This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft File: oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json) Hash identifier: MnNg37RV9P5BY+z9cRFUZHhAriWdX/El4kjgCZqJ0u0= Subject key identifier: 10:44:F9:42:F7:DE:EE:F1:F2:85:3F:AC:4D:80:CD:09:F4:64:9C:B2 Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB Certificate issuer: /CN=a0252fe9b42a643f477e5846619aae886917effb Certificate serial: 019B5A51B03AAC41282749381227145CB029 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft Manifest number: 1580 Signing time: Fri 26 Dec 2025 11:01:01 +0000 Manifest this update: Fri 26 Dec 2025 11:01:01 +0000 Manifest next update: Sat 27 Dec 2025 11:01:01 +0000 Files and hashes: 1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: SLXbxvnWXgHTj17C2iGaKkTTyKMdxR61kYJU2Q03C4A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:b0:3a:ac:41:28:27:49:38:12:27:14:5c:b0:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb Validity Not Before: Dec 26 11:01:01 2025 GMT Not After : Dec 27 11:01:01 2025 GMT Subject: CN=1044f942f7deeef1f2853fac4d80cd09f4649cb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e3:a1:0f:70:7b:36:ee:5a:07:7c:3f:c6:7a: 73:d0:f1:8f:40:76:09:61:31:b6:88:6f:42:0e:f7: 09:6c:c4:0d:98:cd:4c:99:1d:2d:5d:bb:49:78:e8: 52:b8:ed:8e:43:72:72:0f:34:14:16:c7:db:9c:9c: d8:e2:3a:a7:23:0e:4f:f0:cd:ec:fb:45:e8:0d:0f: bc:55:42:be:1f:96:96:27:33:1a:65:dd:da:ac:33: 13:f7:64:e6:08:bc:29:17:72:cd:bd:5e:0c:84:47: b4:b6:b0:5a:9b:37:42:23:6d:a9:db:34:b7:5b:30: 4c:a0:01:a4:6c:e1:da:85:b1:4f:e3:91:81:b7:50: 21:ca:ac:76:e1:90:ba:e5:62:a9:82:a9:79:f5:99: b2:13:2c:0d:35:32:cd:29:1f:39:85:bf:c0:16:e1: 1c:9e:06:5a:97:f0:3f:7f:7f:4e:b2:bc:b1:b5:5e: 94:30:c8:be:dc:bc:db:af:17:e3:19:7e:7e:1e:0a: cf:38:8f:2f:79:44:1b:bc:6f:26:54:ba:6c:12:b7: 72:88:f0:f3:a0:15:76:0f:44:ae:a1:07:38:6a:28: 94:cb:ac:37:75:31:97:dc:f4:73:23:96:6f:62:54: 63:78:92:f3:81:87:47:f1:00:55:13:05:aa:ef:7a: fe:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:44:F9:42:F7:DE:EE:F1:F2:85:3F:AC:4D:80:CD:09:F4:64:9C:B2 X509v3 Authority Key Identifier: keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:75:22:10:9d:92:1c:71:8d:0e:02:dc:49:ac:98:2a:cf:e3: fa:0d:94:70:bc:d0:54:54:6a:e2:f4:1f:94:7f:d7:1d:3c:a2: a9:b7:73:c8:0b:d8:c3:e3:a8:fa:b8:31:d5:48:88:e9:2a:41: ee:ba:b7:6d:4f:de:65:7a:96:9c:e9:30:7c:32:0a:ac:bc:c8: 52:96:1d:c1:6f:72:75:aa:13:1c:f2:f1:5d:9e:c1:65:83:77: 65:77:fa:8a:f2:d6:2f:d2:a8:8e:99:d4:46:0d:d1:77:05:40: e2:99:67:9a:cb:2b:48:90:52:64:cd:0c:ed:de:a9:3f:c5:1f: fc:19:0b:47:91:3b:28:46:62:a3:af:cb:30:64:8f:f2:05:a8: 59:dd:ea:b4:dd:15:0c:d7:a1:cd:92:5a:e4:f1:63:ff:c5:51: b1:ad:ee:62:04:62:a5:49:d6:06:0b:2b:b2:21:57:d0:56:45: a3:2d:45:5d:70:cc:9c:23:c4:e2:f0:91:49:cf:3f:9d:2d:63: 8b:8c:b2:3a:08:55:95:65:ca:cc:54:05:7b:dc:39:6a:9f:6e: a0:10:82:24:4b:cf:d0:80:a6:12:3a:63:a1:a7:35:1e:4c:9a: 2b:d6:d6:04:ba:dd:47:eb:63:8c:1e:ee:ee:11:54:59:52:27: c7:d6:70:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUbA6rEEoJ0k4EicUXLApMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx N2VmZmIwHhcNMjUxMjI2MTEwMTAxWhcNMjUxMjI3MTEwMTAxWjAzMTEwLwYDVQQD EygxMDQ0Zjk0MmY3ZGVlZWYxZjI4NTNmYWM0ZDgwY2QwOWY0NjQ5Y2IyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOOhD3B7Nu5aB3w/xnpz0PGPQHYJ YTG2iG9CDvcJbMQNmM1MmR0tXbtJeOhSuO2OQ3JyDzQUFsfbnJzY4jqnIw5P8M3s +0XoDQ+8VUK+H5aWJzMaZd3arDMT92TmCLwpF3LNvV4MhEe0trBamzdCI22p2zS3 WzBMoAGkbOHahbFP45GBt1Ahyqx24ZC65WKpgql59ZmyEywNNTLNKR85hb/AFuEc ngZal/A/f39OsryxtV6UMMi+3LzbrxfjGX5+HgrPOI8veUQbvG8mVLpsErdyiPDz oBV2D0SuoQc4aiiUy6w3dTGX3PRzI5ZvYlRjeJLzgYdH8QBVEwWq73r+yQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBBE+UL33u7x8oU/rE2AzQn0ZJyyMB8GA1UdIwQY MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3 LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXUiEJ2S HHGNDgLcSayYKs/j+g2UcLzQVFRq4vQflH/XHTyiqbdzyAvYw+Oo+rgx1UiI6SpB 7rq3bU/eZXqWnOkwfDIKrLzIUpYdwW9ydaoTHPLxXZ7BZYN3ZXf6ivLWL9KojpnU Rg3RdwVA4plnmssrSJBSZM0M7d6pP8Uf/BkLR5E7KEZio6/LMGSP8gWoWd3qtN0V DNehzZJa5PFj/8VRsa3uYgRipUnWBgsrsiFX0FZFoy1FXXDMnCPE4vCRSc8/nS1j i4yyOghVlWXKzFQFe9w5ap9uoBCCJEvP0ICmEjpjoac1HkyaK9bWBLrdR+tjjB7u 7hFUWVInx9ZwKQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:00 2025 by rpki-client