This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft File: cBKlLoiwGDLPDuN8zath3s59EsY.mft (raw, json) Hash identifier: bdw3qq/RnI56npSKZ4ENSm6xgIvtpuquSwtMYoz+BjE= Subject key identifier: F4:CD:C0:C8:DF:F5:C7:6F:8F:86:57:95:BC:1A:9F:DC:AE:AF:25:E3 Authority key identifier: 70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6 Certificate issuer: /CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6 Certificate serial: 019B48B94EA11E10938BF723A294CECC962A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft Manifest number: 0C0F Signing time: Tue 23 Dec 2025 01:01:02 +0000 Manifest this update: Tue 23 Dec 2025 01:01:02 +0000 Manifest next update: Wed 24 Dec 2025 01:01:02 +0000 Files and hashes: 1: cBKlLoiwGDLPDuN8zath3s59EsY.crl (hash: ccm2J8kngGR4wA35DCWnUezg0LkG8QfldUF0e3GiGsM=) 2: muE7z7bw5WUF44PtXee-WtjAnUQ.roa (hash: eOTAuS8cb5e4NeqERvCCoU2l75Ey2kGH2CxTpug1Tes=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:b9:4e:a1:1e:10:93:8b:f7:23:a2:94:ce:cc:96:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6 Validity Not Before: Dec 23 01:01:02 2025 GMT Not After : Dec 24 01:01:02 2025 GMT Subject: CN=f4cdc0c8dff5c76f8f865795bc1a9fdcaeaf25e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:47:ca:1a:d0:e2:df:06:a2:ee:c9:c0:4e:72: 89:77:68:44:6e:b7:8a:81:64:1a:c3:85:11:47:64: 4a:61:82:11:2b:d0:b3:3c:2b:21:1e:66:25:99:de: 18:56:a8:e2:2d:4a:e6:91:73:63:83:d1:05:4c:4e: f9:c1:2e:0b:ab:d0:4e:da:8a:5a:29:20:2d:40:38: db:f0:81:2a:5d:ab:98:68:8f:1e:df:42:02:2d:82: 34:84:d4:18:7e:34:60:d8:f6:9d:0b:f6:04:9d:df: 36:2f:74:2f:fb:e1:6c:21:db:8b:4c:da:b8:bc:f3: 73:c7:07:35:88:20:cf:c4:16:3c:9b:e3:c0:ad:30: 10:d8:aa:c2:d3:65:f8:f6:0f:93:f1:a1:15:06:83: 37:00:c0:a2:39:6e:39:46:87:3e:be:1d:06:d3:d8: 27:12:e0:28:ae:80:ea:22:c6:6b:5e:f8:53:9b:c1: aa:9b:fd:39:2a:b2:7e:bf:2e:2b:f4:a9:ac:89:2f: 60:79:e1:4d:a5:cb:a2:bd:d4:eb:84:e6:cc:a8:e5: 8c:5c:fd:c7:ee:11:e1:9f:af:3e:c9:e3:e8:7f:a2: c0:b2:03:41:b6:e4:15:fe:c8:d5:93:2c:13:fe:5c: 0d:dd:77:f4:31:53:f6:0b:55:01:37:e5:73:5f:dd: 4a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:CD:C0:C8:DF:F5:C7:6F:8F:86:57:95:BC:1A:9F:DC:AE:AF:25:E3 X509v3 Authority Key Identifier: keyid:70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:ac:1b:8e:dd:1a:4b:f0:b1:e0:bf:9e:e6:08:cb:7a:83:d9: fc:fa:8c:50:6d:fb:af:43:79:72:42:e0:5b:e2:5a:63:30:40: 87:bc:33:db:2d:38:5b:25:15:bd:e3:f9:c4:db:95:b3:89:e9: a5:c2:c4:ae:8c:8c:c6:e5:86:e4:6f:05:78:3d:ac:c6:09:a4: dc:d3:38:6a:93:be:0d:bc:8c:34:97:3a:51:55:03:19:84:33: 60:11:31:0d:23:18:c1:75:1a:90:e9:13:1e:ab:1b:51:e6:96: 7b:8d:1e:91:eb:c4:48:63:95:d9:82:01:c3:03:0a:99:d5:bf: be:4f:4a:74:99:9e:97:86:98:e0:56:a8:1d:d9:50:b1:0f:8b: 35:cf:33:85:a3:99:3a:2c:72:90:37:54:8b:fa:d1:37:ae:24: c3:ea:70:7a:4b:68:4b:ea:3d:1a:e6:18:15:95:c4:e6:03:21: f4:3d:33:e5:52:d7:8a:66:cb:0f:bc:3b:8c:39:b6:e4:c2:5e: 83:a3:c5:41:0e:6f:5d:84:3c:60:16:a8:b8:70:0d:7b:da:c7: 49:a5:07:20:df:ec:f4:4f:2a:f8:8b:6e:c6:62:18:e9:a2:f9: 0d:c6:1d:1f:75:10:ce:87:e8:ae:09:26:a2:67:a1:d1:9f:d6: cf:ce:a2:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIuU6hHhCTi/cjopTOzJYqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwMTJhNTJlODhiMDE4MzJjZjBlZTM3Y2NkYWI2MWRlY2U3 ZDEyYzYwHhcNMjUxMjIzMDEwMTAyWhcNMjUxMjI0MDEwMTAyWjAzMTEwLwYDVQQD EyhmNGNkYzBjOGRmZjVjNzZmOGY4NjU3OTViYzFhOWZkY2FlYWYyNWUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EfKGtDi3wai7snATnKJd2hEbreK gWQaw4URR2RKYYIRK9CzPCshHmYlmd4YVqjiLUrmkXNjg9EFTE75wS4Lq9BO2opa KSAtQDjb8IEqXauYaI8e30ICLYI0hNQYfjRg2PadC/YEnd82L3Qv++FsIduLTNq4 vPNzxwc1iCDPxBY8m+PArTAQ2KrC02X49g+T8aEVBoM3AMCiOW45Roc+vh0G09gn EuAoroDqIsZrXvhTm8Gqm/05KrJ+vy4r9KmsiS9geeFNpcuivdTrhObMqOWMXP3H 7hHhn68+yePof6LAsgNBtuQV/sjVkywT/lwN3Xf0MVP2C1UBN+VzX91KGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPTNwMjf9cdvj4ZXlbwan9yuryXjMB8GA1UdIwQY MBaAFHASpS6IsBgyzw7jfM2rYd7OfRLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgt MzIwMWI4N2YxNDkwLzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgtMzIwMWI4N2YxNDkw LzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA6wbjt0a S/Cx4L+e5gjLeoPZ/PqMUG37r0N5ckLgW+JaYzBAh7wz2y04WyUVveP5xNuVs4np pcLEroyMxuWG5G8FeD2sxgmk3NM4apO+DbyMNJc6UVUDGYQzYBExDSMYwXUakOkT HqsbUeaWe40ekevESGOV2YIBwwMKmdW/vk9KdJmel4aY4FaoHdlQsQ+LNc8zhaOZ OixykDdUi/rRN64kw+pwektoS+o9GuYYFZXE5gMh9D0z5VLXimbLD7w7jDm25MJe g6PFQQ5vXYQ8YBaouHANe9rHSaUHIN/s9E8q+ItuxmIY6aL5DcYdH3UQzoforgkm omeh0Z/Wz86iWA== -----END CERTIFICATE-----Generated at Tue Dec 23 09:20:03 2025 by rpki-client