This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft File: 0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json) Hash identifier: 0nhsGCzlL3AYgZpGHvkU0U7diHKf9OCU13Wg8NmKdrU= Subject key identifier: E3:20:61:FC:DE:CE:55:DC:D0:9C:FA:48:B4:0F:F5:1C:8B:78:1B:DE Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33 Certificate issuer: /CN=d2986777a44ed0940f29a795c75f45a62f44bb33 Certificate serial: 019B650DC6D8978BB697AD84ECBA64DDE864 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft Manifest number: 0787 Signing time: Sun 28 Dec 2025 13:02:40 +0000 Manifest this update: Sun 28 Dec 2025 13:02:40 +0000 Manifest next update: Mon 29 Dec 2025 13:02:40 +0000 Files and hashes: 1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: nmSUzgre0K0nSwYRPqcNYMV5eGxG623gwRACwyADBO8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 12:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:0d:c6:d8:97:8b:b6:97:ad:84:ec:ba:64:dd:e8:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33 Validity Not Before: Dec 28 13:02:40 2025 GMT Not After : Dec 29 13:02:40 2025 GMT Subject: CN=e32061fcdece55dcd09cfa48b40ff51c8b781bde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f5:b3:23:af:73:cc:c5:3d:37:9e:16:38:2d: 43:4f:ee:5d:2b:73:08:37:8a:0f:f0:a3:a9:54:35: 43:77:83:ba:53:3b:a2:ad:ec:35:18:09:bf:6a:16: bd:ed:1c:d5:ab:52:6b:02:5c:28:36:2a:17:55:92: fe:f3:3a:12:b3:46:81:12:44:e2:24:b1:ec:d0:8a: 2a:c8:d9:80:99:42:a8:b4:54:b1:4f:f7:02:84:d4: 1d:48:dd:8c:24:8d:4c:a3:68:9b:36:95:93:51:55: 92:47:d1:a9:fb:96:29:4a:70:33:e2:8d:c6:d2:99: a5:f8:40:4e:8d:64:8a:30:86:de:fa:39:5e:df:4a: 15:17:05:1d:80:47:bf:33:fa:c0:02:16:25:81:32: 78:11:4c:dd:d0:77:a3:d5:da:50:78:dd:cb:63:2e: 47:61:39:3c:78:96:6a:21:f3:be:f0:ab:72:e4:fc: b3:26:6e:cc:d1:e9:79:9b:c2:f0:41:b7:bf:89:9d: c3:96:94:1f:de:83:b4:d2:72:4a:fa:8e:d2:40:73: 14:40:58:07:9f:a1:01:6d:77:ea:f1:d5:de:52:f0: c1:9e:88:e5:63:29:65:16:a0:02:96:f3:ab:8d:6e: 01:60:84:b2:b7:34:75:e1:59:17:2a:d3:85:40:11: 8a:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:20:61:FC:DE:CE:55:DC:D0:9C:FA:48:B4:0F:F5:1C:8B:78:1B:DE X509v3 Authority Key Identifier: keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:29:be:cb:4e:8f:83:9a:ce:ab:3d:44:f8:91:04:f8:23:f3: fc:4d:29:3e:38:40:d7:24:e8:db:e6:9b:a9:44:6d:dc:63:f9: a9:fb:1e:e5:64:c1:a5:6e:e1:89:c8:e1:23:f4:fd:99:46:00: e5:0b:c0:60:81:7c:03:cc:cd:3b:18:06:bd:b3:71:38:eb:b0: 19:2e:05:4f:f4:bc:2d:c2:b0:27:1b:5e:02:75:3b:50:ac:e8: 85:61:94:d3:cd:ab:f2:08:ae:a7:44:be:66:a6:a6:8e:7a:ba: e2:8d:96:fa:15:62:91:f2:6e:2d:53:ab:6f:10:0a:51:72:47: 45:da:e7:a0:26:f3:8e:74:69:02:42:04:5c:43:3a:87:5f:c0: 87:29:a8:fd:2c:c2:1b:10:45:2e:66:b4:8c:94:cf:bd:9c:95: 9d:83:10:b1:e9:21:79:40:80:2f:e7:d5:9a:a8:6c:01:1c:df: 62:a6:3c:08:99:c4:ae:6c:41:b6:27:51:97:54:9f:9e:4a:fb: 3f:bf:69:c1:63:81:c6:75:78:7d:ee:04:8f:21:df:01:7f:e9: 89:0c:99:19:38:d4:b9:78:b7:89:81:0f:14:79:a6:fc:34:d9: 7e:5c:30:69:a3:9e:f2:6f:34:57:c4:22:b2:9e:63:df:2b:dc: 37:97:3d:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtlDcbYl4u2l62E7Lpk3ehkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0 NGJiMzMwHhcNMjUxMjI4MTMwMjQwWhcNMjUxMjI5MTMwMjQwWjAzMTEwLwYDVQQD EyhlMzIwNjFmY2RlY2U1NWRjZDA5Y2ZhNDhiNDBmZjUxYzhiNzgxYmRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfWzI69zzMU9N54WOC1DT+5dK3MI N4oP8KOpVDVDd4O6Uzuirew1GAm/aha97RzVq1JrAlwoNioXVZL+8zoSs0aBEkTi JLHs0IoqyNmAmUKotFSxT/cChNQdSN2MJI1Mo2ibNpWTUVWSR9Gp+5YpSnAz4o3G 0pml+EBOjWSKMIbe+jle30oVFwUdgEe/M/rAAhYlgTJ4EUzd0Hej1dpQeN3LYy5H YTk8eJZqIfO+8Kty5PyzJm7M0el5m8LwQbe/iZ3DlpQf3oO00nJK+o7SQHMUQFgH n6EBbXfq8dXeUvDBnojlYyllFqAClvOrjW4BYISytzR14VkXKtOFQBGKswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOMgYfzezlXc0Jz6SLQP9RyLeBveMB8GA1UdIwQY MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASym+y06P g5rOqz1E+JEE+CPz/E0pPjhA1yTo2+abqURt3GP5qfse5WTBpW7hicjhI/T9mUYA 5QvAYIF8A8zNOxgGvbNxOOuwGS4FT/S8LcKwJxteAnU7UKzohWGU082r8giup0S+ Zqamjnq64o2W+hVikfJuLVOrbxAKUXJHRdrnoCbzjnRpAkIEXEM6h1/Ahymo/SzC GxBFLma0jJTPvZyVnYMQsekheUCAL+fVmqhsARzfYqY8CJnErmxBtidRl1Sfnkr7 P79pwWOBxnV4fe4EjyHfAX/piQyZGTjUuXi3iYEPFHmm/DTZflwwaaOe8m80V8Qi sp5j3yvcN5c90Q== -----END CERTIFICATE-----Generated at Sun Dec 28 20:11:16 2025 by rpki-client