This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft File: 0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json) Hash identifier: hN9KGiqyNFpM18x1rj8MVgH9bSws9w3QlIjjv5MmBtk= Subject key identifier: C0:A2:A7:41:5F:05:36:51:8E:47:54:CB:23:47:9F:70:9D:70:8F:9C Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A Certificate issuer: /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a Certificate serial: 019B34C5447FAF8A5C3C54990B917D73E3C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft Manifest number: 0EE4 Signing time: Fri 19 Dec 2025 04:01:41 +0000 Manifest this update: Fri 19 Dec 2025 04:01:41 +0000 Manifest next update: Sat 20 Dec 2025 04:01:41 +0000 Files and hashes: 1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: gBkkxWWRemrqx/Er1/QWwkskIbickiciDDtUDkVhG4g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:44:7f:af:8a:5c:3c:54:99:0b:91:7d:73:e3:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a Validity Not Before: Dec 19 04:01:41 2025 GMT Not After : Dec 20 04:01:41 2025 GMT Subject: CN=c0a2a7415f0536518e4754cb23479f709d708f9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:23:6d:02:4c:0b:98:70:a1:0c:35:8b:33:58: 7d:c2:68:e8:60:98:fc:e3:32:68:aa:ea:ab:b4:d9: a0:5a:c0:78:d8:e8:0a:48:a9:b1:1f:ed:67:26:03: 36:df:38:b0:3d:aa:d7:f6:c3:8d:32:b5:87:a5:64: 4e:86:c4:0c:47:90:e1:1c:59:72:88:31:6f:6d:13: 6f:e6:af:8c:30:98:98:29:22:40:6c:b6:76:67:f9: 55:fc:10:db:28:3d:b3:0f:3c:01:ab:46:1b:68:82: 67:09:e8:cb:d9:7a:fa:a7:4b:09:19:0c:b8:4c:90: 36:3b:28:e8:f5:6c:5b:00:13:48:1c:65:f8:b5:d8: 94:94:01:fc:db:c1:99:c5:df:79:e4:91:6f:23:4b: d6:cf:df:eb:f6:03:9c:ad:69:b6:1e:35:f3:7d:11: b0:c5:1d:5d:f5:cf:18:3a:8f:5e:bc:59:e4:94:55: a3:a5:c3:6a:3c:4b:05:e6:e9:21:4b:46:11:2e:b3: a4:db:8e:ae:07:c9:8c:5b:df:b3:2b:4c:05:34:2e: b0:dc:bb:76:8e:80:6e:83:2d:ac:bd:d1:11:d3:0a: 52:68:ca:08:3a:fa:a3:2d:07:bf:04:ba:d1:09:c1: ee:cb:43:11:ec:65:c4:a4:be:6f:f1:08:41:8e:95: 12:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:A2:A7:41:5F:05:36:51:8E:47:54:CB:23:47:9F:70:9D:70:8F:9C X509v3 Authority Key Identifier: keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:51:5f:61:4e:7f:e1:fe:32:f7:bd:5c:1d:29:62:8d:58:84: ba:d6:d1:7b:d3:5b:36:4b:5b:af:2e:1c:66:be:80:85:0a:3e: b7:1a:c5:e2:a4:68:e1:7c:5f:b0:5f:2e:7e:e6:b3:6f:74:03: 51:fe:3c:d0:bb:b1:93:1d:4e:19:05:a1:fb:88:25:b5:3b:92: 28:39:bd:bc:e0:ae:43:77:88:82:49:b1:34:f0:34:06:5d:17: ca:3a:e7:42:6b:f9:6f:5c:e7:f9:72:a8:eb:da:2f:b7:d1:91: fb:92:c0:48:2b:c2:ea:c2:2d:a4:79:a2:c6:fe:34:60:f6:b6: a6:cd:22:c4:cb:ee:06:e4:81:fe:45:db:b6:58:73:15:2c:e2: 35:7f:22:ea:3b:01:06:01:c8:25:81:1a:da:91:ab:d3:3d:3f: 4f:fc:6f:8c:16:9b:01:0c:fd:15:76:cd:91:66:5d:8a:73:c8: e3:1d:c4:46:d0:9a:5f:d9:d4:ba:36:f0:ac:6c:1f:f1:b4:27: 61:70:71:a7:20:95:1d:48:79:74:2a:9a:c8:a8:d6:c8:e1:32: 66:cf:b9:24:16:a4:66:43:fc:f6:08:61:60:16:6f:4b:0b:ff: ec:14:c4:d2:2e:d1:6f:e2:7d:7a:86:af:bc:8e:e6:4d:58:82: 22:d1:c9:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xUR/r4pcPFSZC5F9c+PCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1 ODdmM2EwHhcNMjUxMjE5MDQwMTQxWhcNMjUxMjIwMDQwMTQxWjAzMTEwLwYDVQQD EyhjMGEyYTc0MTVmMDUzNjUxOGU0NzU0Y2IyMzQ3OWY3MDlkNzA4ZjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyNtAkwLmHChDDWLM1h9wmjoYJj8 4zJoquqrtNmgWsB42OgKSKmxH+1nJgM23ziwParX9sONMrWHpWROhsQMR5DhHFly iDFvbRNv5q+MMJiYKSJAbLZ2Z/lV/BDbKD2zDzwBq0YbaIJnCejL2Xr6p0sJGQy4 TJA2Oyjo9WxbABNIHGX4tdiUlAH828GZxd955JFvI0vWz9/r9gOcrWm2HjXzfRGw xR1d9c8YOo9evFnklFWjpcNqPEsF5ukhS0YRLrOk246uB8mMW9+zK0wFNC6w3Lt2 joBugy2svdER0wpSaMoIOvqjLQe/BLrRCcHuy0MR7GXEpL5v8QhBjpUSeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMCip0FfBTZRjkdUyyNHn3CdcI+cMB8GA1UdIwQY MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0 LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAelFfYU5/ 4f4y971cHSlijViEutbRe9NbNktbry4cZr6AhQo+txrF4qRo4XxfsF8ufuazb3QD Uf480Luxkx1OGQWh+4gltTuSKDm9vOCuQ3eIgkmxNPA0Bl0XyjrnQmv5b1zn+XKo 69ovt9GR+5LASCvC6sItpHmixv40YPa2ps0ixMvuBuSB/kXbtlhzFSziNX8i6jsB BgHIJYEa2pGr0z0/T/xvjBabAQz9FXbNkWZdinPI4x3ERtCaX9nUujbwrGwf8bQn YXBxpyCVHUh5dCqayKjWyOEyZs+5JBakZkP89ghhYBZvSwv/7BTE0i7Rb+J9eoav vI7mTViCItHJog== -----END CERTIFICATE-----Generated at Fri Dec 19 08:10:02 2025 by rpki-client