This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft File: 0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json) Hash identifier: Y1m65rGNGYvm958Qm6yzgkE5ZBQPN1ChRqxH43x7lL0= Subject key identifier: D5:97:D8:1A:62:19:ED:E1:42:42:95:AB:04:B4:3D:83:B8:28:B1:0F Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A Certificate issuer: /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a Certificate serial: 019B5F41EC2CC340A58B25BD542746DDCB3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft Manifest number: 0EFA Signing time: Sat 27 Dec 2025 10:01:54 +0000 Manifest this update: Sat 27 Dec 2025 10:01:54 +0000 Manifest next update: Sun 28 Dec 2025 10:01:54 +0000 Files and hashes: 1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: YkFYtD3E+GFL3ZIY2e+M4TlvxToZid16u08XiE260ng=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 08:42:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5f:41:ec:2c:c3:40:a5:8b:25:bd:54:27:46:dd:cb:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a Validity Not Before: Dec 27 10:01:54 2025 GMT Not After : Dec 28 10:01:54 2025 GMT Subject: CN=d597d81a6219ede1424295ab04b43d83b828b10f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:46:34:af:45:78:d7:dc:d3:76:b4:5f:9f:73: 57:b5:59:15:b8:46:e8:e9:9f:d7:e1:e0:43:1a:98: 9c:28:c8:f4:3f:6f:33:02:81:34:2b:6f:5d:ee:fc: 7d:65:1c:9d:63:ef:ba:de:13:ea:c3:21:23:e1:17: be:b1:9f:2f:23:e8:18:12:f0:4f:ad:db:e5:3c:69: 58:0e:47:a5:8c:30:ad:0f:0a:4b:d6:0a:7a:d8:b2: 54:1b:d9:19:b8:25:b9:4c:96:14:55:be:d0:50:51: b8:8d:4a:a3:f0:6c:04:e5:b5:90:8a:ac:fe:50:ec: 25:66:61:d1:1c:79:2b:2c:7d:8e:4d:60:a4:79:7b: e8:42:b4:2a:39:a2:a8:22:20:37:17:a1:9f:b1:75: e2:55:ba:42:40:19:8e:f2:fb:01:21:e1:0c:0d:1d: b3:2c:99:76:55:d5:6d:e5:d7:b4:df:b7:01:7e:af: 3a:85:2c:8a:55:bf:ce:d9:fd:83:23:3c:49:8a:4d: 35:89:6a:ae:cb:ce:21:b2:d0:84:a6:83:f2:1c:e4: f4:07:c1:38:05:0a:86:c7:fe:b7:9b:c4:bf:cf:c1: 1b:4b:fd:c3:a3:79:2e:1f:2e:c5:f6:96:c4:60:98: 05:cf:9b:09:7d:04:e9:b4:c5:5a:a9:e2:9d:43:67: 0a:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:97:D8:1A:62:19:ED:E1:42:42:95:AB:04:B4:3D:83:B8:28:B1:0F X509v3 Authority Key Identifier: keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:b8:22:00:a7:48:a5:7b:61:dd:aa:93:0a:e9:85:bd:c2:82: 55:15:b3:0c:49:c8:eb:a2:92:59:a2:a5:c4:d0:52:a0:2c:7b: 0c:71:fd:1e:db:dd:3c:c0:19:bc:cd:fb:56:e6:dd:f8:61:62: ea:2c:e9:27:80:de:06:71:ec:c4:cc:7a:d5:dc:56:38:49:d7: 09:47:f2:2a:2a:1f:00:67:65:ab:56:fc:17:44:f5:0c:85:bf: c0:17:c3:9f:2f:2c:97:35:e7:e9:7e:cf:e1:4b:25:cc:d0:65: 8a:15:cb:b3:52:50:93:0b:1e:0b:0b:a2:bf:f6:06:24:cd:39: ba:77:26:cc:74:20:2a:b5:4f:93:d2:e5:12:74:7a:78:45:c2: 52:52:21:3f:97:57:b7:37:c5:d1:cc:1e:38:00:ea:e2:5c:40: be:cb:d0:e1:91:80:05:8e:03:4c:bc:47:62:18:40:7d:f1:69: 16:56:ae:3d:d1:c4:0d:ab:26:9e:b6:fd:98:e1:c7:03:27:44: 84:74:cc:60:2d:76:25:78:d3:44:62:30:87:59:9b:59:13:68: be:51:bc:ce:cd:d3:8f:74:a4:d2:be:1e:c4:bd:63:23:fa:ba: f0:79:70:b0:d5:51:7d:cb:7c:97:2e:5c:79:9f:a0:81:1d:c6: 5f:09:da:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtfQewsw0CliyW9VCdG3cs8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1 ODdmM2EwHhcNMjUxMjI3MTAwMTU0WhcNMjUxMjI4MTAwMTU0WjAzMTEwLwYDVQQD EyhkNTk3ZDgxYTYyMTllZGUxNDI0Mjk1YWIwNGI0M2Q4M2I4MjhiMTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEY0r0V419zTdrRfn3NXtVkVuEbo 6Z/X4eBDGpicKMj0P28zAoE0K29d7vx9ZRydY++63hPqwyEj4Re+sZ8vI+gYEvBP rdvlPGlYDkeljDCtDwpL1gp62LJUG9kZuCW5TJYUVb7QUFG4jUqj8GwE5bWQiqz+ UOwlZmHRHHkrLH2OTWCkeXvoQrQqOaKoIiA3F6GfsXXiVbpCQBmO8vsBIeEMDR2z LJl2VdVt5de037cBfq86hSyKVb/O2f2DIzxJik01iWquy84hstCEpoPyHOT0B8E4 BQqGx/63m8S/z8EbS/3Do3kuHy7F9pbEYJgFz5sJfQTptMVaqeKdQ2cKTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNWX2BpiGe3hQkKVqwS0PYO4KLEPMB8GA1UdIwQY MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0 LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYbgiAKdI pXth3aqTCumFvcKCVRWzDEnI66KSWaKlxNBSoCx7DHH9HtvdPMAZvM37Vubd+GFi 6izpJ4DeBnHsxMx61dxWOEnXCUfyKiofAGdlq1b8F0T1DIW/wBfDny8slzXn6X7P 4UslzNBlihXLs1JQkwseCwuiv/YGJM05uncmzHQgKrVPk9LlEnR6eEXCUlIhP5dX tzfF0cweOADq4lxAvsvQ4ZGABY4DTLxHYhhAffFpFlauPdHEDasmnrb9mOHHAydE hHTMYC12JXjTRGIwh1mbWRNovlG8zs3Tj3Sk0r4exL1jI/q68HlwsNVRfct8ly5c eZ+ggR3GXwnajg== -----END CERTIFICATE-----Generated at Sat Dec 27 15:40:48 2025 by rpki-client