This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft File: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft (raw, json) Hash identifier: AZfI85gXkIxakGpmex+h3fAfOrAZbSyGivD02RUilNI= Subject key identifier: 00:2C:8F:A3:91:76:7D:E9:3B:E6:3A:75:FB:96:59:77:16:A9:4A:EA Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30 Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130 Certificate serial: 019B5004D6FBD87D17D963B7B90916F056E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft Manifest number: 0401 Signing time: Wed 24 Dec 2025 11:00:53 +0000 Manifest this update: Wed 24 Dec 2025 11:00:53 +0000 Manifest next update: Thu 25 Dec 2025 11:00:53 +0000 Files and hashes: 1: 0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl (hash: MjkkR0pFOKcauU29jdDuWdZlRIZX12HvRMaQ0qs+N8c=) 2: _O0LKSVD2FWQH20B8h-W2BSyf7E.roa (hash: /osVaD1xwsZSvzrjM1Npx7gTyOHOWobbSsuEq9U9lZY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:04:d6:fb:d8:7d:17:d9:63:b7:b9:09:16:f0:56:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d248185956e443b55b062200f964537bc10bc130 Validity Not Before: Dec 24 11:00:53 2025 GMT Not After : Dec 25 11:00:53 2025 GMT Subject: CN=002c8fa391767de93be63a75fb96597716a94aea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:09:93:2b:bc:e7:9a:5e:19:8f:27:a2:b3:ab: 1d:02:38:9d:39:ab:43:a1:2e:8e:bc:85:d6:49:f0: 14:dd:82:54:d0:88:af:35:11:65:92:7f:13:f3:61: 07:71:85:a1:7f:e4:67:a1:3d:2c:19:e1:f5:0b:df: 9a:51:1c:e5:e0:eb:1d:6a:9f:e4:b8:1f:bd:19:23: 2c:18:ec:82:2a:d8:be:50:63:12:d6:38:0e:fb:c7: 89:95:ad:06:74:14:4f:ff:1b:da:7b:e9:8d:9e:8e: 00:35:f2:37:22:88:0e:b8:c2:48:0f:26:b3:af:3c: 16:66:08:63:54:60:20:a1:4a:ca:32:0b:2c:c3:33: 54:2a:cb:56:21:af:e5:4d:46:f8:a9:bf:0b:50:ea: 8d:15:58:69:47:6c:03:de:c6:ac:84:6c:46:a9:6c: 71:7a:9d:09:44:64:d4:9e:44:f3:e3:2e:e2:15:5d: 38:4b:6f:c5:40:79:b1:f5:f4:0e:90:aa:75:0d:56: 85:0d:d5:63:b4:8f:f2:f1:f5:70:c3:7d:c2:78:0a: 6e:7b:de:e8:01:36:1a:c7:54:73:d3:24:ab:41:87: 23:50:56:56:0a:1a:57:59:96:e4:9c:2a:d9:46:00: 9e:fe:fe:15:12:59:1b:29:36:1d:86:9a:43:94:b5: 71:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:2C:8F:A3:91:76:7D:E9:3B:E6:3A:75:FB:96:59:77:16:A9:4A:EA X509v3 Authority Key Identifier: keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:bd:12:85:7d:f7:8b:3c:e2:84:10:e5:8e:b1:7e:5a:8e:4e: f3:b4:57:52:49:b0:da:04:97:44:f1:82:03:8e:8b:af:6f:fc: 65:33:cb:8e:b4:65:89:bf:d3:9e:9b:b9:2a:74:a7:b0:52:05: e6:7c:41:83:f1:4b:f6:ef:1a:e1:19:3f:08:eb:44:c4:60:ca: 44:c4:8e:2d:c1:9d:c2:d2:6a:f1:9f:40:59:48:14:e3:ea:4f: 35:57:e3:5d:fb:39:cf:98:26:2f:1f:54:38:32:8d:70:c8:4b: 45:1b:21:1d:7e:86:6c:51:98:13:93:0e:d3:5c:d1:7c:3c:a7: cf:97:ec:f7:2d:2a:94:cd:7f:46:6d:2a:f9:86:88:ae:6d:c8: e3:e7:ec:bf:91:80:63:dc:5c:19:21:d1:02:1d:79:54:ce:ad: de:c5:f4:c4:38:20:1b:32:d2:d6:bb:99:d7:f9:9b:6d:38:3a: 6b:74:fd:25:2d:a8:15:8a:37:7f:60:c0:8f:ea:42:96:d3:95: d0:c3:a7:f3:6c:e4:68:1c:13:ba:eb:de:65:e1:c5:ee:a1:16: 78:46:30:17:6f:12:e3:c9:5d:10:e0:18:87:e6:89:58:af:d4: bd:aa:e5:09:5e:8b:1d:9b:80:a2:4e:de:42:5a:d4:74:1c:b0: 01:68:49:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQBNb72H0X2WO3uQkW8FbhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw YmMxMzAwHhcNMjUxMjI0MTEwMDUzWhcNMjUxMjI1MTEwMDUzWjAzMTEwLwYDVQQD EygwMDJjOGZhMzkxNzY3ZGU5M2JlNjNhNzVmYjk2NTk3NzE2YTk0YWVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgmTK7znml4Zjyeis6sdAjidOatD oS6OvIXWSfAU3YJU0IivNRFlkn8T82EHcYWhf+RnoT0sGeH1C9+aURzl4Osdap/k uB+9GSMsGOyCKti+UGMS1jgO+8eJla0GdBRP/xvae+mNno4ANfI3IogOuMJIDyaz rzwWZghjVGAgoUrKMgsswzNUKstWIa/lTUb4qb8LUOqNFVhpR2wD3sashGxGqWxx ep0JRGTUnkTz4y7iFV04S2/FQHmx9fQOkKp1DVaFDdVjtI/y8fVww33CeApue97o ATYax1Rz0ySrQYcjUFZWChpXWZbknCrZRgCe/v4VElkbKTYdhppDlLVxOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAAsj6ORdn3pO+Y6dfuWWXcWqUrqMB8GA1UdIwQY MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt YWVhMDU0Y2Y0M2JiLzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYb0ShX33 izzihBDljrF+Wo5O87RXUkmw2gSXRPGCA46Lr2/8ZTPLjrRlib/Tnpu5KnSnsFIF 5nxBg/FL9u8a4Rk/COtExGDKRMSOLcGdwtJq8Z9AWUgU4+pPNVfjXfs5z5gmLx9U ODKNcMhLRRshHX6GbFGYE5MO01zRfDynz5fs9y0qlM1/Rm0q+YaIrm3I4+fsv5GA Y9xcGSHRAh15VM6t3sX0xDggGzLS1ruZ1/mbbTg6a3T9JS2oFYo3f2DAj+pCltOV 0MOn82zkaBwTuuveZeHF7qEWeEYwF28S48ldEOAYh+aJWK/UvarlCV6LHZuAok7e QlrUdBywAWhJPw== -----END CERTIFICATE-----Generated at Wed Dec 24 16:39:15 2025 by rpki-client