This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft File: PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json) Hash identifier: xKibNFYlnX1Hr3KuAUJMiRiE+u5RZX8z+6ZUKQq22uQ= Subject key identifier: 5C:71:DC:0C:AF:9D:37:55:AA:77:52:1E:44:3A:8D:11:5F:4C:C1:24 Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F Certificate issuer: /CN=3ceec6c47951b299c70806583d791d50cd816c5f Certificate serial: 019B32D65A8855F82BA9E26D37733DD2DB43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft Manifest number: 03D2 Signing time: Thu 18 Dec 2025 19:01:07 +0000 Manifest this update: Thu 18 Dec 2025 19:01:07 +0000 Manifest next update: Fri 19 Dec 2025 19:01:07 +0000 Files and hashes: 1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: iHq2VS1J/0i57MQZbo5vRucCbAGD5wn+kpmhUaVfJMM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:5a:88:55:f8:2b:a9:e2:6d:37:73:3d:d2:db:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f Validity Not Before: Dec 18 19:01:07 2025 GMT Not After : Dec 19 19:01:07 2025 GMT Subject: CN=5c71dc0caf9d3755aa77521e443a8d115f4cc124 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:06:b9:59:37:53:74:ec:d8:13:71:8d:c7:87: c7:c8:d4:73:e7:78:51:bb:84:87:8c:15:03:ce:9a: 2d:1c:2c:2f:58:23:1f:53:cd:71:15:b3:e5:7f:6e: b7:5b:2f:db:68:a0:9d:1f:eb:3c:eb:17:14:9a:b4: 0f:7d:11:18:a8:8b:6e:76:d0:6a:5a:eb:11:44:6a: 51:e3:a9:ed:48:f7:f7:a4:ef:5a:bd:10:2e:53:b0: 8c:cc:b9:3e:81:1f:43:fb:8c:2c:6c:c4:15:3b:4d: b9:23:e8:6f:d9:56:0f:cd:40:5b:1a:7d:a2:48:38: ba:49:3c:83:d4:28:b6:66:ca:9d:d9:f5:2c:cd:2f: e6:b6:47:a7:71:23:78:e4:1a:cf:a7:dc:d8:cb:b7: f9:97:ec:e0:1e:e8:0f:35:d3:d1:f9:0c:d1:06:dc: 22:14:f1:ae:84:8b:ab:10:f6:5a:01:cc:b7:75:f9: 1c:1a:27:cd:84:89:9f:38:b0:41:31:23:70:98:53: 70:2e:46:8d:05:72:5e:2f:94:ae:62:c4:04:bb:32: e6:d8:50:b8:78:ec:67:9d:4e:e8:5b:b7:17:04:26: 47:1f:02:77:2e:10:e6:19:16:c5:2c:14:8f:c1:14: 8d:7d:1a:0d:a0:62:ec:35:e1:d3:01:85:5f:93:2f: a3:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:71:DC:0C:AF:9D:37:55:AA:77:52:1E:44:3A:8D:11:5F:4C:C1:24 X509v3 Authority Key Identifier: keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:cb:c1:db:60:c3:52:99:9a:ea:17:1b:b7:e1:e6:4c:36:d7: eb:87:ad:6b:07:48:37:05:c4:13:99:3d:b1:3d:87:64:26:5e: b1:06:b5:d8:23:6e:19:e5:cf:dc:5d:60:14:b7:6f:19:59:dd: 02:2a:c0:41:31:d5:59:d4:c9:88:8d:91:2f:f8:50:5d:57:0f: 98:41:f9:58:e3:81:ab:9f:b4:b9:fe:a6:62:53:75:78:ca:13: 6b:a6:4d:4c:46:bf:df:5d:74:21:bf:f2:45:b5:8a:d4:49:5e: 42:9c:ad:64:77:52:ac:08:df:d8:4a:9a:77:4a:4c:12:e0:89: 8c:b8:cc:1e:6c:30:11:34:2e:72:a7:52:27:d5:4a:49:4f:fd: 41:ac:45:5a:66:50:66:f5:69:51:62:b6:70:b3:45:0f:ec:97: 07:cf:c5:2c:cf:b6:26:0f:17:03:ca:5d:e2:50:5d:c2:1d:5e: b4:34:46:b4:c8:e0:b9:df:20:7e:52:2b:e8:7a:b2:dd:3c:63: 5c:84:08:75:29:8e:0f:fc:a6:ed:c5:29:d4:49:4d:ad:15:ff: c9:85:82:a5:67:3b:08:79:29:bf:82:d9:58:8e:90:3b:b9:1b: a8:e0:1f:3f:cf:11:63:a5:97:4d:a3:af:90:3b:a0:b5:07:81: 7b:6a:0c:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1lqIVfgrqeJtN3M90ttDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4 MTZjNWYwHhcNMjUxMjE4MTkwMTA3WhcNMjUxMjE5MTkwMTA3WjAzMTEwLwYDVQQD Eyg1YzcxZGMwY2FmOWQzNzU1YWE3NzUyMWU0NDNhOGQxMTVmNGNjMTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsga5WTdTdOzYE3GNx4fHyNRz53hR u4SHjBUDzpotHCwvWCMfU81xFbPlf263Wy/baKCdH+s86xcUmrQPfREYqItudtBq WusRRGpR46ntSPf3pO9avRAuU7CMzLk+gR9D+4wsbMQVO025I+hv2VYPzUBbGn2i SDi6STyD1Ci2Zsqd2fUszS/mtkencSN45BrPp9zYy7f5l+zgHugPNdPR+QzRBtwi FPGuhIurEPZaAcy3dfkcGifNhImfOLBBMSNwmFNwLkaNBXJeL5SuYsQEuzLm2FC4 eOxnnU7oW7cXBCZHHwJ3LhDmGRbFLBSPwRSNfRoNoGLsNeHTAYVfky+jRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFxx3AyvnTdVqndSHkQ6jRFfTMEkMB8GA1UdIwQY MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1 LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh8vB22DD Upma6hcbt+HmTDbX64etawdINwXEE5k9sT2HZCZesQa12CNuGeXP3F1gFLdvGVnd AirAQTHVWdTJiI2RL/hQXVcPmEH5WOOBq5+0uf6mYlN1eMoTa6ZNTEa/3110Ib/y RbWK1EleQpytZHdSrAjf2Eqad0pMEuCJjLjMHmwwETQucqdSJ9VKSU/9QaxFWmZQ ZvVpUWK2cLNFD+yXB8/FLM+2Jg8XA8pd4lBdwh1etDRGtMjgud8gflIr6Hqy3Txj XIQIdSmOD/ym7cUp1ElNrRX/yYWCpWc7CHkpv4LZWI6QO7kbqOAfP88RY6WXTaOv kDugtQeBe2oMkg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:09:29 2025 by rpki-client