This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft File: _oN5mWfs0ExTYUie5M-gmM5DaHE.mft (raw, json) Hash identifier: Qi08qyTsd2baasT0BRVLfD+4kCNENz35rxKDgst5vb8= Subject key identifier: 93:9B:D4:28:EC:F1:39:37:2C:2D:4C:8B:E4:AD:39:92:B3:60:AE:EE Authority key identifier: FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71 Certificate issuer: /CN=fe83799967ecd04c5361489ee4cfa098ce436871 Certificate serial: 019B4815D51FF00FC5229476E45A1AC425AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft Manifest number: 178A Signing time: Mon 22 Dec 2025 22:02:28 +0000 Manifest this update: Mon 22 Dec 2025 22:02:28 +0000 Manifest next update: Tue 23 Dec 2025 22:02:28 +0000 Files and hashes: 1: _oN5mWfs0ExTYUie5M-gmM5DaHE.crl (hash: AdNSitU++tXaFwaydNqbK7cMOvlqZfca6jdkYc89IfE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:d5:1f:f0:0f:c5:22:94:76:e4:5a:1a:c4:25:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe83799967ecd04c5361489ee4cfa098ce436871 Validity Not Before: Dec 22 22:02:28 2025 GMT Not After : Dec 23 22:02:28 2025 GMT Subject: CN=939bd428ecf139372c2d4c8be4ad3992b360aeee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:06:3a:47:82:6b:06:94:1e:0e:2e:aa:97:c3: 76:00:da:82:25:61:3d:c4:0e:dd:5d:4e:50:be:d4: 34:f3:bf:4a:86:d6:96:35:0e:76:6a:2a:79:7d:96: 36:0f:dc:d9:99:7a:fb:a2:c6:f1:43:69:1a:bd:79: a7:5c:1a:68:49:3c:9a:fc:2c:2b:3b:51:66:67:30: 40:84:2a:7a:2e:42:35:ac:4c:ee:f7:f9:90:16:e2: ec:52:0e:d9:70:4c:af:bd:46:cc:c5:d6:7e:0f:b7: 76:8a:7b:ff:57:9e:00:ae:a9:ba:26:8e:f3:28:08: 71:cc:da:73:d7:70:2c:17:0b:e8:1d:05:13:f7:b5: 5e:ee:d3:ac:1c:8c:b6:dc:dd:08:b8:df:64:8d:de: 63:cc:97:77:7a:f0:b1:72:3a:60:a1:2f:58:b7:09: ed:c2:30:dc:27:46:f0:fb:7f:5e:be:0a:dc:9b:2f: 3b:e8:c3:60:4d:d4:aa:b9:b7:ab:fa:ae:05:10:7f: 38:12:7b:1b:55:5b:c7:77:a3:fc:88:89:fd:4f:1e: 43:95:77:ce:28:f3:fd:a6:ad:f1:38:6c:2f:34:88: ab:75:d3:16:79:2a:17:b1:14:b8:b6:68:97:e2:a5: 91:f8:7d:05:1c:b4:61:2f:f8:8e:cf:01:71:3f:f4: 1c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:9B:D4:28:EC:F1:39:37:2C:2D:4C:8B:E4:AD:39:92:B3:60:AE:EE X509v3 Authority Key Identifier: keyid:FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:bf:f4:80:a9:2c:c1:de:2c:ec:d7:86:f5:01:99:ed:11:f3: c3:cc:a6:56:f1:eb:27:04:7d:10:66:13:ce:bb:6a:be:9f:a6: 06:c4:27:3c:1b:87:09:5e:e0:69:93:a9:8e:cc:b5:5d:da:be: e5:c8:20:b2:d3:d8:32:ee:4b:5f:7e:da:67:7a:5e:c5:f0:86: 4d:84:26:03:1a:de:78:af:17:6f:aa:0b:14:17:83:c5:1a:1f: 7b:31:7b:c2:ac:75:c1:7a:94:dd:30:87:28:81:0a:aa:94:df: 12:92:06:00:90:d1:65:16:38:dc:42:a5:86:30:bc:16:8d:78: b1:e8:7c:bc:eb:6e:a8:d7:6a:8d:56:bc:b6:8e:04:72:0e:7f: 3e:3f:63:d3:76:54:7f:b7:d2:60:4e:28:b7:ad:eb:4c:bf:6e: 02:a1:ea:7f:66:28:f5:3d:f2:e4:34:d4:a6:6f:15:1a:26:d6: ee:2a:6d:62:d5:38:bc:06:5b:41:00:15:31:d8:e3:a0:6c:1e: e4:ca:7a:6f:e8:86:b4:c7:a7:31:76:58:d8:31:d6:8d:85:9d: a9:a6:1a:e9:84:44:20:39:2f:03:51:83:e0:46:e2:5d:f8:73: 5c:43:48:e0:11:65:89:c1:8e:21:a2:46:e7:a1:19:bd:86:f1: 1c:ff:43:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFdUf8A/FIpR25FoaxCWtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlODM3OTk5NjdlY2QwNGM1MzYxNDg5ZWU0Y2ZhMDk4Y2U0 MzY4NzEwHhcNMjUxMjIyMjIwMjI4WhcNMjUxMjIzMjIwMjI4WjAzMTEwLwYDVQQD Eyg5MzliZDQyOGVjZjEzOTM3MmMyZDRjOGJlNGFkMzk5MmIzNjBhZWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgY6R4JrBpQeDi6ql8N2ANqCJWE9 xA7dXU5QvtQ0879KhtaWNQ52aip5fZY2D9zZmXr7osbxQ2kavXmnXBpoSTya/Cwr O1FmZzBAhCp6LkI1rEzu9/mQFuLsUg7ZcEyvvUbMxdZ+D7d2inv/V54Arqm6Jo7z KAhxzNpz13AsFwvoHQUT97Ve7tOsHIy23N0IuN9kjd5jzJd3evCxcjpgoS9Ytwnt wjDcJ0bw+39evgrcmy876MNgTdSquber+q4FEH84EnsbVVvHd6P8iIn9Tx5DlXfO KPP9pq3xOGwvNIirddMWeSoXsRS4tmiX4qWR+H0FHLRhL/iOzwFxP/Qc9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJOb1Cjs8Tk3LC1Mi+StOZKzYK7uMB8GA1UdIwQY MBaAFP6DeZln7NBMU2FInuTPoJjOQ2hxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYt YzczYmVkY2RjYTZkLzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYtYzczYmVkY2RjYTZk LzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC7/0gKks wd4s7NeG9QGZ7RHzw8ymVvHrJwR9EGYTzrtqvp+mBsQnPBuHCV7gaZOpjsy1Xdq+ 5cggstPYMu5LX37aZ3pexfCGTYQmAxreeK8Xb6oLFBeDxRofezF7wqx1wXqU3TCH KIEKqpTfEpIGAJDRZRY43EKlhjC8Fo14seh8vOtuqNdqjVa8to4Ecg5/Pj9j03ZU f7fSYE4ot63rTL9uAqHqf2Yo9T3y5DTUpm8VGibW7iptYtU4vAZbQQAVMdjjoGwe 5Mp6b+iGtMenMXZY2DHWjYWdqaYa6YREIDkvA1GD4EbiXfhzXENI4BFlicGOIaJG 56EZvYbxHP9DsA== -----END CERTIFICATE-----Generated at Tue Dec 23 00:50:14 2025 by rpki-client