This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft File: ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft (raw, json) Hash identifier: pIbIvrv5UME1KXpA4POZgzqNN0MooiG9D3yPmp3Rptw= Subject key identifier: 6D:A7:21:30:E6:92:71:95:E8:1A:70:67:99:B3:76:D9:68:64:99:34 Authority key identifier: 72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2 Certificate issuer: /CN=724f14189ab7105620375daf9baa814d6dd937a2 Certificate serial: 019B631DDE337FD2DF6003DCCF95596090C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft Manifest number: 090A Signing time: Sun 28 Dec 2025 04:01:00 +0000 Manifest this update: Sun 28 Dec 2025 04:01:00 +0000 Manifest next update: Mon 29 Dec 2025 04:01:00 +0000 Files and hashes: 1: ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl (hash: EnhWjv/rV52sh+exG9vun/qg4S3YqOROyn6zMtpxCCI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:1d:de:33:7f:d2:df:60:03:dc:cf:95:59:60:90:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=724f14189ab7105620375daf9baa814d6dd937a2 Validity Not Before: Dec 28 04:01:00 2025 GMT Not After : Dec 29 04:01:00 2025 GMT Subject: CN=6da72130e6927195e81a706799b376d968649934 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:56:f3:2d:dc:fc:bb:f6:bd:e8:ab:32:bf:b6: a8:d2:e5:e2:80:99:d3:63:ae:1f:91:c2:d5:cc:e0: 95:3e:ae:71:d0:d7:b8:44:78:ff:31:99:fc:b5:de: c6:2b:37:e7:4f:e1:59:3a:92:c9:30:ab:75:32:ff: 20:68:d9:b0:51:ee:60:1d:98:9e:9d:79:1e:1f:ac: 85:6b:40:82:62:80:81:24:1c:44:26:cb:25:31:75: c0:58:50:fd:c2:bb:34:af:5a:bc:95:21:aa:33:5e: 4d:34:c7:ff:2a:50:6d:72:0a:0f:57:d2:bb:1a:1a: 8b:37:32:29:5e:9c:33:54:be:81:37:79:21:12:d6: 35:a2:fa:05:20:7f:d3:99:7e:b1:dd:88:4f:cc:de: 84:a7:51:fb:53:29:ad:b5:dc:78:87:d6:f6:8d:13: 06:e4:4a:ae:4b:c6:78:34:77:25:13:cd:30:01:df: c7:fc:5c:f3:fe:62:a7:ec:cf:1f:12:71:db:fc:dd: 60:97:bb:37:26:a5:70:60:26:b7:a5:53:17:27:4f: 51:da:9e:79:fe:06:06:ea:cb:1c:88:4e:8d:22:af: 28:78:08:9b:73:dc:b1:c4:9c:62:a8:f5:b1:02:e6: e4:ea:2b:2e:02:7e:54:5b:ad:f4:98:69:45:d2:da: 71:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:A7:21:30:E6:92:71:95:E8:1A:70:67:99:B3:76:D9:68:64:99:34 X509v3 Authority Key Identifier: keyid:72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:d4:d7:bc:15:a0:93:83:0f:9a:9e:51:ad:25:87:f1:71:87: 3e:ce:1a:fd:45:85:2d:0c:03:f0:75:1d:fa:4b:6c:9f:2d:b6: 76:41:4c:5e:04:d7:b1:78:91:c2:39:fc:ad:6e:e4:68:e7:fb: 3f:64:2c:30:79:21:3c:2e:d2:6d:04:f2:f9:6b:33:cf:72:5a: fa:c9:cd:a7:52:e9:24:c1:49:ba:4f:1e:51:ee:04:34:b0:03: 23:35:c1:e3:5c:9d:1c:09:0b:ce:84:4a:dc:94:db:0f:89:3d: fe:07:dd:46:26:ef:b1:d2:09:29:4c:b0:b2:ce:69:31:86:34: 14:92:5c:5f:fc:e8:3f:e5:03:3f:ba:05:f8:06:69:61:da:e8: 17:e8:4f:59:df:26:ce:38:2e:da:23:0d:fe:56:cc:f6:c8:82: 78:84:29:4b:28:62:a7:74:78:c5:25:35:c1:6f:d6:77:08:6f: ec:a2:43:e3:7b:29:14:d7:54:61:91:0b:57:27:1b:d9:94:b5: 6d:b5:71:9c:84:a6:0a:86:c4:b1:a4:0d:01:a3:91:4c:62:60: 43:02:ae:7e:90:9c:ee:5e:ac:81:d3:5c:2d:52:41:86:9b:a9: d7:8a:82:d2:f0:59:87:d7:cb:65:ce:d7:98:16:99:ab:2a:2b: 43:da:81:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjHd4zf9LfYAPcz5VZYJDFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNGYxNDE4OWFiNzEwNTYyMDM3NWRhZjliYWE4MTRkNmRk OTM3YTIwHhcNMjUxMjI4MDQwMTAwWhcNMjUxMjI5MDQwMTAwWjAzMTEwLwYDVQQD Eyg2ZGE3MjEzMGU2OTI3MTk1ZTgxYTcwNjc5OWIzNzZkOTY4NjQ5OTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVbzLdz8u/a96Ksyv7ao0uXigJnT Y64fkcLVzOCVPq5x0Ne4RHj/MZn8td7GKzfnT+FZOpLJMKt1Mv8gaNmwUe5gHZie nXkeH6yFa0CCYoCBJBxEJsslMXXAWFD9wrs0r1q8lSGqM15NNMf/KlBtcgoPV9K7 GhqLNzIpXpwzVL6BN3khEtY1ovoFIH/TmX6x3YhPzN6Ep1H7Uymttdx4h9b2jRMG 5EquS8Z4NHclE80wAd/H/Fzz/mKn7M8fEnHb/N1gl7s3JqVwYCa3pVMXJ09R2p55 /gYG6ssciE6NIq8oeAibc9yxxJxiqPWxAubk6isuAn5UW630mGlF0tpxMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG2nITDmknGV6BpwZ5mzdtloZJk0MB8GA1UdIwQY MBaAFHJPFBiatxBWIDddr5uqgU1t2TeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMt MjcxNWViNzEwZTgwLzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMtMjcxNWViNzEwZTgw LzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE9TXvBWg k4MPmp5RrSWH8XGHPs4a/UWFLQwD8HUd+ktsny22dkFMXgTXsXiRwjn8rW7kaOf7 P2QsMHkhPC7SbQTy+Wszz3Ja+snNp1LpJMFJuk8eUe4ENLADIzXB41ydHAkLzoRK 3JTbD4k9/gfdRibvsdIJKUywss5pMYY0FJJcX/zoP+UDP7oF+AZpYdroF+hPWd8m zjgu2iMN/lbM9siCeIQpSyhip3R4xSU1wW/Wdwhv7KJD43spFNdUYZELVycb2ZS1 bbVxnISmCobEsaQNAaORTGJgQwKufpCc7l6sgdNcLVJBhpup14qC0vBZh9fLZc7X mBaZqyorQ9qBMg== -----END CERTIFICATE-----Generated at Sun Dec 28 05:01:28 2025 by rpki-client