This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft File: 0ffNDsTDvFTFlDEwfuw27wOCdzM.mft (raw, json) Hash identifier: RXS9HSySVwcGdHiltSpjpKC0OgZLZAU7vZngTE+OczU= Subject key identifier: 1C:2B:84:C1:BC:3B:FA:73:0A:EF:E1:77:B9:81:ED:63:4F:F1:5E:17 Authority key identifier: D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33 Certificate issuer: /CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733 Certificate serial: 019B40C8EDE4CBCC9F3705CACEF7D0D4495B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 12:01:08 +0000 Manifest this update: Sun 21 Dec 2025 12:01:08 +0000 Manifest next update: Mon 22 Dec 2025 12:01:08 +0000 Files and hashes: 1: 0ffNDsTDvFTFlDEwfuw27wOCdzM.crl (hash: HBszP8Qp+LaTjXGyS1nTP6Bj5zckPhOdPnwibGPhOaI=) 2: On0cxXdpQvZ_jJI1Rkh3ZfuLUxc.roa (hash: 9kDdHzwM7pfMm0bFoQEb02mFtUGZEAgcsF0RvK2rnzM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:ed:e4:cb:cc:9f:37:05:ca:ce:f7:d0:d4:49:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733 Validity Not Before: Dec 21 12:01:08 2025 GMT Not After : Dec 22 12:01:08 2025 GMT Subject: CN=1c2b84c1bc3bfa730aefe177b981ed634ff15e17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:77:5c:23:10:a9:e4:f6:f6:79:55:de:22:45: bb:0e:25:fc:ca:23:f1:2d:74:23:21:10:6e:25:62: cd:3a:58:2c:44:71:50:ce:0f:1d:a2:2a:15:4c:6e: 48:2f:91:dc:08:80:22:70:7e:19:d9:21:0b:0b:9f: 06:78:36:5c:7a:78:82:3f:97:c9:6a:1c:fa:0b:60: 8c:32:e4:2e:46:51:e7:be:02:b0:5a:aa:e0:50:33: 40:b8:30:2c:d5:45:b1:91:6a:f4:1a:41:4a:fc:d3: c9:34:db:4f:11:57:e9:97:ae:ea:b8:b3:7d:b5:f3: 7d:86:31:d1:c4:28:65:8c:d5:c3:7a:6c:f5:37:3f: 0c:98:cc:b5:e3:9e:99:f2:3d:2f:1f:10:e2:35:e4: de:d3:a0:2c:d7:73:af:3c:02:13:5f:43:54:81:cd: a4:e8:5c:82:f6:32:20:dc:62:3a:65:12:51:48:f1: 65:e6:0d:4a:ac:8b:8a:ef:c5:d3:35:e9:23:97:bf: 90:a2:63:ee:55:e3:5a:15:13:e7:1c:ef:1a:f5:65: 34:dc:fc:01:f1:39:09:24:f7:5f:5b:c0:c7:7d:bb: 97:6f:23:fc:20:f3:f7:37:50:8d:87:ae:b7:46:67: 3a:cf:c4:1c:39:b0:f0:de:60:e5:b8:61:ab:8e:6e: 53:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:2B:84:C1:BC:3B:FA:73:0A:EF:E1:77:B9:81:ED:63:4F:F1:5E:17 X509v3 Authority Key Identifier: keyid:D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:57:5f:1c:51:c8:4d:1a:4e:f2:d2:13:dd:ea:d1:d7:da:9e: d7:b7:12:91:ec:17:ce:4a:ef:96:6a:f2:4b:91:ab:d3:d5:1a: d6:f6:74:02:6e:77:e2:c6:3e:66:79:9b:a7:48:88:e3:21:bc: d8:f6:c8:7f:04:e8:08:01:2d:60:46:79:87:9a:04:dc:7b:1c: af:3e:28:da:24:6f:44:1b:22:ac:d0:0d:3c:31:63:7d:94:43: 3f:4c:47:e1:4d:ad:5c:73:1c:5f:03:57:9f:0d:3b:37:2f:ed: f8:97:ca:f5:f9:85:c5:ee:35:24:17:f9:33:cb:a1:58:a6:3c: 11:34:31:55:9e:f7:95:5a:53:f6:f3:ea:22:e7:09:39:97:3d: 44:85:bb:fc:e5:c9:ff:11:c3:0f:82:8c:3c:2b:84:c6:bc:4a: 73:27:9c:73:b8:67:d9:03:d2:70:8b:84:97:e9:12:d6:67:cf: cd:bf:c2:9a:07:62:c6:af:e4:26:ba:1c:0f:6f:bc:49:85:9e: 3c:ab:49:bb:d4:5a:99:67:f8:dd:eb:c0:0a:28:f0:20:9d:3c: 86:32:54:f5:bb:47:80:4e:a5:c8:24:52:bd:ae:43:a4:c5:1f: 25:6c:cd:03:28:19:f7:1e:31:6e:1d:d8:af:91:08:0f:4d:80: 1a:90:f7:7d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyO3ky8yfNwXKzvfQ1ElbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxZjdjZDBlYzRjM2JjNTRjNTk0MzEzMDdlZWMzNmVmMDM4 Mjc3MzMwHhcNMjUxMjIxMTIwMTA4WhcNMjUxMjIyMTIwMTA4WjAzMTEwLwYDVQQD EygxYzJiODRjMWJjM2JmYTczMGFlZmUxNzdiOTgxZWQ2MzRmZjE1ZTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHdcIxCp5Pb2eVXeIkW7DiX8yiPx LXQjIRBuJWLNOlgsRHFQzg8doioVTG5IL5HcCIAicH4Z2SELC58GeDZceniCP5fJ ahz6C2CMMuQuRlHnvgKwWqrgUDNAuDAs1UWxkWr0GkFK/NPJNNtPEVfpl67quLN9 tfN9hjHRxChljNXDemz1Nz8MmMy1456Z8j0vHxDiNeTe06As13OvPAITX0NUgc2k 6FyC9jIg3GI6ZRJRSPFl5g1KrIuK78XTNekjl7+QomPuVeNaFRPnHO8a9WU03PwB 8TkJJPdfW8DHfbuXbyP8IPP3N1CNh663Rmc6z8QcObDw3mDluGGrjm5TAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBwrhMG8O/pzCu/hd7mB7WNP8V4XMB8GA1UdIwQY MBaAFNH3zQ7Ew7xUxZQxMH7sNu8DgnczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgt OWNiNWQ4OGZkZDM5LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgtOWNiNWQ4OGZkZDM5 LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZldfHFHI TRpO8tIT3erR19qe17cSkewXzkrvlmryS5Gr09Ua1vZ0Am534sY+Znmbp0iI4yG8 2PbIfwToCAEtYEZ5h5oE3Hscrz4o2iRvRBsirNANPDFjfZRDP0xH4U2tXHMcXwNX nw07Ny/t+JfK9fmFxe41JBf5M8uhWKY8ETQxVZ73lVpT9vPqIucJOZc9RIW7/OXJ /xHDD4KMPCuExrxKcyecc7hn2QPScIuEl+kS1mfPzb/Cmgdixq/kJrocD2+8SYWe PKtJu9RamWf43evACijwIJ08hjJU9btHgE6lyCRSva5DpMUfJWzNAygZ9x4xbh3Y r5EID02AGpD3fQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:18:11 2025 by rpki-client