This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft File: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json) Hash identifier: 9K2D3YcVbhMhTXJ0CE+37UeA6w+XnJDlqJx5RZGKXvA= Subject key identifier: AA:F8:82:C7:11:09:E5:B6:F7:90:A0:22:A6:F5:0C:FF:AF:7E:FB:21 Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36 Certificate issuer: /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436 Certificate serial: 019B70A41A6B40F369D4BC74425123B7605B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft Manifest number: 0E42 Signing time: Tue 30 Dec 2025 19:02:41 +0000 Manifest this update: Tue 30 Dec 2025 19:02:41 +0000 Manifest next update: Wed 31 Dec 2025 19:02:41 +0000 Files and hashes: 1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: fhvphUgbg22RlGYWMxb/xsrnfTlf/WejRUj2mw7DJvw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 15:21:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:70:a4:1a:6b:40:f3:69:d4:bc:74:42:51:23:b7:60:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436 Validity Not Before: Dec 30 19:02:41 2025 GMT Not After : Dec 31 19:02:41 2025 GMT Subject: CN=aaf882c71109e5b6f790a022a6f50cffaf7efb21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:dc:50:7a:58:e1:4c:00:de:8b:5e:a6:09:39: 4f:9c:48:53:e3:93:96:9b:c7:a8:77:b2:3d:22:ad: e6:c4:4c:bd:e6:7e:2e:c5:18:00:ba:ba:36:ca:22: a2:b3:36:03:3e:d7:7e:83:ae:4b:7d:76:d6:69:f1: ed:cf:13:a6:8d:42:02:1d:5f:7d:59:f3:a1:66:19: df:2b:b8:cd:5b:81:b3:75:b1:cb:c6:74:ed:79:e2: c6:54:47:e2:89:6f:cb:1f:13:af:3e:45:a4:74:d6: d4:98:04:e5:47:58:95:71:22:0e:d8:c1:17:ae:86: 42:7c:9c:13:0f:32:64:92:dd:93:85:19:3c:50:96: 46:6d:42:ca:6e:63:25:71:2e:29:df:11:e9:73:bc: c3:ae:f0:0d:3d:10:f1:22:a8:b1:ac:b4:79:0a:87: 3c:c4:6b:a5:53:dd:07:48:1c:1a:f0:09:d5:d7:a2: bc:f4:10:af:b2:be:fa:1e:52:d4:f4:54:4f:07:c7: 2b:43:e1:1d:ee:b0:f2:77:ca:e9:b6:61:8d:fa:9e: 52:cd:2c:07:73:cf:93:e0:8b:40:c2:ff:dc:a5:55: 97:50:07:9a:cb:03:df:88:41:5c:b9:1b:da:c7:b7: f1:25:10:28:97:84:86:e0:bd:f3:e0:68:1d:4d:1e: 51:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:F8:82:C7:11:09:E5:B6:F7:90:A0:22:A6:F5:0C:FF:AF:7E:FB:21 X509v3 Authority Key Identifier: keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:9a:0f:94:f3:40:3d:71:a8:bd:fb:2b:ab:98:d6:2a:e4:04: c5:76:ed:86:35:0e:bd:a7:99:ed:f2:a5:29:6e:69:67:7b:66: 39:9c:20:8f:c6:c2:a0:b3:c0:c8:2f:48:11:9f:3c:54:56:b4: 20:ac:0e:74:e9:46:80:ae:a5:84:d3:26:5e:e4:66:3b:d7:6a: a1:78:1f:2e:69:f2:21:5e:87:e6:cf:bd:ab:40:ad:26:b7:0e: 43:67:c0:94:f1:6f:5f:71:bf:f0:1d:a8:85:5f:b9:3d:2f:c5: 3d:40:c4:a7:12:e9:6a:b6:b2:c4:67:88:91:3a:a5:bd:48:e4: 58:45:d7:91:6d:8d:fc:46:ae:9b:68:89:ff:73:bf:58:bb:75: 91:ce:36:01:79:40:7c:ed:a1:98:af:b8:c4:30:3d:2a:10:c9: c4:04:b3:5c:c0:48:06:de:16:5a:6b:db:14:d4:7c:18:4a:40: 9d:3b:9f:aa:2e:6c:77:27:99:d4:df:36:e9:ae:e8:fc:cd:40: c8:e7:a2:30:50:60:22:1b:31:3f:39:88:a2:f2:b3:f3:8e:04: 51:db:c1:05:ab:07:93:20:f2:56:df:8c:93:4e:7d:f2:e0:39: 2f:2d:7c:88:9d:cf:0f:b1:71:89:06:b5:c8:48:97:55:11:38: 5d:37:19:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtwpBprQPNp1Lx0QlEjt2BbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl ODM0MzYwHhcNMjUxMjMwMTkwMjQxWhcNMjUxMjMxMTkwMjQxWjAzMTEwLwYDVQQD EyhhYWY4ODJjNzExMDllNWI2Zjc5MGEwMjJhNmY1MGNmZmFmN2VmYjIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttxQeljhTADei16mCTlPnEhT45OW m8eod7I9Iq3mxEy95n4uxRgAuro2yiKiszYDPtd+g65LfXbWafHtzxOmjUICHV99 WfOhZhnfK7jNW4GzdbHLxnTteeLGVEfiiW/LHxOvPkWkdNbUmATlR1iVcSIO2MEX roZCfJwTDzJkkt2ThRk8UJZGbULKbmMlcS4p3xHpc7zDrvANPRDxIqixrLR5Coc8 xGulU90HSBwa8AnV16K89BCvsr76HlLU9FRPB8crQ+Ed7rDyd8rptmGN+p5SzSwH c8+T4ItAwv/cpVWXUAeaywPfiEFcuRvax7fxJRAol4SG4L3z4GgdTR5RXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKr4gscRCeW295CgIqb1DP+vfvshMB8GA1UdIwQY MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0 LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl5oPlPNA PXGovfsrq5jWKuQExXbthjUOvaeZ7fKlKW5pZ3tmOZwgj8bCoLPAyC9IEZ88VFa0 IKwOdOlGgK6lhNMmXuRmO9dqoXgfLmnyIV6H5s+9q0CtJrcOQ2fAlPFvX3G/8B2o hV+5PS/FPUDEpxLparayxGeIkTqlvUjkWEXXkW2N/Eaum2iJ/3O/WLt1kc42AXlA fO2hmK+4xDA9KhDJxASzXMBIBt4WWmvbFNR8GEpAnTufqi5sdyeZ1N826a7o/M1A yOeiMFBgIhsxPzmIovKz844EUdvBBasHkyDyVt+Mk0598uA5Ly18iJ3PD7FxiQa1 yEiXVRE4XTcZ5w== -----END CERTIFICATE-----Generated at Wed Dec 31 00:10:27 2025 by rpki-client