This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.mft File: D0IHzoCFWlzJfAukc7lYcsfBk8Q.mft (raw, json) Hash identifier: CS02a+gCDDrrfnjvP5ZdWMP5dHBorgMqPethuugNYdo= Subject key identifier: 7F:8E:9D:B5:D7:A1:43:A8:67:65:49:E5:62:6D:B8:E6:CA:6B:18:2F Authority key identifier: 0F:42:07:CE:80:85:5A:5C:C9:7C:0B:A4:73:B9:58:72:C7:C1:93:C4 Certificate issuer: /CN=0f4207ce80855a5cc97c0ba473b95872c7c193c4 Certificate serial: 019B5ABFA7BB22208DA00565272B26084D99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D0IHzoCFWlzJfAukc7lYcsfBk8Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.mft Manifest number: 51 Signing time: Fri 26 Dec 2025 13:01:08 +0000 Manifest this update: Fri 26 Dec 2025 13:01:08 +0000 Manifest next update: Sat 27 Dec 2025 13:01:08 +0000 Files and hashes: 1: D0IHzoCFWlzJfAukc7lYcsfBk8Q.crl (hash: sXNQ+OhMCJTxcFhDqewb1RG2cfgkw0ITNMUk2fzy+GQ=) 2: Sf9NlL9u0gQktP7IoLN4vYHJsgM.roa (hash: ppXLp3rl84ATGcOkgVXnAwMIjcmYz64iVP17eQHXfwc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.crl rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.mft rsync://rpki.ripe.net/repository/DEFAULT/D0IHzoCFWlzJfAukc7lYcsfBk8Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:a7:bb:22:20:8d:a0:05:65:27:2b:26:08:4d:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f4207ce80855a5cc97c0ba473b95872c7c193c4 Validity Not Before: Dec 26 13:01:08 2025 GMT Not After : Dec 27 13:01:08 2025 GMT Subject: CN=7f8e9db5d7a143a8676549e5626db8e6ca6b182f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:4a:63:56:9c:62:ed:7e:b6:26:29:ec:67:e8: d0:cd:f8:ec:f9:f0:e3:90:6a:4a:87:bd:c2:b6:09: 6e:42:1b:68:b7:7e:84:7f:9a:81:de:9f:62:ff:7b: b3:cf:6a:9c:50:e4:42:28:ef:e4:22:fb:2a:32:fe: c8:4d:22:3d:0b:9b:88:60:c2:7c:15:23:a9:00:ce: 07:59:16:1a:31:81:2c:4a:2b:a9:b6:fa:91:7e:75: 9e:60:3c:cf:57:64:df:9a:f7:2d:5f:6e:39:a0:09: 85:17:c4:cf:a1:0f:ba:04:ad:30:09:63:d9:4d:34: 13:69:56:35:c3:b8:8e:47:bd:dd:d2:97:87:d7:c6: 80:30:a6:71:31:74:b6:06:e5:6e:93:f6:f1:58:78: ab:af:f5:c6:61:94:68:a8:a6:53:a2:b2:ff:20:0d: 3d:61:06:bb:50:76:76:59:16:9e:71:73:78:50:28: b3:e1:85:75:2f:a5:3c:5c:af:24:5e:0a:02:3d:0a: dd:0e:ec:96:62:35:70:3b:ad:58:e6:9c:d1:a7:a3: fc:9a:d0:b9:01:0f:d9:39:7b:f3:90:47:79:b4:ac: b6:26:6c:1b:4c:28:a4:2c:75:0a:dc:7f:42:b1:72: 9f:5c:3b:30:74:1b:d7:3e:37:9a:b1:0c:ee:e2:34: cd:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:8E:9D:B5:D7:A1:43:A8:67:65:49:E5:62:6D:B8:E6:CA:6B:18:2F X509v3 Authority Key Identifier: keyid:0F:42:07:CE:80:85:5A:5C:C9:7C:0B:A4:73:B9:58:72:C7:C1:93:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0IHzoCFWlzJfAukc7lYcsfBk8Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/901957-4e71-4cf3-acb8-fb2c8a814347/1/D0IHzoCFWlzJfAukc7lYcsfBk8Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:42:65:33:a0:f7:16:9e:30:95:be:e5:a4:9e:23:aa:33:ae: 05:1e:f0:9a:58:6c:e5:b9:58:8d:52:ee:11:37:73:50:86:41: 43:cd:22:8d:38:80:b1:db:1e:91:ef:95:29:d7:0d:5b:0d:c6: 9e:50:5f:1b:87:3c:fd:4d:56:ad:e2:b8:64:9d:48:03:a5:52: a4:f2:c1:63:5a:b7:e6:8c:2c:ee:23:62:e1:ab:33:34:b2:ba: c4:1c:87:76:de:a9:08:00:af:f1:fa:ce:e2:1f:88:c7:e7:5b: ed:21:d5:d5:69:73:a8:6f:f8:1f:2c:89:7a:b0:f0:62:80:aa: f9:98:ec:c4:4d:29:57:96:78:5a:6e:08:b5:f8:19:d8:47:0c: 17:35:a6:c2:37:50:57:24:cf:10:a2:cf:c7:7a:21:49:18:48: 3f:87:4e:e4:1d:c5:e2:ad:44:1d:f9:f4:e7:a9:2c:db:1b:97: 81:93:e0:71:81:05:15:49:2f:fb:d5:14:7e:ae:ec:f3:dd:82: ef:a2:ab:ec:30:af:79:a6:61:57:0a:ca:39:e4:5b:96:05:f9: e5:0e:84:59:2e:d3:4d:28:bc:1d:63:5e:9b:63:00:4b:35:a5: a5:b7:8c:62:ba:c8:0b:b8:13:c5:20:b8:24:c8:4e:7b:02:9e: 4c:03:c8:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav6e7IiCNoAVlJysmCE2ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNDIwN2NlODA4NTVhNWNjOTdjMGJhNDczYjk1ODcyYzdj MTkzYzQwHhcNMjUxMjI2MTMwMTA4WhcNMjUxMjI3MTMwMTA4WjAzMTEwLwYDVQQD Eyg3ZjhlOWRiNWQ3YTE0M2E4Njc2NTQ5ZTU2MjZkYjhlNmNhNmIxODJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0pjVpxi7X62JinsZ+jQzfjs+fDj kGpKh73CtgluQhtot36Ef5qB3p9i/3uzz2qcUORCKO/kIvsqMv7ITSI9C5uIYMJ8 FSOpAM4HWRYaMYEsSiuptvqRfnWeYDzPV2TfmvctX245oAmFF8TPoQ+6BK0wCWPZ TTQTaVY1w7iOR73d0peH18aAMKZxMXS2BuVuk/bxWHirr/XGYZRoqKZTorL/IA09 YQa7UHZ2WRaecXN4UCiz4YV1L6U8XK8kXgoCPQrdDuyWYjVwO61Y5pzRp6P8mtC5 AQ/ZOXvzkEd5tKy2JmwbTCikLHUK3H9CsXKfXDswdBvXPjeasQzu4jTN0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH+OnbXXoUOoZ2VJ5WJtuObKaxgvMB8GA1UdIwQY MBaAFA9CB86AhVpcyXwLpHO5WHLHwZPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDBJSHpvQ0ZXbHpKZkF1a2M3bFljc2ZCazhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85MDE5NTctNGU3MS00Y2YzLWFjYjgt ZmIyYzhhODE0MzQ3LzEvRDBJSHpvQ0ZXbHpKZkF1a2M3bFljc2ZCazhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny85MDE5NTctNGU3MS00Y2YzLWFjYjgtZmIyYzhhODE0MzQ3 LzEvRDBJSHpvQ0ZXbHpKZkF1a2M3bFljc2ZCazhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYUJlM6D3 Fp4wlb7lpJ4jqjOuBR7wmlhs5blYjVLuETdzUIZBQ80ijTiAsdseke+VKdcNWw3G nlBfG4c8/U1WreK4ZJ1IA6VSpPLBY1q35ows7iNi4aszNLK6xByHdt6pCACv8frO 4h+Ix+db7SHV1WlzqG/4HyyJerDwYoCq+ZjsxE0pV5Z4Wm4ItfgZ2EcMFzWmwjdQ VyTPEKLPx3ohSRhIP4dO5B3F4q1EHfn056ks2xuXgZPgcYEFFUkv+9UUfq7s892C 76Kr7DCveaZhVwrKOeRblgX55Q6EWS7TTSi8HWNem2MASzWlpbeMYrrIC7gTxSC4 JMhOewKeTAPI5A== -----END CERTIFICATE-----Generated at Fri Dec 26 15:42:26 2025 by rpki-client