This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft File: oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json) Hash identifier: 8HCi2FmhoP9GskN5Km2S8DztdDxN7+ehpsfFEBiHfxU= Subject key identifier: 8B:42:D7:7C:60:62:B2:AC:2A:ED:31:8C:B9:F1:84:66:53:D2:FF:3A Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB Certificate issuer: /CN=a0252fe9b42a643f477e5846619aae886917effb Certificate serial: 019B33B2562DC92E68CCF7270F1AC75C175F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft Manifest number: 156C Signing time: Thu 18 Dec 2025 23:01:23 +0000 Manifest this update: Thu 18 Dec 2025 23:01:23 +0000 Manifest next update: Fri 19 Dec 2025 23:01:23 +0000 Files and hashes: 1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: UqzzuAjA5flLd/wsW3/M9vvOwle6G/SeoffE0XkzL4s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b2:56:2d:c9:2e:68:cc:f7:27:0f:1a:c7:5c:17:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb Validity Not Before: Dec 18 23:01:23 2025 GMT Not After : Dec 19 23:01:23 2025 GMT Subject: CN=8b42d77c6062b2ac2aed318cb9f1846653d2ff3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:40:99:56:5a:01:b3:78:57:1c:9c:f3:24:2e: ff:16:6b:14:70:fb:df:06:03:fb:9b:37:65:8a:e6: 29:2e:51:db:f5:68:c3:03:3e:83:54:6b:54:69:68: 0c:c1:23:da:9c:a7:53:56:14:80:97:76:9e:d4:9f: 0b:19:c7:f7:9c:28:81:ff:d4:4e:49:13:c9:31:7d: 8b:d3:3e:69:12:7e:5b:66:4f:bb:4f:ac:09:67:3b: 17:f9:cb:25:44:dd:fc:2f:38:29:c7:3c:1a:0d:62: 14:a2:c4:21:0e:43:8d:03:9a:67:ba:d7:6a:8b:d4: 70:44:6a:e0:cb:0a:57:96:7a:90:8d:14:f6:8b:b8: 4c:4c:f2:53:e1:45:ca:fa:a0:a9:58:40:49:ba:1f: 2f:66:2d:4d:74:72:c8:79:c8:23:5f:3f:7a:dd:5f: c6:eb:4c:f8:95:02:76:f8:7d:af:92:97:d5:05:82: 84:be:21:ef:b6:43:74:a4:27:2a:cb:0b:aa:77:61: f1:d6:1a:89:09:51:22:17:6b:f7:3c:bf:6f:c4:4c: 50:9a:e1:16:95:76:2e:d8:01:7f:e8:10:c0:1b:d7: 5d:fc:f9:f4:e2:d3:24:db:38:86:67:2a:d2:ba:57: f0:d1:f2:bf:c6:02:b7:23:2d:19:53:44:1f:3f:fc: 50:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:42:D7:7C:60:62:B2:AC:2A:ED:31:8C:B9:F1:84:66:53:D2:FF:3A X509v3 Authority Key Identifier: keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:73:2b:a2:06:10:54:d0:e3:ca:78:53:c5:17:32:0d:9b:20: 8f:b8:19:83:f7:24:0c:3e:19:62:cf:28:dd:3b:8e:b5:94:34: 0a:e0:f2:fd:d3:8c:24:eb:61:f7:cf:69:8d:3f:9f:48:39:61: 9c:5a:9d:17:8f:36:20:35:03:86:72:bc:52:bf:70:90:bb:4b: 58:83:f4:2d:b2:ac:04:4c:ba:73:53:53:93:2c:ac:48:39:28: 14:c7:b6:3b:3c:37:de:4a:ef:9a:fe:a9:8d:a7:b5:b3:53:67: e7:f6:b4:ca:54:0b:58:7f:ba:8e:6c:40:46:bf:a9:1a:dd:ed: 21:60:2c:af:81:24:29:fb:68:d9:4c:0d:89:f1:da:45:81:ef: 2c:ac:73:ce:69:6b:62:22:3b:0f:b3:ac:ad:8f:6e:11:bf:e7: 40:1a:1f:bd:d5:5d:bd:aa:f2:3a:de:a5:8f:c6:52:88:c6:fc: 7f:64:44:36:3d:77:d7:9e:ee:a4:ce:93:9f:8a:7a:9a:b2:44: 8d:6b:17:d0:13:66:07:7e:a3:bb:a4:47:68:23:3e:7b:ab:f7: bf:e4:4e:90:bb:a7:bb:cd:c6:93:a9:2c:b3:c9:c1:ab:b3:2a: 5f:c8:d2:3b:58:13:8b:5a:83:42:51:fc:6d:e7:c8:ff:4b:fc: 67:bd:ae:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszslYtyS5ozPcnDxrHXBdfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx N2VmZmIwHhcNMjUxMjE4MjMwMTIzWhcNMjUxMjE5MjMwMTIzWjAzMTEwLwYDVQQD Eyg4YjQyZDc3YzYwNjJiMmFjMmFlZDMxOGNiOWYxODQ2NjUzZDJmZjNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0CZVloBs3hXHJzzJC7/FmsUcPvf BgP7mzdliuYpLlHb9WjDAz6DVGtUaWgMwSPanKdTVhSAl3ae1J8LGcf3nCiB/9RO SRPJMX2L0z5pEn5bZk+7T6wJZzsX+cslRN38LzgpxzwaDWIUosQhDkONA5pnutdq i9RwRGrgywpXlnqQjRT2i7hMTPJT4UXK+qCpWEBJuh8vZi1NdHLIecgjXz963V/G 60z4lQJ2+H2vkpfVBYKEviHvtkN0pCcqywuqd2Hx1hqJCVEiF2v3PL9vxExQmuEW lXYu2AF/6BDAG9dd/Pn04tMk2ziGZyrSulfw0fK/xgK3Iy0ZU0QfP/xQZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFItC13xgYrKsKu0xjLnxhGZT0v86MB8GA1UdIwQY MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3 LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH3MrogYQ VNDjynhTxRcyDZsgj7gZg/ckDD4ZYs8o3TuOtZQ0CuDy/dOMJOth989pjT+fSDlh nFqdF482IDUDhnK8Ur9wkLtLWIP0LbKsBEy6c1NTkyysSDkoFMe2Ozw33krvmv6p jae1s1Nn5/a0ylQLWH+6jmxARr+pGt3tIWAsr4EkKfto2UwNifHaRYHvLKxzzmlr YiI7D7OsrY9uEb/nQBofvdVdvaryOt6lj8ZSiMb8f2RENj13157upM6Tn4p6mrJE jWsX0BNmB36ju6RHaCM+e6v3v+ROkLunu83Gk6kss8nBq7MqX8jSO1gTi1qDQlH8 befI/0v8Z72ulQ== -----END CERTIFICATE-----Generated at Fri Dec 19 03:02:48 2025 by rpki-client