This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft File: soehvthfaZtS-gaqGeUc8liPFLk.mft (raw, json) Hash identifier: iqQ86t9337R+qI2EZBbECdoaZa0/qq5I+BwFGps0v/k= Subject key identifier: 4F:6C:60:A5:BC:AD:E2:76:75:A6:B0:0D:8D:A9:D1:1C:62:13:04:B9 Authority key identifier: B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9 Certificate issuer: /CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9 Certificate serial: 019B19BB694187033F349C2F0CEDA5D3578C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft Manifest number: 1218 Signing time: Sat 13 Dec 2025 22:01:11 +0000 Manifest this update: Sat 13 Dec 2025 22:01:11 +0000 Manifest next update: Sun 14 Dec 2025 22:01:11 +0000 Files and hashes: 1: soehvthfaZtS-gaqGeUc8liPFLk.crl (hash: Oc40mXg0LKH6a60NkD5V9ZlJPdAafKduY5Yu0eD9Y3E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bb:69:41:87:03:3f:34:9c:2f:0c:ed:a5:d3:57:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b287a1bed85f699b52fa06aa19e51cf2588f14b9 Validity Not Before: Dec 13 22:01:11 2025 GMT Not After : Dec 14 22:01:11 2025 GMT Subject: CN=4f6c60a5bcade27675a6b00d8da9d11c621304b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4a:8b:2a:b5:39:be:85:9b:b3:d6:f7:80:2c: 9f:f5:2b:ac:e4:20:5a:65:4e:37:e0:b9:31:89:1b: f3:88:fd:ad:5d:5e:49:a9:8a:39:0f:0e:61:d7:cc: eb:c0:c2:28:02:e5:85:37:03:d2:11:2a:aa:71:d2: 40:ce:fc:85:88:2a:79:1f:64:bc:a7:98:04:0a:6d: f3:a2:ea:81:3a:4c:86:8b:7d:6c:88:a1:64:d3:14: c4:90:83:41:f4:0d:53:ff:19:df:4f:e6:e6:84:9a: c4:89:55:5e:79:e5:06:e4:39:44:0d:3f:88:e6:c7: 6c:b7:9d:f0:a6:58:2b:a6:44:47:7b:f3:83:60:03: 4a:c0:46:e5:67:fc:de:30:c7:36:a3:f9:85:dc:65: 42:99:d1:d7:aa:88:7c:21:14:99:bc:55:2d:c0:db: 1c:ba:ab:b4:53:d7:e6:55:5d:88:98:b4:f2:00:da: 3e:98:4a:6f:af:4f:1b:3b:23:d7:9f:f5:e4:c2:9e: cc:13:4b:40:e4:e3:fb:ff:fe:ad:61:d2:e8:f2:90: af:e8:d7:e1:94:69:c6:64:ad:cd:ab:90:67:33:32: 1d:db:4b:69:90:aa:18:5d:4f:4c:2b:42:dc:0e:de: 35:68:91:0d:2b:08:e3:4f:17:63:cc:b0:9f:86:b6: 31:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:6C:60:A5:BC:AD:E2:76:75:A6:B0:0D:8D:A9:D1:1C:62:13:04:B9 X509v3 Authority Key Identifier: keyid:B2:87:A1:BE:D8:5F:69:9B:52:FA:06:AA:19:E5:1C:F2:58:8F:14:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soehvthfaZtS-gaqGeUc8liPFLk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0a277e-0656-4cfe-a8a8-02e3d9e02eec/1/soehvthfaZtS-gaqGeUc8liPFLk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:7c:0d:6e:18:75:25:71:4d:9c:81:a3:c0:35:f8:73:ce:6f: 8a:8e:e8:85:03:0f:37:78:6a:10:0a:62:5f:67:ee:4c:f9:c6: 75:03:51:af:27:14:18:21:b6:55:4e:1a:e3:69:7f:b5:d8:d9: 02:b9:0e:fc:95:05:aa:dc:67:13:bb:eb:4a:c0:35:ad:df:38: 40:32:24:13:50:fa:ed:a4:df:36:6a:7f:8f:4e:54:72:cd:19: 23:1b:da:0d:71:aa:95:9b:96:cf:2e:fa:7d:14:12:20:9d:52: eb:3a:bf:11:1d:00:52:98:87:ce:8a:20:f0:f6:08:81:4b:60: 4d:b6:e6:39:a8:f2:4f:aa:0e:52:8e:c9:aa:4d:28:37:d0:b1: fd:41:d1:2a:57:1d:f1:b0:a2:28:6c:95:e0:23:5d:c1:91:8c: c1:c4:f0:90:a0:53:dd:fd:fc:4f:54:96:ca:54:68:2c:1a:98: e5:bf:7f:05:46:e1:fb:73:8e:17:30:48:5e:4a:2b:9f:70:9d: 50:58:82:11:12:d3:c7:87:91:2a:40:77:bc:84:43:b5:4f:f7: f1:4e:ff:cf:92:9c:89:fb:b5:05:4c:49:47:08:ec:13:48:13: 20:e7:16:6d:c0:07:86:fa:67:ba:07:81:5b:84:36:42:79:55: ab:7e:84:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZu2lBhwM/NJwvDO2l01eMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyODdhMWJlZDg1ZjY5OWI1MmZhMDZhYTE5ZTUxY2YyNTg4 ZjE0YjkwHhcNMjUxMjEzMjIwMTExWhcNMjUxMjE0MjIwMTExWjAzMTEwLwYDVQQD Eyg0ZjZjNjBhNWJjYWRlMjc2NzVhNmIwMGQ4ZGE5ZDExYzYyMTMwNGI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0qLKrU5voWbs9b3gCyf9Sus5CBa ZU434LkxiRvziP2tXV5JqYo5Dw5h18zrwMIoAuWFNwPSESqqcdJAzvyFiCp5H2S8 p5gECm3zouqBOkyGi31siKFk0xTEkINB9A1T/xnfT+bmhJrEiVVeeeUG5DlEDT+I 5sdst53wplgrpkRHe/ODYANKwEblZ/zeMMc2o/mF3GVCmdHXqoh8IRSZvFUtwNsc uqu0U9fmVV2ImLTyANo+mEpvr08bOyPXn/Xkwp7ME0tA5OP7//6tYdLo8pCv6Nfh lGnGZK3Nq5BnMzId20tpkKoYXU9MK0LcDt41aJENKwjjTxdjzLCfhrYxNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE9sYKW8reJ2daawDY2p0RxiEwS5MB8GA1UdIwQY MBaAFLKHob7YX2mbUvoGqhnlHPJYjxS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgt MDJlM2Q5ZTAyZWVjLzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC8wYTI3N2UtMDY1Ni00Y2ZlLWE4YTgtMDJlM2Q5ZTAyZWVj LzEvc29laHZ0aGZhWnRTLWdhcUdlVWM4bGlQRkxrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJHwNbhh1 JXFNnIGjwDX4c85vio7ohQMPN3hqEApiX2fuTPnGdQNRrycUGCG2VU4a42l/tdjZ ArkO/JUFqtxnE7vrSsA1rd84QDIkE1D67aTfNmp/j05Ucs0ZIxvaDXGqlZuWzy76 fRQSIJ1S6zq/ER0AUpiHzoog8PYIgUtgTbbmOajyT6oOUo7Jqk0oN9Cx/UHRKlcd 8bCiKGyV4CNdwZGMwcTwkKBT3f38T1SWylRoLBqY5b9/BUbh+3OOFzBIXkorn3Cd UFiCERLTx4eRKkB3vIRDtU/38U7/z5Kcifu1BUxJRwjsE0gTIOcWbcAHhvpnugeB W4Q2QnlVq36EXA== -----END CERTIFICATE-----Generated at Sun Dec 14 01:57:09 2025 by rpki-client