This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft File: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft (raw, json) Hash identifier: J8rekAo/jh7jjfvF/dMc/p0QbGbfot5RPITmY/EY0Jc= Subject key identifier: 12:71:32:DB:3F:84:05:D3:8C:42:6C:AA:C9:F9:B4:27:79:71:14:F7 Authority key identifier: B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4 Certificate issuer: /CN=b284cdf0507443e16e509d57a229e914f73566a4 Certificate serial: 019B32316E9B09E0BCA82552D5B02C73CB27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft Manifest number: 1629 Signing time: Thu 18 Dec 2025 16:00:58 +0000 Manifest this update: Thu 18 Dec 2025 16:00:58 +0000 Manifest next update: Fri 19 Dec 2025 16:00:58 +0000 Files and hashes: 1: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl (hash: 5H8dOBygn6m5+Upy81uHsBZ4Fkqolr+XxT3YAdR0ujc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 16:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:6e:9b:09:e0:bc:a8:25:52:d5:b0:2c:73:cb:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b284cdf0507443e16e509d57a229e914f73566a4 Validity Not Before: Dec 18 16:00:58 2025 GMT Not After : Dec 19 16:00:58 2025 GMT Subject: CN=127132db3f8405d38c426caac9f9b427797114f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:47:e8:95:ef:4c:be:a8:ce:d3:7e:d7:ac:cd: 4d:cb:31:0c:6c:23:7a:61:2c:54:21:a4:10:2b:0e: 6d:05:5e:0a:37:4a:7b:f6:24:50:88:d8:54:5e:f6: ab:86:6c:30:4c:1e:f5:ce:1a:d4:3e:af:b8:89:89: 0c:15:11:f3:f3:df:6d:b1:11:7f:da:12:62:b8:b8: 64:35:3c:41:af:e1:a6:5b:3a:66:56:d1:c1:70:77: 61:b8:60:01:31:c7:4f:cd:53:20:94:84:3d:da:2d: 6b:c1:30:85:0a:2e:0f:d0:d6:1a:a8:dd:23:a7:6e: 51:c9:8f:94:78:dc:ee:04:09:91:c8:5b:8f:f3:16: 98:2e:00:a3:4e:c9:a2:70:5a:93:e6:e3:3c:87:37: 3b:b4:aa:59:49:77:10:88:29:27:dd:b4:dd:9a:e1: 31:b3:81:82:ad:80:01:6e:d9:f7:86:db:e4:c2:cc: 10:8f:40:37:96:80:c4:ef:e4:1e:df:cd:e6:4f:07: dc:f6:a2:77:21:e3:23:d4:52:25:01:fb:b6:e1:d7: c8:57:7d:dc:22:4b:69:47:c1:40:66:7d:16:35:1d: c7:14:5f:36:36:8d:47:a4:0d:3c:53:58:cc:e4:d6: 10:ba:b4:6c:5d:ed:4c:b7:9b:18:dc:17:64:d4:95: 19:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:71:32:DB:3F:84:05:D3:8C:42:6C:AA:C9:F9:B4:27:79:71:14:F7 X509v3 Authority Key Identifier: keyid:B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:2a:0f:db:ce:4b:d3:6f:84:72:37:11:c9:e5:0e:a6:f5:6a: 64:3b:07:f8:69:50:e0:a5:3d:7c:85:2a:13:b0:43:e2:51:ed: cb:e1:75:1f:ab:0e:6b:74:1f:b2:3b:cd:02:c5:50:00:da:35: c0:26:94:74:c0:93:1a:e5:8c:25:45:d1:37:12:89:9a:aa:8f: 8f:fe:c6:cc:76:fe:2a:cb:7b:7b:7d:c0:2e:b6:26:db:3b:dc: b3:2a:63:c6:64:76:a8:8d:c0:32:ed:16:b5:1a:db:68:6d:e3: ba:62:a1:13:d0:83:68:1e:a4:3c:1e:ed:1f:c0:40:7d:0c:2c: 5e:2b:90:5a:50:46:85:9c:bd:fb:25:0a:60:00:77:5b:3f:8a: 53:2b:5e:dc:55:cf:71:3a:bd:33:50:63:3a:e1:74:90:df:1f: e9:44:c7:a8:84:06:5a:ac:ef:2b:d0:83:0b:b9:67:7e:95:09: ed:d0:8b:34:e0:48:9a:46:5c:6f:40:03:3c:f9:6d:d4:0f:56: 78:ed:47:a5:9f:69:92:f1:c3:19:d4:d8:bc:b8:57:2c:17:05: 9d:0a:60:92:25:15:65:9b:d7:f2:76:71:97:35:f2:4b:d8:d2: 40:0d:18:4f:48:5c:28:a0:64:aa:55:fe:d7:44:f2:41:ea:b9: f3:e7:d7:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMW6bCeC8qCVS1bAsc8snMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyODRjZGYwNTA3NDQzZTE2ZTUwOWQ1N2EyMjllOTE0Zjcz NTY2YTQwHhcNMjUxMjE4MTYwMDU4WhcNMjUxMjE5MTYwMDU4WjAzMTEwLwYDVQQD EygxMjcxMzJkYjNmODQwNWQzOGM0MjZjYWFjOWY5YjQyNzc5NzExNGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEfole9MvqjO037XrM1NyzEMbCN6 YSxUIaQQKw5tBV4KN0p79iRQiNhUXvarhmwwTB71zhrUPq+4iYkMFRHz899tsRF/ 2hJiuLhkNTxBr+GmWzpmVtHBcHdhuGABMcdPzVMglIQ92i1rwTCFCi4P0NYaqN0j p25RyY+UeNzuBAmRyFuP8xaYLgCjTsmicFqT5uM8hzc7tKpZSXcQiCkn3bTdmuEx s4GCrYABbtn3htvkwswQj0A3loDE7+Qe383mTwfc9qJ3IeMj1FIlAfu24dfIV33c IktpR8FAZn0WNR3HFF82No1HpA08U1jM5NYQurRsXe1Mt5sY3Bdk1JUZywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBJxMts/hAXTjEJsqsn5tCd5cRT3MB8GA1UdIwQY MBaAFLKEzfBQdEPhblCdV6Ip6RT3NWakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMt ZGY1NmEyNDEwOThmLzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMtZGY1NmEyNDEwOThm LzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWSoP285L 02+EcjcRyeUOpvVqZDsH+GlQ4KU9fIUqE7BD4lHty+F1H6sOa3QfsjvNAsVQANo1 wCaUdMCTGuWMJUXRNxKJmqqPj/7GzHb+Kst7e33ALrYm2zvcsypjxmR2qI3AMu0W tRrbaG3jumKhE9CDaB6kPB7tH8BAfQwsXiuQWlBGhZy9+yUKYAB3Wz+KUyte3FXP cTq9M1BjOuF0kN8f6UTHqIQGWqzvK9CDC7lnfpUJ7dCLNOBImkZcb0ADPPlt1A9W eO1HpZ9pkvHDGdTYvLhXLBcFnQpgkiUVZZvX8nZxlzXyS9jSQA0YT0hcKKBkqlX+ 10TyQeq58+fXUQ== -----END CERTIFICATE-----Generated at Fri Dec 19 01:55:53 2025 by rpki-client