This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/f8d98d-1ffe-4639-b373-9ba1172a68c0/1/0bS-sKan4ShKv0OFNIz0hhALn4A.mft File: 0bS-sKan4ShKv0OFNIz0hhALn4A.mft (raw, json) Hash identifier: GfYDuS1Zf7F/i0NGHinogMrlkrpcq9noX0dGy14Nz+A= Subject key identifier: C4:A4:0D:E1:BC:42:2D:5F:D5:14:60:8D:8B:AA:F8:A6:09:3E:56:3B Authority key identifier: D1:B4:BE:B0:A6:A7:E1:28:4A:BF:43:85:34:8C:F4:86:10:0B:9F:80 Certificate issuer: /CN=d1b4beb0a6a7e1284abf4385348cf486100b9f80 Certificate serial: 019B2B1DDA5A528C67492CA60CF7AE3C4EDB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0bS-sKan4ShKv0OFNIz0hhALn4A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/f8d98d-1ffe-4639-b373-9ba1172a68c0/1/0bS-sKan4ShKv0OFNIz0hhALn4A.mft Manifest number: 0F7F Signing time: Wed 17 Dec 2025 07:02:15 +0000 Manifest this update: Wed 17 Dec 2025 07:02:15 +0000 Manifest next update: Thu 18 Dec 2025 07:02:15 +0000 Files and hashes: 1: 0bS-sKan4ShKv0OFNIz0hhALn4A.crl (hash: ZfWLEYElwf+U7AnksTu0rZR10/B64fB4CbveBjsH8nw=) 2: c4vhQn8zi1dmhfuFlEzS457ekqY.roa (hash: K0d7LR2NOcizL+J6fo8ZUFPUHzj1ReR3yGovArPpqzY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/f8d98d-1ffe-4639-b373-9ba1172a68c0/1/0bS-sKan4ShKv0OFNIz0hhALn4A.crl rsync://rpki.ripe.net/repository/DEFAULT/43/f8d98d-1ffe-4639-b373-9ba1172a68c0/1/0bS-sKan4ShKv0OFNIz0hhALn4A.mft rsync://rpki.ripe.net/repository/DEFAULT/0bS-sKan4ShKv0OFNIz0hhALn4A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 07:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:1d:da:5a:52:8c:67:49:2c:a6:0c:f7:ae:3c:4e:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1b4beb0a6a7e1284abf4385348cf486100b9f80 Validity Not Before: Dec 17 07:02:15 2025 GMT Not After : Dec 18 07:02:15 2025 GMT Subject: CN=c4a40de1bc422d5fd514608d8baaf8a6093e563b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:63:fd:67:5b:3e:0e:d7:67:2e:38:a3:0c:c3: 25:c5:0f:d2:05:20:dc:f7:ad:90:9c:6a:ef:07:60: 34:6c:77:89:28:33:6d:8e:a7:9e:af:e8:d4:b1:cb: de:ca:36:5a:ee:39:e4:a8:47:36:ce:c1:82:cf:f9: a9:4d:08:84:ad:58:56:f3:8c:6d:2a:a0:f5:cb:e8: 6a:04:f4:c9:5e:fc:ca:ce:54:73:e9:9c:61:64:61: f1:8d:71:79:ba:12:53:7f:ad:a9:29:cc:b7:e5:ef: 65:90:28:f1:21:41:0b:e4:12:d2:d0:09:e2:ef:27: 14:01:60:8e:4b:a3:9c:ec:20:27:de:30:00:1d:c9: 22:0e:24:f6:5f:00:3f:7f:e6:4e:70:21:5c:d3:ec: e9:a6:04:67:f0:87:3f:30:0c:a2:ee:9a:a5:16:5f: ea:47:f0:b7:54:54:6b:6a:d5:e3:ce:fe:1e:13:55: 51:21:1f:88:c1:b7:e7:82:8f:32:27:57:3e:59:da: 6c:6d:90:96:95:b1:27:03:99:f9:e5:f1:22:1b:7c: 30:a8:4c:fa:d3:54:64:05:34:ba:4f:6b:fa:93:72: 6f:9f:3c:d0:0e:ed:44:48:1f:b0:39:31:72:15:54: a2:9f:b1:63:36:a1:c7:92:5c:7f:a9:30:07:d8:55: 0f:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:A4:0D:E1:BC:42:2D:5F:D5:14:60:8D:8B:AA:F8:A6:09:3E:56:3B X509v3 Authority Key Identifier: keyid:D1:B4:BE:B0:A6:A7:E1:28:4A:BF:43:85:34:8C:F4:86:10:0B:9F:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bS-sKan4ShKv0OFNIz0hhALn4A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f8d98d-1ffe-4639-b373-9ba1172a68c0/1/0bS-sKan4ShKv0OFNIz0hhALn4A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f8d98d-1ffe-4639-b373-9ba1172a68c0/1/0bS-sKan4ShKv0OFNIz0hhALn4A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:21:a0:1b:23:f2:ba:64:a1:dd:eb:2d:76:ff:c9:37:5d:fe: 90:17:c0:11:f0:38:33:d9:89:36:e0:23:ff:2e:ff:41:1b:f0: 8d:61:f8:e8:42:8b:6a:09:16:84:c5:38:34:9d:1c:f0:f7:56: 82:b6:f8:89:16:57:d2:03:1d:68:3f:56:fd:26:d7:34:6c:fb: 70:30:7c:b3:e7:f0:16:45:32:fa:eb:97:9f:60:af:dc:45:47: 2c:35:9e:6d:4b:eb:0f:e9:bd:0d:f3:c6:9d:13:95:78:9d:67: ff:8a:77:14:1d:54:95:17:07:f5:f8:7a:e0:df:9c:3e:16:e3: cb:f5:f1:03:cd:10:31:94:4a:a6:7d:0f:53:d7:aa:54:3e:74: 7f:c4:60:00:9a:0e:09:45:e2:72:ab:de:d2:49:46:4c:d7:01: 16:d4:8d:79:50:1e:f7:bb:7a:7b:b5:0a:6b:08:ed:dc:78:03: 2a:fc:e6:c4:0b:86:a1:35:5d:3c:cb:65:a3:39:4a:c9:49:8d: ee:69:4b:07:e2:6a:11:00:bd:0d:51:40:99:71:0d:4e:f4:28: c4:5e:15:67:c5:e5:74:9d:af:04:e4:35:ab:10:b8:89:5d:31: 8f:76:6f:01:75:60:54:d2:6c:34:6e:b4:cb:b5:92:ae:54:32: 7a:39:df:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrHdpaUoxnSSymDPeuPE7bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxYjRiZWIwYTZhN2UxMjg0YWJmNDM4NTM0OGNmNDg2MTAw YjlmODAwHhcNMjUxMjE3MDcwMjE1WhcNMjUxMjE4MDcwMjE1WjAzMTEwLwYDVQQD EyhjNGE0MGRlMWJjNDIyZDVmZDUxNDYwOGQ4YmFhZjhhNjA5M2U1NjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGP9Z1s+DtdnLjijDMMlxQ/SBSDc 962QnGrvB2A0bHeJKDNtjqeer+jUscveyjZa7jnkqEc2zsGCz/mpTQiErVhW84xt KqD1y+hqBPTJXvzKzlRz6ZxhZGHxjXF5uhJTf62pKcy35e9lkCjxIUEL5BLS0Ani 7ycUAWCOS6Oc7CAn3jAAHckiDiT2XwA/f+ZOcCFc0+zppgRn8Ic/MAyi7pqlFl/q R/C3VFRratXjzv4eE1VRIR+Iwbfngo8yJ1c+WdpsbZCWlbEnA5n55fEiG3wwqEz6 01RkBTS6T2v6k3JvnzzQDu1ESB+wOTFyFVSin7FjNqHHklx/qTAH2FUPGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMSkDeG8Qi1f1RRgjYuq+KYJPlY7MB8GA1UdIwQY MBaAFNG0vrCmp+EoSr9DhTSM9IYQC5+AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGJTLXNLYW40U2hLdjBPRk5JejBoaEFMbjRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9mOGQ5OGQtMWZmZS00NjM5LWIzNzMt OWJhMTE3MmE2OGMwLzEvMGJTLXNLYW40U2hLdjBPRk5JejBoaEFMbjRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9mOGQ5OGQtMWZmZS00NjM5LWIzNzMtOWJhMTE3MmE2OGMw LzEvMGJTLXNLYW40U2hLdjBPRk5JejBoaEFMbjRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfiGgGyPy umSh3estdv/JN13+kBfAEfA4M9mJNuAj/y7/QRvwjWH46EKLagkWhMU4NJ0c8PdW grb4iRZX0gMdaD9W/SbXNGz7cDB8s+fwFkUy+uuXn2Cv3EVHLDWebUvrD+m9DfPG nROVeJ1n/4p3FB1UlRcH9fh64N+cPhbjy/XxA80QMZRKpn0PU9eqVD50f8RgAJoO CUXicqve0klGTNcBFtSNeVAe97t6e7UKawjt3HgDKvzmxAuGoTVdPMtlozlKyUmN 7mlLB+JqEQC9DVFAmXENTvQoxF4VZ8XldJ2vBOQ1qxC4iV0xj3ZvAXVgVNJsNG60 y7WSrlQyejnfrw== -----END CERTIFICATE-----Generated at Wed Dec 17 15:16:28 2025 by rpki-client