This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft File: pol1o9gy4UUny7or4QujwebGOFY.mft (raw, json) Hash identifier: b30C4jZt9cJuBuWC7pTPj8V/bXgBJiNSTutVdHhL1OA= Subject key identifier: 8D:3A:1F:BE:B8:2D:D7:E0:CE:DB:AA:6E:50:8B:98:AF:10:F4:72:D1 Authority key identifier: A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56 Certificate issuer: /CN=a68975a3d832e14527cbba2be10ba3c1e6c63856 Certificate serial: 019B4DE05E0E51791D6674DF9D7FCEFF00C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft Manifest number: 0765 Signing time: Wed 24 Dec 2025 01:01:48 +0000 Manifest this update: Wed 24 Dec 2025 01:01:48 +0000 Manifest next update: Thu 25 Dec 2025 01:01:48 +0000 Files and hashes: 1: pol1o9gy4UUny7or4QujwebGOFY.crl (hash: LQ4K4DHfa0fD61S2FRdmrpLZiST2LKvHU2NWL5Y/R2E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 19:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:e0:5e:0e:51:79:1d:66:74:df:9d:7f:ce:ff:00:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a68975a3d832e14527cbba2be10ba3c1e6c63856 Validity Not Before: Dec 24 01:01:48 2025 GMT Not After : Dec 25 01:01:48 2025 GMT Subject: CN=8d3a1fbeb82dd7e0cedbaa6e508b98af10f472d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:7a:37:db:79:aa:38:12:12:c1:47:fb:6b:61: d3:d0:e9:bf:09:6c:29:20:12:25:08:8e:d2:56:34: a4:9d:d7:50:b0:57:24:cf:f0:df:0a:88:74:2f:cb: e8:d1:18:46:5a:d8:e2:14:a5:3b:24:69:bb:f3:4d: 4a:58:62:7a:91:6b:cb:8a:f6:1d:ec:fb:92:9f:5b: e4:87:c9:68:d1:44:ff:ca:b4:54:2a:53:54:50:a7: 69:cd:2d:a2:7a:46:e3:05:16:33:cd:b0:07:2c:0c: ac:d4:30:c8:43:cf:fa:83:a8:58:ea:b5:4b:24:db: 57:5b:68:c9:00:ad:c0:c1:e7:24:aa:c2:0b:6c:e5: 11:81:53:18:13:9f:03:52:e2:4a:40:87:af:77:a7: 82:d9:c4:d4:23:83:7e:e3:28:28:44:98:8a:58:8e: 38:ca:20:d4:a0:eb:3e:a6:a3:44:a0:62:83:03:40: 98:06:7f:98:93:45:b9:2d:ca:0d:8b:1d:02:37:2c: 6a:18:26:4c:a8:3b:ec:88:9b:cf:0c:96:41:ed:09: a4:8e:70:30:3b:ce:bb:06:c3:41:4a:49:20:a7:c2: 86:80:86:7c:0f:ed:28:67:2e:c8:dc:c5:de:e8:32: b4:e3:0b:43:f3:0c:0e:a4:56:41:ee:00:ad:b1:61: 6b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:3A:1F:BE:B8:2D:D7:E0:CE:DB:AA:6E:50:8B:98:AF:10:F4:72:D1 X509v3 Authority Key Identifier: keyid:A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:e8:55:32:a8:44:fc:3a:f0:ec:64:e8:34:f2:5a:07:88:09: 09:93:ef:56:07:51:5a:50:a4:6f:1d:10:81:b5:38:b3:35:b6: 47:d9:eb:a2:37:16:85:a6:90:10:0c:0f:d6:4a:4f:d9:41:f5: b8:80:e5:63:1f:6c:ed:f4:6c:c4:f6:7f:62:15:af:cd:c4:97: 41:df:3c:83:39:b5:5d:1d:6d:7c:91:02:7c:25:1a:23:4b:63: 52:84:c1:fc:17:bd:73:a6:6a:f4:a9:62:fb:bd:e4:01:48:36: b2:1c:88:5c:03:5d:63:30:08:8b:e1:a8:7a:69:17:db:15:a7: dd:61:63:7c:e8:61:c0:b5:56:f4:bc:68:ec:1c:23:8d:c4:31: a6:61:41:b5:bd:cb:c6:ac:49:cf:7a:bb:1a:ec:09:ca:c9:61: 83:cf:39:ed:3e:ac:05:e9:78:e2:dd:4e:ad:0b:21:d4:70:3e: ec:0b:d5:33:99:f8:5e:15:ff:ee:c7:47:d7:d1:7f:2b:14:8b: 4d:2b:01:c8:07:4c:fc:f8:55:f7:f5:a8:71:d2:b5:8b:b8:9a: 7c:7a:70:80:c2:ac:1f:ba:1b:e3:67:2e:d1:bd:10:d7:71:ac: 65:ec:d5:76:e3:a8:e2:e6:a4:b5:ea:c9:4c:ad:0c:b8:38:53: 49:64:af:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtN4F4OUXkdZnTfnX/O/wDGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2ODk3NWEzZDgzMmUxNDUyN2NiYmEyYmUxMGJhM2MxZTZj NjM4NTYwHhcNMjUxMjI0MDEwMTQ4WhcNMjUxMjI1MDEwMTQ4WjAzMTEwLwYDVQQD Eyg4ZDNhMWZiZWI4MmRkN2UwY2VkYmFhNmU1MDhiOThhZjEwZjQ3MmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHo323mqOBISwUf7a2HT0Om/CWwp IBIlCI7SVjSknddQsFckz/DfCoh0L8vo0RhGWtjiFKU7JGm7801KWGJ6kWvLivYd 7PuSn1vkh8lo0UT/yrRUKlNUUKdpzS2iekbjBRYzzbAHLAys1DDIQ8/6g6hY6rVL JNtXW2jJAK3AweckqsILbOURgVMYE58DUuJKQIevd6eC2cTUI4N+4ygoRJiKWI44 yiDUoOs+pqNEoGKDA0CYBn+Yk0W5LcoNix0CNyxqGCZMqDvsiJvPDJZB7QmkjnAw O867BsNBSkkgp8KGgIZ8D+0oZy7I3MXe6DK04wtD8wwOpFZB7gCtsWFrXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI06H764LdfgztuqblCLmK8Q9HLRMB8GA1UdIwQY MBaAFKaJdaPYMuFFJ8u6K+ELo8HmxjhWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUt MTMxNmFkODA1ZTY0LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUtMTMxNmFkODA1ZTY0 LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJuhVMqhE /Drw7GToNPJaB4gJCZPvVgdRWlCkbx0QgbU4szW2R9nrojcWhaaQEAwP1kpP2UH1 uIDlYx9s7fRsxPZ/YhWvzcSXQd88gzm1XR1tfJECfCUaI0tjUoTB/Be9c6Zq9Kli +73kAUg2shyIXANdYzAIi+GoemkX2xWn3WFjfOhhwLVW9Lxo7BwjjcQxpmFBtb3L xqxJz3q7GuwJyslhg8857T6sBel44t1OrQsh1HA+7AvVM5n4XhX/7sdH19F/KxSL TSsByAdM/PhV9/WocdK1i7iafHpwgMKsH7ob42cu0b0Q13GsZezVduOo4uakterJ TK0MuDhTSWSv5w== -----END CERTIFICATE-----Generated at Wed Dec 24 04:29:18 2025 by rpki-client