate issuer: /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9 Certificate serial: 019B51BCA7AEDAE3F1842B664D85A71ADADE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft Manifest number: 1235 Signing time: Wed 24 Dec 2025 19:01:16 +0000 Manifest this update: Wed 24 Dec 2025 19:01:16 +0000 Manifest next update: Thu 25 Dec 2025 19:01:16 +0000 Files and hashes: 1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: 9W/uwHpobCQYERRltM8BiHtW2EK9foTQhum6Eb6wglk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:a7:ae:da:e3:f1:84:2b:66:4d:85:a7:1a:da:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9 Validity Not Before: Dec 24 19:01:16 2025 GMT Not After : Dec 25 19:01:16 2025 GMT Subject: CN=a47492ffbc15402f90d8b0409461d5d49736d6a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b2:a9:ac:9d:33:e0:f8:08:b9:7d:61:63:e3: 57:3a:64:87:98:17:71:45:a3:61:35:6b:5b:a3:4b: dd:06:5b:f1:94:70:79:2a:21:46:b1:16:df:66:47: 2f:e7:fd:43:41:ad:f3:9b:e4:0b:12:dd:8d:a2:6f: b9:81:d4:0d:7f:89:9c:64:2b:3c:26:94:17:c7:92: c5:1d:13:a6:1b:1a:c1:9f:be:a8:d9:b7:d1:42:29: 16:59:f8:f3:40:c4:7a:df:cd:ba:cf:a0:38:c0:7f: 91:c4:d2:21:c3:b5:9f:9b:d2:4f:83:2b:89:65:97: db:12:0f:40:21:c2:dc:a1:f3:74:37:66:d7:e9:f0: bb:2c:a5:15:d3:15:7b:4e:0f:9f:b2:e4:0a:b8:e0: 12:b3:54:da:96:e9:9c:89:0e:8b:ad:9f:7d:52:07: 68:89:32:8b:24:a7:2d:96:79:5c:a9:10:02:d3:9f: df:e7:8c:96:30:04:70:44:67:21:60:c8:5f:30:aa: 8b:fe:53:e6:6e:5f:bf:69:b8:73:b3:e8:c1:db:14: c2:ad:2f:c3:78:06:7d:b1:68:43:76:e2:ee:4d:e9: a4:bc:ec:59:53:39:35:3a:ea:1e:67:65:f0:1f:f1: 3c:6e:94:3b:7e:65:e1:c3:b1:33:03:40:f4:eb:dc: 89:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:74:92:FF:BC:15:40:2F:90:D8:B0:40:94:61:D5:D4:97:36:D6:A0 X509v3 Authority Key Identifier: keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:53:af:11:02:6f:c5:9a:b1:a0:aa:6b:1f:d9:37:a8:cb:82: d6:cd:20:48:bc:8c:21:3e:eb:63:4f:40:db:de:0f:44:48:f7: b9:fb:6c:be:bf:88:ef:d8:cc:b6:3f:21:62:15:da:b7:da:b2: cf:b3:34:b6:e9:d9:1f:b1:11:81:e4:15:60:cd:41:9d:10:3a: 45:c0:46:6a:37:ee:2c:a2:7e:94:07:f4:b2:58:96:77:a6:82: 71:7e:53:41:c6:e4:6a:ce:66:5b:40:3b:97:11:0f:3c:50:94: 8f:b4:0c:d6:1d:23:3d:27:d2:c7:f6:81:7e:2a:bd:d4:d5:16: 1c:83:ab:9a:2a:19:76:a7:32:1c:88:12:d9:01:ad:5d:d7:94: 15:44:4b:46:ae:fa:8f:5e:a1:33:08:3e:58:5f:43:48:8d:b5: 3c:71:2b:37:f6:3f:49:02:a9:b5:43:a3:ec:de:ae:fa:8f:0c: 6d:72:75:d2:02:6c:42:85:04:56:ec:03:d2:e1:a0:64:f8:97: 5b:fd:34:86:7b:e7:55:f2:13:b8:ab:33:1f:ce:ce:7e:c6:b4: 73:88:b4:02:5a:66:ae:26:cf:9f:6a:48:49:46:79:04:0f:40: c4:f0:09:98:74:43:f9:44:46:6d:57:d0:ed:44:19:ec:a9:d1: a2:04:9f:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvKeu2uPxhCtmTYWnGtreMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4 ZjE0YjkwHhcNMjUxMjI0MTkwMTE2WhcNMjUxMjI1MTkwMTE2WjAzMTEwLwYDVQQD EyhhNDc0OTJmZmJjMTU0MDJmOTBkOGIwNDA5NDYxZDVkNDk3MzZkNmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bKprJ0z4PgIuX1hY+NXOmSHmBdx RaNhNWtbo0vdBlvxlHB5KiFGsRbfZkcv5/1DQa3zm+QLEt2Nom+5gdQNf4mcZCs8 JpQXx5LFHROmGxrBn76o2bfRQikWWfjzQMR63826z6A4wH+RxNIhw7Wfm9JPgyuJ ZZfbEg9AIcLcofN0N2bX6fC7LKUV0xV7Tg+fsuQKuOASs1TalumciQ6LrZ99Ugdo iTKLJKctlnlcqRAC05/f54yWMARwRGchYMhfMKqL/lPmbl+/abhzs+jB2xTCrS/D eAZ9sWhDduLuTemkvOxZUzk1OuoeZ2XwH/E8bpQ7fmXhw7EzA0D069yJJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKR0kv+8FUAvkNiwQJRh1dSXNtagMB8GA1UdIwQY MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL1OvEQJv xZqxoKprH9k3qMuC1s0gSLyMIT7rY09A294PREj3uftsvr+I79jMtj8hYhXat9qy z7M0tunZH7ERgeQVYM1BnRA6RcBGajfuLKJ+lAf0sliWd6aCcX5TQcbkas5mW0A7 lxEPPFCUj7QM1h0jPSfSx/aBfiq91NUWHIOrmioZdqcyHIgS2QGtXdeUFURLRq76 j16hMwg+WF9DSI21PHErN/Y/SQKptUOj7N6u+o8MbXJ10gJsQoUEVuwD0uGgZPiX W/00hnvnVfITuKszH87Ofsa0c4i0AlpmribPn2pISUZ5BA9AxPAJmHRD+URGbVfQ 7UQZ7KnRogSfcw== -----END CERTIFICATE-----Generated at Thu Dec 25 03:20:55 2025 by rpki-client