This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft File: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json) Hash identifier: Dy/pE+JTDvP+iOoXiJrVpy3gpTRKgT3st3AwewO8nvo= Subject key identifier: 40:8A:F9:D0:85:9F:72:04:09:5A:08:3A:2A:E2:1D:1F:6F:C7:B2:7B Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D Certificate issuer: /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d Certificate serial: 019B3B34C1DD8BDF7F8737D4EDFDE0BFF237 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft Manifest number: 16C3 Signing time: Sat 20 Dec 2025 10:01:11 +0000 Manifest this update: Sat 20 Dec 2025 10:01:11 +0000 Manifest next update: Sun 21 Dec 2025 10:01:11 +0000 Files and hashes: 1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: psZaavM8vRYsHn7AmcsTbhtau+aYK59x20XgM/siamA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:c1:dd:8b:df:7f:87:37:d4:ed:fd:e0:bf:f2:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d Validity Not Before: Dec 20 10:01:11 2025 GMT Not After : Dec 21 10:01:11 2025 GMT Subject: CN=408af9d0859f7204095a083a2ae21d1f6fc7b27b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ac:1f:5b:6b:59:45:62:02:06:08:d4:65:8a: ea:29:a2:2a:ec:97:18:c9:d4:8c:c5:bc:0c:55:49: f6:4c:2e:84:7b:60:0c:d4:79:7d:e0:29:2a:23:5d: 8c:b7:03:24:3f:10:f4:41:70:b2:c6:f2:82:24:7a: 00:71:a5:a0:02:5b:a3:13:07:0b:7c:46:43:1b:c6: e4:af:5c:52:61:68:26:f4:fd:cf:60:a6:d4:f7:da: 70:09:e8:ad:16:c2:80:d9:58:43:6d:42:10:04:8f: 78:ff:9f:5b:48:e9:6e:a0:c5:b5:ed:92:45:32:0d: 47:bd:cb:c8:15:40:bd:4a:73:ee:f3:d0:8a:aa:d5: 53:f9:56:15:96:e0:42:96:f4:6e:f8:5b:a9:2f:01: ff:ca:37:12:86:57:d1:5b:65:5f:58:0e:73:e4:d6: 30:af:bc:0d:4d:25:4c:9b:ea:45:ed:bf:5c:46:36: e7:19:fd:8b:d6:63:fb:84:7f:c4:f5:c2:7f:8e:15: f7:f3:99:85:4a:01:8a:39:51:a1:71:33:33:2e:ff: 67:87:61:50:70:fd:20:0a:94:81:aa:17:b5:e8:61: 48:36:83:a8:21:1e:e9:87:dc:6c:25:0c:8d:60:33: aa:d5:3f:d6:9a:6d:b0:9b:c1:26:31:0d:2a:29:0a: 2d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:8A:F9:D0:85:9F:72:04:09:5A:08:3A:2A:E2:1D:1F:6F:C7:B2:7B X509v3 Authority Key Identifier: keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:6f:a7:38:30:82:f5:9b:1a:2b:56:97:1c:e4:88:32:05:a6: 0a:f0:c3:c4:f5:16:ab:67:be:7c:49:a6:84:6d:8e:52:52:4d: 92:77:70:6a:62:04:42:ee:43:5f:4e:da:00:73:96:fd:19:f5: 80:9e:4d:b1:d3:60:f0:12:b2:b9:07:76:34:69:0e:c8:1a:95: b7:a2:73:88:16:85:23:ec:79:a0:81:85:d1:11:93:be:17:5f: 3c:81:ea:cd:c9:28:ab:dc:e5:0c:26:c3:4c:06:ec:bb:65:f1: b2:cd:f4:f0:8c:91:e0:6e:35:3f:6d:c1:4c:cb:27:f7:d0:66: 10:09:ed:b3:ca:97:38:10:77:bc:16:50:93:7d:f3:40:96:80: cf:6e:07:ff:e4:2e:db:f5:36:75:66:86:d3:c6:10:1f:98:fb: b0:33:7f:fe:f7:ba:60:49:12:41:a9:cb:a4:a4:cb:d6:da:51: 41:c9:d2:aa:dc:5a:1a:8c:cb:94:19:74:37:1b:ba:6c:58:6c: a8:87:60:b1:c1:3d:52:cc:aa:d4:dc:31:3e:60:c4:14:d2:97: f0:9d:b9:5c:31:16:92:7e:45:1e:99:ee:b9:bd:92:79:e7:89: 98:5a:38:c7:48:d3:89:6f:a9:54:b3:90:7b:a0:86:23:4a:fe: 0e:7c:c1:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NMHdi99/hzfU7f3gv/I3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw NzQ5N2QwHhcNMjUxMjIwMTAwMTExWhcNMjUxMjIxMTAwMTExWjAzMTEwLwYDVQQD Eyg0MDhhZjlkMDg1OWY3MjA0MDk1YTA4M2EyYWUyMWQxZjZmYzdiMjdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66wfW2tZRWICBgjUZYrqKaIq7JcY ydSMxbwMVUn2TC6Ee2AM1Hl94CkqI12MtwMkPxD0QXCyxvKCJHoAcaWgAlujEwcL fEZDG8bkr1xSYWgm9P3PYKbU99pwCeitFsKA2VhDbUIQBI94/59bSOluoMW17ZJF Mg1HvcvIFUC9SnPu89CKqtVT+VYVluBClvRu+FupLwH/yjcShlfRW2VfWA5z5NYw r7wNTSVMm+pF7b9cRjbnGf2L1mP7hH/E9cJ/jhX385mFSgGKOVGhcTMzLv9nh2FQ cP0gCpSBqhe16GFINoOoIR7ph9xsJQyNYDOq1T/Wmm2wm8EmMQ0qKQotiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFECK+dCFn3IECVoIOiriHR9vx7J7MB8GA1UdIwQY MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0 LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEG+nODCC 9ZsaK1aXHOSIMgWmCvDDxPUWq2e+fEmmhG2OUlJNkndwamIEQu5DX07aAHOW/Rn1 gJ5NsdNg8BKyuQd2NGkOyBqVt6JziBaFI+x5oIGF0RGTvhdfPIHqzckoq9zlDCbD TAbsu2Xxss308IyR4G41P23BTMsn99BmEAnts8qXOBB3vBZQk33zQJaAz24H/+Qu 2/U2dWaG08YQH5j7sDN//ve6YEkSQanLpKTL1tpRQcnSqtxaGozLlBl0Nxu6bFhs qIdgscE9Usyq1NwxPmDEFNKX8J25XDEWkn5FHpnuub2SeeeJmFo4x0jTiW+pVLOQ e6CGI0r+DnzBdQ== -----END CERTIFICATE-----Generated at Sat Dec 20 18:18:49 2025 by rpki-client