This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft File: 00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft (raw, json) Hash identifier: kscV5G1Oel/kentpwPvxSy/H3f4CaU7ntUgmI1+j9Ko= Subject key identifier: FA:D8:8A:02:37:B3:11:B9:8B:7B:F7:C4:0F:4E:88:4C:3E:CF:2D:BC Authority key identifier: D3:46:E5:D4:62:91:F6:BC:53:B9:65:86:50:51:BA:39:97:49:EB:2D Certificate issuer: /CN=d346e5d46291f6bc53b965865051ba399749eb2d Certificate serial: 019B2F302C0C3135AC3D872D5B41F0C32946 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00bl1GKR9rxTuWWGUFG6OZdJ6y0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft Manifest number: 0329 Signing time: Thu 18 Dec 2025 02:00:44 +0000 Manifest this update: Thu 18 Dec 2025 02:00:44 +0000 Manifest next update: Fri 19 Dec 2025 02:00:44 +0000 Files and hashes: 1: 00bl1GKR9rxTuWWGUFG6OZdJ6y0.crl (hash: GUC5mMU1znGSEKHGHOKUo1CgEtcJrZifL1e+LaW3HX8=) 2: gYQl8tX6UzR3RDmi_Q8x7-FjoRo.roa (hash: Ql10T2YHVZxrbMNqGA2K5KVTFR5OZbWrykLTc4F+v5A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft rsync://rpki.ripe.net/repository/DEFAULT/00bl1GKR9rxTuWWGUFG6OZdJ6y0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:30:2c:0c:31:35:ac:3d:87:2d:5b:41:f0:c3:29:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d346e5d46291f6bc53b965865051ba399749eb2d Validity Not Before: Dec 18 02:00:44 2025 GMT Not After : Dec 19 02:00:44 2025 GMT Subject: CN=fad88a0237b311b98b7bf7c40f4e884c3ecf2dbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:f9:7a:5c:3b:c8:0a:2b:5b:0d:03:f3:33:2d: 64:bf:98:4c:19:06:16:79:0f:77:2c:49:f8:ec:85: e4:70:b6:9d:3a:16:de:a6:49:70:5e:89:91:93:f0: 1b:09:12:e1:17:67:13:37:a7:f8:df:c0:49:43:2a: 52:95:ac:91:9f:c3:f9:3d:2c:d3:30:81:fe:9b:2e: 41:81:99:17:69:b4:6e:f8:a7:57:9c:40:6e:d5:0c: 71:2e:cf:1f:02:0d:ee:53:59:d2:4a:e4:f8:c5:b3: 4e:00:8e:45:3b:e5:31:5d:3e:90:40:d9:3d:20:12: d6:15:2e:72:ef:4f:2c:ab:df:a9:01:bd:f4:2d:3d: 54:38:47:cc:66:cb:da:3f:b3:28:80:05:5f:ee:e2: 89:70:6d:4d:ae:0c:b6:75:f1:2e:b2:76:6a:37:1f: 8e:8c:21:c7:1e:20:f6:cc:11:7c:de:32:8d:37:33: 3a:5b:66:6b:65:95:b7:d1:34:a0:e4:a0:99:76:29: 32:4b:a1:f8:72:95:7c:11:74:32:f1:1f:c4:31:88: 6d:ab:61:d6:04:83:8a:7a:54:bf:00:4a:93:66:df: 5b:08:88:64:b3:ea:e0:fb:6b:b2:22:49:86:7a:98: ba:5a:fb:e6:56:05:ff:77:75:3a:18:68:9a:fb:6b: 7a:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:D8:8A:02:37:B3:11:B9:8B:7B:F7:C4:0F:4E:88:4C:3E:CF:2D:BC X509v3 Authority Key Identifier: keyid:D3:46:E5:D4:62:91:F6:BC:53:B9:65:86:50:51:BA:39:97:49:EB:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00bl1GKR9rxTuWWGUFG6OZdJ6y0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:cc:eb:48:59:85:dc:9e:5f:fe:ac:13:de:6f:93:fd:84:fe: 69:78:5c:78:66:96:5d:c7:dd:4d:36:5f:7d:06:7f:40:b6:35: 32:53:57:95:f0:c0:79:09:cb:f6:75:0b:fa:9a:c8:89:0c:0f: b7:1d:c0:9c:cc:0b:37:cb:17:0f:c7:a3:a7:19:26:f8:6e:7b: fb:05:30:78:ee:94:f9:88:ab:c9:56:cf:c6:4a:e6:16:1f:a5: be:08:31:bf:67:97:8d:c1:c6:81:43:ee:95:4c:e5:2b:4a:a5: 78:34:79:dc:4b:5b:83:2b:18:78:b9:cc:8a:94:26:85:86:6a: ac:4e:1c:0d:f6:81:ff:1c:72:53:95:8b:ca:75:54:1e:b4:51: 3b:75:9e:51:2d:7d:93:a3:b3:91:a7:06:37:e0:e2:ec:cd:70: 88:a2:aa:ed:25:cf:36:40:93:98:8f:60:3b:e9:cb:02:71:bd: 69:5f:e3:16:1e:23:2d:b8:94:8e:ed:57:6e:d9:66:42:d0:07: 4d:ca:c1:c0:97:82:7c:77:bf:23:32:bc:3f:e8:8a:e0:20:e9: ec:8f:69:bf:e9:85:60:fa:7f:b7:32:cc:0e:9c:65:e4:d6:4a: dd:b4:39:1e:d7:a4:01:0b:27:95:84:37:61:ac:b8:4e:f0:e4: 8f:96:7b:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvMCwMMTWsPYctW0HwwylGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNDZlNWQ0NjI5MWY2YmM1M2I5NjU4NjUwNTFiYTM5OTc0 OWViMmQwHhcNMjUxMjE4MDIwMDQ0WhcNMjUxMjE5MDIwMDQ0WjAzMTEwLwYDVQQD EyhmYWQ4OGEwMjM3YjMxMWI5OGI3YmY3YzQwZjRlODg0YzNlY2YyZGJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Pl6XDvICitbDQPzMy1kv5hMGQYW eQ93LEn47IXkcLadOhbepklwXomRk/AbCRLhF2cTN6f438BJQypSlayRn8P5PSzT MIH+my5BgZkXabRu+KdXnEBu1QxxLs8fAg3uU1nSSuT4xbNOAI5FO+UxXT6QQNk9 IBLWFS5y708sq9+pAb30LT1UOEfMZsvaP7MogAVf7uKJcG1Nrgy2dfEusnZqNx+O jCHHHiD2zBF83jKNNzM6W2ZrZZW30TSg5KCZdikyS6H4cpV8EXQy8R/EMYhtq2HW BIOKelS/AEqTZt9bCIhks+rg+2uyIkmGepi6WvvmVgX/d3U6GGia+2t6NwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPrYigI3sxG5i3v3xA9OiEw+zy28MB8GA1UdIwQY MBaAFNNG5dRikfa8U7llhlBRujmXSestMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDBibDFHS1I5cnhUdVdXR1VGRzZPWmRKNnkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC83YzhlOWMtZWM0OC00YTkwLTg2ZTUt M2U5NDNmOTdmZjMxLzEvMDBibDFHS1I5cnhUdVdXR1VGRzZPWmRKNnkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC83YzhlOWMtZWM0OC00YTkwLTg2ZTUtM2U5NDNmOTdmZjMx LzEvMDBibDFHS1I5cnhUdVdXR1VGRzZPWmRKNnkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn8zrSFmF 3J5f/qwT3m+T/YT+aXhceGaWXcfdTTZffQZ/QLY1MlNXlfDAeQnL9nUL+prIiQwP tx3AnMwLN8sXD8ejpxkm+G57+wUweO6U+YiryVbPxkrmFh+lvggxv2eXjcHGgUPu lUzlK0qleDR53EtbgysYeLnMipQmhYZqrE4cDfaB/xxyU5WLynVUHrRRO3WeUS19 k6OzkacGN+Di7M1wiKKq7SXPNkCTmI9gO+nLAnG9aV/jFh4jLbiUju1XbtlmQtAH TcrBwJeCfHe/IzK8P+iK4CDp7I9pv+mFYPp/tzLMDpxl5NZK3bQ5HtekAQsnlYQ3 Yay4TvDkj5Z7Sg== -----END CERTIFICATE-----Generated at Thu Dec 18 06:54:44 2025 by rpki-client