This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json) Hash identifier: pC4EKmlLZ7uODZ/mEIlZN7tctRfQLwEDfCZmj7CvEEE= Subject key identifier: 95:B3:DC:1B:FA:90:7A:BF:C4:39:BA:88:92:A2:34:29:13:EF:FD:F3 Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48 Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48 Certificate serial: 019B36B3A8143B26D96C8BD9B594A412BBE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft Manifest number: 04A7 Signing time: Fri 19 Dec 2025 13:01:42 +0000 Manifest this update: Fri 19 Dec 2025 13:01:42 +0000 Manifest next update: Sat 20 Dec 2025 13:01:42 +0000 Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=) 2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: KpM+sY9cXfzj14+fs6y7EQbfodep4b5NwVSmN6I1uiI=) 3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 13:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:b3:a8:14:3b:26:d9:6c:8b:d9:b5:94:a4:12:bb:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48 Validity Not Before: Dec 19 13:01:42 2025 GMT Not After : Dec 20 13:01:42 2025 GMT Subject: CN=95b3dc1bfa907abfc439ba8892a2342913effdf3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:72:39:fc:bd:7b:2a:e4:ba:ea:c6:7f:6b:32: 09:c3:cd:d6:ff:df:12:ab:a2:c6:26:08:e7:fb:13: e0:3e:ba:56:03:f3:05:df:6a:e4:72:cc:bc:59:fe: 9a:f3:7b:b3:28:95:fe:76:98:a1:35:8a:87:f7:56: 2f:8a:e7:89:6d:a7:c5:c4:dc:90:93:d8:39:a5:13: 66:fc:03:33:43:59:20:4f:26:80:3b:b2:a9:0b:10: ad:b1:81:96:ae:57:67:ca:4d:12:8c:bd:99:96:66: 42:50:17:38:87:d3:7a:e5:0d:23:de:4c:4c:17:5a: 94:62:00:6f:71:98:ca:53:3b:18:09:1a:9d:d8:53: c0:a1:cb:5b:cc:20:4e:42:67:ec:51:69:d4:42:80: 4f:05:a1:6c:24:ad:1b:bb:6f:94:1f:cf:c1:19:5c: 2e:8b:1f:c5:a5:c4:bf:87:1b:5c:b4:35:51:de:5f: b2:39:57:44:85:e3:77:14:c1:b9:a2:c8:cf:78:5f: df:cd:2b:c7:97:43:4c:72:c1:1d:41:07:bc:4a:6a: 71:54:e1:6a:47:fa:61:2b:59:62:00:94:9d:c3:31: 02:07:81:04:ed:78:dc:f9:3a:03:5c:0d:be:6b:90: c4:9e:a3:95:ca:45:ec:e8:83:e2:15:1d:3f:78:e8: 26:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:B3:DC:1B:FA:90:7A:BF:C4:39:BA:88:92:A2:34:29:13:EF:FD:F3 X509v3 Authority Key Identifier: keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:52:ce:88:10:bd:61:50:32:c4:7f:cf:92:1c:99:25:3b:f2: e8:68:a8:34:ad:1b:6a:e2:e9:e0:65:a6:8b:26:b8:65:40:d2: e4:31:a1:0f:36:fa:70:86:e5:f6:fb:5a:1a:73:9f:09:4d:cb: b3:39:a3:fb:6d:d5:4f:31:06:9b:aa:45:e0:39:82:0d:b8:44: 63:f9:16:51:95:7b:d6:38:ff:84:05:45:2f:91:6d:59:c1:00: 6d:87:37:24:b5:3a:a7:cd:2d:5b:65:0f:63:66:44:58:f0:7f: 72:07:89:17:da:0c:10:da:f3:9d:1d:d1:00:ff:71:f6:8a:20: 58:15:be:92:89:62:67:63:3b:69:09:a1:61:94:08:9d:cd:71: 9c:97:1f:7d:ad:73:81:dd:08:bb:27:ba:8a:17:47:fd:5e:5e: 27:2e:82:5e:c9:5b:16:59:7f:e5:b0:b8:71:39:a1:a2:ce:6e: 5f:24:ab:40:be:ab:e1:cd:d8:43:35:85:7c:37:d6:34:74:9e: 98:c4:8a:89:0c:53:8f:83:23:6b:b1:ae:21:6d:d3:7c:35:08: 85:c8:20:19:46:dd:04:d5:61:70:ed:f2:6e:78:26:96:cd:5c: b5:6b:6e:1c:5e:e2:83:53:34:32:a5:d9:36:61:ec:a3:77:9e: da:b3:cc:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2s6gUOybZbIvZtZSkErvgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz ZTRhNDgwHhcNMjUxMjE5MTMwMTQyWhcNMjUxMjIwMTMwMTQyWjAzMTEwLwYDVQQD Eyg5NWIzZGMxYmZhOTA3YWJmYzQzOWJhODg5MmEyMzQyOTEzZWZmZGYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XI5/L17KuS66sZ/azIJw83W/98S q6LGJgjn+xPgPrpWA/MF32rkcsy8Wf6a83uzKJX+dpihNYqH91YviueJbafFxNyQ k9g5pRNm/AMzQ1kgTyaAO7KpCxCtsYGWrldnyk0SjL2ZlmZCUBc4h9N65Q0j3kxM F1qUYgBvcZjKUzsYCRqd2FPAoctbzCBOQmfsUWnUQoBPBaFsJK0bu2+UH8/BGVwu ix/FpcS/hxtctDVR3l+yOVdEheN3FMG5osjPeF/fzSvHl0NMcsEdQQe8SmpxVOFq R/phK1liAJSdwzECB4EE7Xjc+ToDXA2+a5DEnqOVykXs6IPiFR0/eOgmlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJWz3Bv6kHq/xDm6iJKiNCkT7/3zMB8GA1UdIwQY MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVLOiBC9 YVAyxH/PkhyZJTvy6GioNK0bauLp4GWmiya4ZUDS5DGhDzb6cIbl9vtaGnOfCU3L szmj+23VTzEGm6pF4DmCDbhEY/kWUZV71jj/hAVFL5FtWcEAbYc3JLU6p80tW2UP Y2ZEWPB/cgeJF9oMENrznR3RAP9x9oogWBW+koliZ2M7aQmhYZQInc1xnJcffa1z gd0Iuye6ihdH/V5eJy6CXslbFll/5bC4cTmhos5uXySrQL6r4c3YQzWFfDfWNHSe mMSKiQxTj4Mja7GuIW3TfDUIhcggGUbdBNVhcO3ybngmls1ctWtuHF7ig1M0MqXZ NmHso3ee2rPMbQ== -----END CERTIFICATE-----Generated at Fri Dec 19 18:15:13 2025 by rpki-client