This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft File: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft (raw, json) Hash identifier: rfptXGbiIhr56bKaE7IkVerC4AoQE0kfNYcvCmSX63c= Subject key identifier: 2A:2C:30:6E:B1:A8:30:77:F6:75:0C:C1:24:E8:EA:F0:6A:85:84:EC Authority key identifier: B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4 Certificate issuer: /CN=b284cdf0507443e16e509d57a229e914f73566a4 Certificate serial: 019B20D0230C60ECDE7AB6F785BDF654AA0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft Manifest number: 1620 Signing time: Mon 15 Dec 2025 07:01:09 +0000 Manifest this update: Mon 15 Dec 2025 07:01:09 +0000 Manifest next update: Tue 16 Dec 2025 07:01:09 +0000 Files and hashes: 1: soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl (hash: 8Oao16L6B3ZkEC++mR+87b9piWH6/ZiE5/WMZ3/3woA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 07:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:d0:23:0c:60:ec:de:7a:b6:f7:85:bd:f6:54:aa:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b284cdf0507443e16e509d57a229e914f73566a4 Validity Not Before: Dec 15 07:01:09 2025 GMT Not After : Dec 16 07:01:09 2025 GMT Subject: CN=2a2c306eb1a83077f6750cc124e8eaf06a8584ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:bc:6a:70:88:98:72:42:1b:82:54:91:14:bb: c5:ba:3e:a0:bc:2a:41:79:e4:23:9f:c3:fb:c3:89: d5:2c:05:d7:56:c5:67:a8:54:44:c0:f4:69:d7:5d: e0:c4:1f:e0:2f:1a:6a:dc:38:d9:75:8e:01:54:42: 20:67:8a:48:46:8d:d6:43:ef:75:a1:50:38:a8:69: b4:2d:e4:82:27:33:65:1c:06:49:56:53:f5:05:0d: 9b:fe:83:ee:75:01:ab:5d:39:27:98:e3:84:15:58: 9f:b1:96:9e:04:35:2a:6a:90:f0:df:d0:1f:1d:b4: a8:d1:29:27:bc:bd:19:4b:26:12:be:0d:a3:1d:66: 80:10:73:5e:c7:7d:94:48:0c:b4:80:03:ba:d3:9c: 48:a0:7e:80:76:19:69:b3:f3:e2:d5:d5:e5:40:6b: 6f:f3:84:3f:e6:67:c2:5f:97:f7:c0:c2:a1:82:1a: 2e:c7:a5:8d:e6:2f:25:c7:70:da:a3:48:93:a5:df: d1:3e:60:33:5a:6b:1c:d8:55:e1:81:bb:96:c2:11: 14:b5:39:d6:8e:0f:69:c3:fa:67:18:02:d3:b3:ae: 60:16:b1:44:7f:07:ae:91:ec:33:6f:62:96:f1:fc: db:16:fc:88:8e:3f:d8:08:80:7b:58:5b:a4:14:0d: f6:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:2C:30:6E:B1:A8:30:77:F6:75:0C:C1:24:E8:EA:F0:6A:85:84:EC X509v3 Authority Key Identifier: keyid:B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:d4:ac:e8:7e:a8:1c:02:0f:8b:2f:d8:4b:7d:88:45:c3:5b: 9e:1d:fe:a4:5e:cc:ed:2d:86:cc:ef:19:e5:49:d9:e4:c5:c5: 42:a7:08:88:17:d5:91:9e:cd:d3:19:9b:5c:62:e6:14:43:d2: 4b:5f:cf:a7:6c:76:f4:79:67:f4:77:ee:5d:41:b6:62:76:8d: 25:2e:a5:21:9b:45:c1:52:5f:34:0a:02:e6:af:7b:20:eb:a0: 07:9f:35:30:b9:0b:85:26:c4:55:5e:25:1f:85:11:1d:37:63: 40:d5:96:b1:18:cb:90:2d:b2:e8:1f:b4:cf:d5:93:4d:8d:31: ac:5e:66:e7:77:1c:96:09:cc:ef:f2:ab:5b:e7:46:0c:54:f0: eb:1a:73:bc:68:d3:b3:93:e0:71:a6:77:ce:53:94:3f:7e:1c: e2:45:5f:5e:80:6f:a7:29:a9:70:5a:a7:18:67:34:fa:96:b2: db:ae:f3:fc:05:05:16:e7:69:a1:44:de:01:11:0e:c5:f6:27: dd:95:de:88:46:9c:c1:b8:d0:f4:31:bb:3d:af:b1:0f:e7:e8: 38:ef:26:ea:68:85:ab:dd:f6:61:31:9f:b7:61:b8:a6:22:ca: e3:49:4a:11:d4:e5:65:d0:24:28:9b:d3:73:d3:9b:de:60:cf: d2:14:6b:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsg0CMMYOzeerb3hb32VKoNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyODRjZGYwNTA3NDQzZTE2ZTUwOWQ1N2EyMjllOTE0Zjcz NTY2YTQwHhcNMjUxMjE1MDcwMTA5WhcNMjUxMjE2MDcwMTA5WjAzMTEwLwYDVQQD EygyYTJjMzA2ZWIxYTgzMDc3ZjY3NTBjYzEyNGU4ZWFmMDZhODU4NGVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7xqcIiYckIbglSRFLvFuj6gvCpB eeQjn8P7w4nVLAXXVsVnqFREwPRp113gxB/gLxpq3DjZdY4BVEIgZ4pIRo3WQ+91 oVA4qGm0LeSCJzNlHAZJVlP1BQ2b/oPudQGrXTknmOOEFVifsZaeBDUqapDw39Af HbSo0SknvL0ZSyYSvg2jHWaAEHNex32USAy0gAO605xIoH6Adhlps/Pi1dXlQGtv 84Q/5mfCX5f3wMKhghoux6WN5i8lx3Dao0iTpd/RPmAzWmsc2FXhgbuWwhEUtTnW jg9pw/pnGALTs65gFrFEfweukewzb2KW8fzbFvyIjj/YCIB7WFukFA32vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCosMG6xqDB39nUMwSTo6vBqhYTsMB8GA1UdIwQY MBaAFLKEzfBQdEPhblCdV6Ip6RT3NWakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMt ZGY1NmEyNDEwOThmLzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9hMzgyOGQtMGY1MS00ZGEwLTg0MzMtZGY1NmEyNDEwOThm LzEvc29UTjhGQjBRLUZ1VUoxWG9pbnBGUGMxWnFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALNSs6H6o HAIPiy/YS32IRcNbnh3+pF7M7S2GzO8Z5UnZ5MXFQqcIiBfVkZ7N0xmbXGLmFEPS S1/Pp2x29Hln9HfuXUG2YnaNJS6lIZtFwVJfNAoC5q97IOugB581MLkLhSbEVV4l H4URHTdjQNWWsRjLkC2y6B+0z9WTTY0xrF5m53cclgnM7/KrW+dGDFTw6xpzvGjT s5PgcaZ3zlOUP34c4kVfXoBvpympcFqnGGc0+pay267z/AUFFudpoUTeAREOxfYn 3ZXeiEacwbjQ9DG7Pa+xD+foOO8m6miFq932YTGft2G4piLK40lKEdTlZdAkKJvT c9Ob3mDP0hRrOg== -----END CERTIFICATE-----Generated at Mon Dec 15 16:53:00 2025 by rpki-client