This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft File: coCW6KzXbpqhfz62eAQG49pWPtI.mft (raw, json) Hash identifier: bB4bwaeROpRoC1Exhd72LGagIc6KEO9vntBhZERtfEA= Subject key identifier: C2:5D:D4:50:79:F7:2E:CF:36:D6:1E:AE:B7:4D:48:43:BA:D0:8C:37 Authority key identifier: 72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2 Certificate issuer: /CN=728096e8acd76e9aa17f3eb6780406e3da563ed2 Certificate serial: 019B432523435A297619784EB409A36830C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft Manifest number: 1645 Signing time: Sun 21 Dec 2025 23:01:05 +0000 Manifest this update: Sun 21 Dec 2025 23:01:05 +0000 Manifest next update: Mon 22 Dec 2025 23:01:05 +0000 Files and hashes: 1: coCW6KzXbpqhfz62eAQG49pWPtI.crl (hash: bw6jaQ5kD2mQ1iJFbaZtWPMUIat9V8JsYBu/r9dcJBI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:25:23:43:5a:29:76:19:78:4e:b4:09:a3:68:30:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=728096e8acd76e9aa17f3eb6780406e3da563ed2 Validity Not Before: Dec 21 23:01:05 2025 GMT Not After : Dec 22 23:01:05 2025 GMT Subject: CN=c25dd45079f72ecf36d61eaeb74d4843bad08c37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a6:65:17:38:a2:be:1e:86:c4:43:6a:c3:fd: 59:08:37:56:3e:79:e0:77:18:6e:14:83:49:89:e3: 8b:45:be:e1:f1:f8:f8:1d:08:b2:d8:69:c5:e4:21: 3f:d3:d9:f1:e0:84:db:31:d6:09:d2:74:e2:ea:63: 98:cd:ee:1c:d1:aa:13:e9:cf:a9:6c:7b:64:55:e7: ea:ce:a0:be:a3:46:52:cc:c4:2a:d6:7d:10:1c:24: 99:50:ca:9c:bd:de:83:9a:f7:40:19:13:cc:9d:a5: c7:16:10:dc:5c:4c:97:57:1a:6e:9e:fc:e3:26:65: b4:22:0d:f1:a0:38:a8:e1:e1:65:53:19:34:b6:43: b8:18:f9:09:6b:02:c8:b9:34:d5:ef:e5:40:53:f7: 23:e9:c9:93:ff:30:fe:a2:ee:40:00:d9:19:ec:39: fc:da:27:0c:45:b7:a0:d7:15:ee:d4:f2:7b:73:af: 79:fb:7d:69:f5:0c:e7:d3:61:06:ea:cc:5c:e2:d1: 8c:e5:a9:03:b9:8d:72:b6:9a:c0:cd:41:31:48:a0: 55:8b:67:67:2c:db:a9:06:5a:6f:35:1b:49:93:8e: 2b:55:18:b0:e1:cb:a9:7b:38:34:71:d7:2f:d3:1b: 16:aa:c2:72:f1:98:88:6e:a0:c1:fc:37:2b:6a:51: b2:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:5D:D4:50:79:F7:2E:CF:36:D6:1E:AE:B7:4D:48:43:BA:D0:8C:37 X509v3 Authority Key Identifier: keyid:72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:66:d4:a6:60:77:17:59:79:b4:cb:76:8e:ef:62:cc:15:9c: aa:d6:91:7c:12:66:d2:3d:3b:02:89:1e:02:64:68:73:d1:71: 84:22:0f:23:0c:a8:e9:a2:e7:b8:36:43:84:1e:79:18:9d:5d: f7:30:45:93:a5:b4:6a:25:73:e2:ba:01:c5:fc:82:ed:a0:83: 6a:1f:5f:a8:86:c0:65:9f:28:4a:5b:60:bd:55:fc:54:b8:f0: 91:0f:61:ab:ad:5e:ba:93:4b:b8:0b:b4:5d:35:3b:2c:4e:23: 3e:bb:82:c7:81:85:f9:1a:17:40:e4:af:e4:a0:ef:8d:18:98: aa:a7:c1:6b:8b:fc:aa:9a:30:4c:3a:35:d8:0f:d1:5b:49:92: 6a:0c:4e:d4:f0:b5:d9:2f:da:d9:30:7e:87:ea:ed:1b:24:d4: db:5f:85:bb:69:6f:b8:9d:db:20:17:ca:84:82:d1:3f:d2:46: 03:00:29:e9:8f:6c:09:37:b7:c9:ac:ac:8d:52:23:80:07:0d: d4:38:81:b2:f2:7e:f6:ce:51:e5:40:78:8c:6f:93:58:98:5e: 6d:bf:d3:9c:55:2d:f4:d0:67:ca:db:bb:d7:20:5e:8d:4a:60: 92:18:0e:da:2b:78:68:bc:78:83:63:f8:f5:34:12:ad:b6:95: d9:5f:6d:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDJSNDWil2GXhOtAmjaDDEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyODA5NmU4YWNkNzZlOWFhMTdmM2ViNjc4MDQwNmUzZGE1 NjNlZDIwHhcNMjUxMjIxMjMwMTA1WhcNMjUxMjIyMjMwMTA1WjAzMTEwLwYDVQQD EyhjMjVkZDQ1MDc5ZjcyZWNmMzZkNjFlYWViNzRkNDg0M2JhZDA4YzM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqZlFziivh6GxENqw/1ZCDdWPnng dxhuFINJieOLRb7h8fj4HQiy2GnF5CE/09nx4ITbMdYJ0nTi6mOYze4c0aoT6c+p bHtkVefqzqC+o0ZSzMQq1n0QHCSZUMqcvd6DmvdAGRPMnaXHFhDcXEyXVxpunvzj JmW0Ig3xoDio4eFlUxk0tkO4GPkJawLIuTTV7+VAU/cj6cmT/zD+ou5AANkZ7Dn8 2icMRbeg1xXu1PJ7c695+31p9Qzn02EG6sxc4tGM5akDuY1ytprAzUExSKBVi2dn LNupBlpvNRtJk44rVRiw4cupezg0cdcv0xsWqsJy8ZiIbqDB/DcralGyaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMJd1FB59y7PNtYerrdNSEO60Iw3MB8GA1UdIwQY MBaAFHKAluis126aoX8+tngEBuPaVj7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYt YzE3MzRkNTBjYjNiLzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYtYzE3MzRkNTBjYjNi LzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo2bUpmB3 F1l5tMt2ju9izBWcqtaRfBJm0j07AokeAmRoc9FxhCIPIwyo6aLnuDZDhB55GJ1d 9zBFk6W0aiVz4roBxfyC7aCDah9fqIbAZZ8oSltgvVX8VLjwkQ9hq61eupNLuAu0 XTU7LE4jPruCx4GF+RoXQOSv5KDvjRiYqqfBa4v8qpowTDo12A/RW0mSagxO1PC1 2S/a2TB+h+rtGyTU21+Fu2lvuJ3bIBfKhILRP9JGAwAp6Y9sCTe3yaysjVIjgAcN 1DiBsvJ+9s5R5UB4jG+TWJhebb/TnFUt9NBnytu71yBejUpgkhgO2it4aLx4g2P4 9TQSrbaV2V9tBQ== -----END CERTIFICATE-----Generated at Mon Dec 22 05:51:37 2025 by rpki-client