This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft File: SRodzN7JXOWDRq33ARJj1k6TtNE.mft (raw, json) Hash identifier: jq/xuLtathThEufaEpCoL3Elf3K6/tWrktOwoHGgJb4= Subject key identifier: DA:89:41:B8:BE:6D:B2:23:8D:95:63:50:B1:BC:DE:F5:60:9C:86:2E Authority key identifier: 49:1A:1D:CC:DE:C9:5C:E5:83:46:AD:F7:01:12:63:D6:4E:93:B4:D1 Certificate issuer: /CN=491a1dccdec95ce58346adf7011263d64e93b4d1 Certificate serial: 019B5AF6791BB2D2792ACAE53B88E5485012 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SRodzN7JXOWDRq33ARJj1k6TtNE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft Manifest number: 010B Signing time: Fri 26 Dec 2025 14:01:00 +0000 Manifest this update: Fri 26 Dec 2025 14:01:00 +0000 Manifest next update: Sat 27 Dec 2025 14:01:00 +0000 Files and hashes: 1: SRodzN7JXOWDRq33ARJj1k6TtNE.crl (hash: CxtW70NSVOgq9QCpcUUIKuf3Dfd6aavXON+RiV+TXZs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft rsync://rpki.ripe.net/repository/DEFAULT/SRodzN7JXOWDRq33ARJj1k6TtNE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:79:1b:b2:d2:79:2a:ca:e5:3b:88:e5:48:50:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=491a1dccdec95ce58346adf7011263d64e93b4d1 Validity Not Before: Dec 26 14:01:00 2025 GMT Not After : Dec 27 14:01:00 2025 GMT Subject: CN=da8941b8be6db2238d956350b1bcdef5609c862e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:93:56:6d:17:8e:dc:c0:31:3b:cb:32:7c:77: db:d3:10:d0:15:e3:96:67:2a:ce:74:b9:89:6f:2d: 47:5d:2e:5b:42:be:9f:9e:82:20:3e:92:58:1c:1e: 0b:ea:8d:7f:b2:2f:61:39:5a:60:4b:f4:f8:5e:e0: 30:23:40:5b:27:25:27:58:c2:6f:dd:63:d1:86:e0: a4:de:71:7a:28:bf:35:58:41:ad:f3:51:df:7d:2d: ac:59:47:64:d3:ca:57:df:6a:42:e0:ca:48:f7:99: ec:f0:bc:3f:4b:b3:d1:48:ce:24:eb:cc:ae:22:b4: 5f:50:b0:15:a8:d8:68:91:94:3e:84:f8:41:89:f5: 05:03:5b:26:25:b3:2b:60:84:3d:3a:8e:30:b6:ee: 53:7e:9a:3b:31:ef:76:d6:6f:8f:a8:2c:44:bf:44: a0:a1:90:4d:5d:a8:b7:67:e9:ee:60:8b:b3:fa:a2: 86:eb:7c:98:36:1f:7f:8b:cd:c0:dd:dd:25:99:14: 72:c3:38:81:a2:f0:50:de:94:c6:16:bf:0f:05:6c: f0:f7:cf:e2:d1:10:ba:be:cd:98:a3:af:6e:99:44: da:2d:3f:43:62:3b:4c:c0:dd:b5:c6:0a:be:9d:69: 4b:21:68:cc:d5:38:3a:a3:2c:b9:3f:5c:97:f6:10: fc:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:89:41:B8:BE:6D:B2:23:8D:95:63:50:B1:BC:DE:F5:60:9C:86:2E X509v3 Authority Key Identifier: keyid:49:1A:1D:CC:DE:C9:5C:E5:83:46:AD:F7:01:12:63:D6:4E:93:B4:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SRodzN7JXOWDRq33ARJj1k6TtNE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:9a:57:b6:08:ff:e5:67:ab:21:f6:50:cd:08:42:b7:62:91: ed:98:46:34:8e:85:e0:65:ca:c4:8f:a3:c2:9c:f3:03:88:ef: d0:22:85:10:2f:66:f9:50:ec:92:a9:a5:a5:bb:fb:85:ab:84: 19:4b:1e:fc:35:fb:db:6d:99:f1:d2:13:df:d5:b1:4f:17:80: 80:99:9a:86:3d:76:5c:0c:cf:c5:a0:dd:35:78:08:f1:cd:a2: ce:be:01:77:2a:f2:c2:2a:df:d9:89:4c:3f:ad:b0:23:86:be: 60:95:35:4c:c5:32:89:21:30:d0:95:6e:1f:5a:f2:78:f8:c5: 34:66:07:90:8c:50:ba:02:57:f8:02:3b:f6:22:84:1b:bf:61: e5:de:7c:ae:48:6d:dd:de:1a:fe:7d:bb:ae:40:f6:b3:2a:2f: bd:8c:c0:3f:a3:2f:f1:2b:c7:b1:ba:bc:fe:c9:b0:63:09:1e: 95:80:c9:11:95:55:b7:81:24:34:37:db:03:06:aa:d0:4f:00: f5:6a:26:5f:30:57:57:6a:f7:1f:61:a2:d2:d6:da:ee:bb:f7: be:a7:65:54:65:6b:6b:51:05:60:90:1e:ec:2f:88:38:02:71: 4a:6f:4e:fb:0a:64:b4:fa:93:9d:28:0f:22:44:3f:f7:0e:b2: ba:7e:96:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9nkbstJ5KsrlO4jlSFASMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5MWExZGNjZGVjOTVjZTU4MzQ2YWRmNzAxMTI2M2Q2NGU5 M2I0ZDEwHhcNMjUxMjI2MTQwMTAwWhcNMjUxMjI3MTQwMTAwWjAzMTEwLwYDVQQD EyhkYTg5NDFiOGJlNmRiMjIzOGQ5NTYzNTBiMWJjZGVmNTYwOWM4NjJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5NWbReO3MAxO8syfHfb0xDQFeOW ZyrOdLmJby1HXS5bQr6fnoIgPpJYHB4L6o1/si9hOVpgS/T4XuAwI0BbJyUnWMJv 3WPRhuCk3nF6KL81WEGt81HffS2sWUdk08pX32pC4MpI95ns8Lw/S7PRSM4k68yu IrRfULAVqNhokZQ+hPhBifUFA1smJbMrYIQ9Oo4wtu5Tfpo7Me921m+PqCxEv0Sg oZBNXai3Z+nuYIuz+qKG63yYNh9/i83A3d0lmRRywziBovBQ3pTGFr8PBWzw98/i 0RC6vs2Yo69umUTaLT9DYjtMwN21xgq+nWlLIWjM1Tg6oyy5P1yX9hD8WQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNqJQbi+bbIjjZVjULG83vVgnIYuMB8GA1UdIwQY MBaAFEkaHczeyVzlg0at9wESY9ZOk7TRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1JvZHpON0pYT1dEUnEzM0FSSmoxazZUdE5FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8yMGIyYzctOTAwOS00NWEwLTg5OWQt OWM0MGVmNjkxNTViLzEvU1JvZHpON0pYT1dEUnEzM0FSSmoxazZUdE5FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8yMGIyYzctOTAwOS00NWEwLTg5OWQtOWM0MGVmNjkxNTVi LzEvU1JvZHpON0pYT1dEUnEzM0FSSmoxazZUdE5FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJpXtgj/ 5WerIfZQzQhCt2KR7ZhGNI6F4GXKxI+jwpzzA4jv0CKFEC9m+VDskqmlpbv7hauE GUse/DX7222Z8dIT39WxTxeAgJmahj12XAzPxaDdNXgI8c2izr4Bdyrywirf2YlM P62wI4a+YJU1TMUyiSEw0JVuH1ryePjFNGYHkIxQugJX+AI79iKEG79h5d58rkht 3d4a/n27rkD2syovvYzAP6Mv8SvHsbq8/smwYwkelYDJEZVVt4EkNDfbAwaq0E8A 9WomXzBXV2r3H2Gi0tba7rv3vqdlVGVra1EFYJAe7C+IOAJxSm9O+wpktPqTnSgP IkQ/9w6yun6WQA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:43 2025 by rpki-client