This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft File: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json) Hash identifier: VDnbSGN8Iil5+bAl+6AtdeMxHnL0umw3nkMfitDuHfE= Subject key identifier: 6C:95:55:57:6A:4E:B7:5B:08:86:56:AA:FC:70:BF:21:80:31:58:D5 Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D Certificate issuer: /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d Certificate serial: 019B46CB2B242A061BD8E2AA33A1AB13F4C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft Manifest number: 16C9 Signing time: Mon 22 Dec 2025 16:01:18 +0000 Manifest this update: Mon 22 Dec 2025 16:01:18 +0000 Manifest next update: Tue 23 Dec 2025 16:01:18 +0000 Files and hashes: 1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: buuT2VPHUZbOtm8VfHDE6uHQTy80e60jmq9xzuxVM0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 16:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:cb:2b:24:2a:06:1b:d8:e2:aa:33:a1:ab:13:f4:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d Validity Not Before: Dec 22 16:01:18 2025 GMT Not After : Dec 23 16:01:18 2025 GMT Subject: CN=6c9555576a4eb75b088656aafc70bf21803158d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:5c:1e:05:3e:cf:f1:72:41:75:0c:fb:d5:9c: db:c6:3e:23:32:6c:8f:db:ae:2b:29:3d:1f:99:d8: 27:e2:4c:c7:38:56:50:8b:ea:48:18:cd:86:f9:17: 52:d2:ce:37:96:5c:dd:60:99:35:26:30:cd:a6:0b: aa:19:b4:c6:ea:8a:37:49:e0:1b:4e:b2:d8:69:67: fc:f2:80:22:8a:89:93:a3:76:4b:50:92:15:7c:87: c3:5b:1b:0e:a9:5d:da:a5:83:a4:9c:7a:38:e5:3b: f0:88:38:1c:40:55:3b:28:3e:e1:0b:61:2e:44:5d: 68:07:a9:50:2b:56:10:7e:52:c8:03:b3:e1:f6:70: 65:bf:4f:9b:39:6a:e5:a0:36:1d:96:12:03:50:1e: ac:e8:4f:93:f0:a2:bc:29:63:77:2c:97:4b:00:b8: e3:6e:6a:17:0b:a8:db:68:85:da:ea:af:76:ee:8a: c1:a4:4d:50:0c:63:65:af:0e:d7:ff:33:20:da:79: 8d:5a:be:c6:3e:32:af:6a:d5:68:a4:55:67:be:7c: 78:58:08:b3:bf:cc:f6:fd:a6:cb:92:a0:d6:3a:a5: a9:c8:9f:75:1a:03:c7:ed:3b:1f:80:b1:66:54:c4: 1d:2d:50:af:bc:4e:e9:99:e5:61:19:03:17:2d:a1: 80:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:95:55:57:6A:4E:B7:5B:08:86:56:AA:FC:70:BF:21:80:31:58:D5 X509v3 Authority Key Identifier: keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:ea:78:cf:f0:6f:9e:92:8a:47:17:fa:af:ba:c4:84:b2:c8: 66:57:67:b1:f5:be:3b:6d:9c:7f:a8:d5:7d:73:be:c5:cb:ec: aa:36:03:b4:b4:6d:14:98:65:2b:68:be:a0:85:73:21:85:57: 89:44:c4:81:5c:f3:a9:c0:f8:cc:49:10:10:be:05:25:e3:f6: bf:23:a9:72:e1:e3:73:2b:67:81:c1:e5:15:eb:87:5d:ed:0e: e1:2a:c7:d7:c4:ea:24:34:ed:68:ea:58:4d:d8:a0:15:4b:d1: d8:b8:d5:db:d9:f7:20:41:00:5d:d2:27:be:e0:de:93:69:24: ca:f4:ab:ca:1b:39:e3:1a:b0:1d:f5:d5:fa:e6:99:78:1b:e3: ec:5e:dd:53:3c:4f:fc:79:51:a7:2d:e0:55:ae:cc:21:a0:5d: ba:d8:9e:39:76:83:b3:9c:db:ba:5a:57:46:da:85:80:27:63: 18:08:a9:34:5b:5d:4b:e3:0d:a6:dc:4e:ed:fc:6b:55:43:d5: e8:35:67:13:f1:f2:62:a4:5d:90:f8:59:88:2d:bb:54:ef:e7: 32:32:f2:f6:de:d1:b8:3c:52:f0:b8:c4:1c:15:54:65:a1:8f: a3:3e:76:54:51:f4:b4:51:37:f9:28:b3:57:ba:9d:1b:f7:fb: 18:74:ba:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGyyskKgYb2OKqM6GrE/TFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw NzQ5N2QwHhcNMjUxMjIyMTYwMTE4WhcNMjUxMjIzMTYwMTE4WjAzMTEwLwYDVQQD Eyg2Yzk1NTU1NzZhNGViNzViMDg4NjU2YWFmYzcwYmYyMTgwMzE1OGQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFweBT7P8XJBdQz71Zzbxj4jMmyP 264rKT0fmdgn4kzHOFZQi+pIGM2G+RdS0s43llzdYJk1JjDNpguqGbTG6oo3SeAb TrLYaWf88oAiiomTo3ZLUJIVfIfDWxsOqV3apYOknHo45TvwiDgcQFU7KD7hC2Eu RF1oB6lQK1YQflLIA7Ph9nBlv0+bOWrloDYdlhIDUB6s6E+T8KK8KWN3LJdLALjj bmoXC6jbaIXa6q927orBpE1QDGNlrw7X/zMg2nmNWr7GPjKvatVopFVnvnx4WAiz v8z2/abLkqDWOqWpyJ91GgPH7TsfgLFmVMQdLVCvvE7pmeVhGQMXLaGAGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGyVVVdqTrdbCIZWqvxwvyGAMVjVMB8GA1UdIwQY MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0 LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGup4z/Bv npKKRxf6r7rEhLLIZldnsfW+O22cf6jVfXO+xcvsqjYDtLRtFJhlK2i+oIVzIYVX iUTEgVzzqcD4zEkQEL4FJeP2vyOpcuHjcytngcHlFeuHXe0O4SrH18TqJDTtaOpY TdigFUvR2LjV29n3IEEAXdInvuDek2kkyvSryhs54xqwHfXV+uaZeBvj7F7dUzxP /HlRpy3gVa7MIaBdutieOXaDs5zbulpXRtqFgCdjGAipNFtdS+MNptxO7fxrVUPV 6DVnE/HyYqRdkPhZiC27VO/nMjLy9t7RuDxS8LjEHBVUZaGPoz52VFH0tFE3+Siz V7qdG/f7GHS6eA== -----END CERTIFICATE-----Generated at Tue Dec 23 01:56:15 2025 by rpki-client