This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft File: bDg245a8UGRDYGuf1zN6kg5x3tE.mft (raw, json) Hash identifier: kghosn23jcO80+W3NCZrk1kug8kaQTbeblxWdiX2zZ8= Subject key identifier: 05:4E:A0:FE:A7:18:2A:9C:D1:EE:3F:34:BD:44:09:DC:14:C9:1F:D6 Authority key identifier: 6C:38:36:E3:96:BC:50:64:43:60:6B:9F:D7:33:7A:92:0E:71:DE:D1 Certificate issuer: /CN=6c3836e396bc506443606b9fd7337a920e71ded1 Certificate serial: 019B0EC9D3991DF9A5AEBB7D7DD0940AAB36 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft Manifest number: 15F2 Signing time: Thu 11 Dec 2025 19:01:06 +0000 Manifest this update: Thu 11 Dec 2025 19:01:06 +0000 Manifest next update: Fri 12 Dec 2025 19:01:06 +0000 Files and hashes: 1: bDg245a8UGRDYGuf1zN6kg5x3tE.crl (hash: mXtBIqhM37Lf5IQhP8JuB2rkTKx03ucBgy/qkx2aOsM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:c9:d3:99:1d:f9:a5:ae:bb:7d:7d:d0:94:0a:ab:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c3836e396bc506443606b9fd7337a920e71ded1 Validity Not Before: Dec 11 19:01:06 2025 GMT Not After : Dec 12 19:01:06 2025 GMT Subject: CN=054ea0fea7182a9cd1ee3f34bd4409dc14c91fd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:cb:60:12:5e:09:d6:41:34:0b:aa:15:5b:80: a8:27:46:ca:ef:6d:06:87:55:45:6c:6e:9c:1f:4d: fe:02:08:e1:fd:17:da:04:9c:51:9c:a2:92:29:d7: 41:ef:77:bb:e2:71:33:86:4e:9a:59:d2:15:df:c8: d5:46:32:43:6b:93:e1:69:40:49:02:52:d7:e0:30: 7f:4e:89:c2:3e:22:ab:4b:d9:f8:44:a3:03:f8:e2: bd:d4:72:a6:6f:63:3f:e1:4c:0d:65:33:05:31:bd: 6c:b5:49:8e:65:dc:06:be:31:2f:af:9e:27:89:80: 21:cb:5e:b0:5b:1b:e6:28:32:68:bd:5e:8f:ee:d7: 97:13:99:71:5c:1c:93:1f:f6:49:28:cf:21:30:f2: e1:a1:98:38:3e:4a:bd:97:3c:dc:da:17:c5:98:ed: b3:88:1e:72:21:80:8a:f9:41:44:36:91:63:89:15: c5:e2:ca:36:ef:d7:d8:8f:13:4d:54:f5:77:5e:5d: e4:a3:5c:c2:a1:a2:c3:cd:37:71:86:fe:64:a9:b5: 0e:9f:02:18:40:6d:c4:81:84:79:0b:d2:cb:a4:72: f6:1d:82:b8:7d:dd:72:aa:40:dc:17:f4:b1:07:c5: 37:88:b4:5b:70:2c:d0:ef:23:ab:ec:28:79:f2:57: 29:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:4E:A0:FE:A7:18:2A:9C:D1:EE:3F:34:BD:44:09:DC:14:C9:1F:D6 X509v3 Authority Key Identifier: keyid:6C:38:36:E3:96:BC:50:64:43:60:6B:9F:D7:33:7A:92:0E:71:DE:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:c8:1a:51:6c:ee:5a:4d:fc:74:cd:77:56:f1:7b:54:9d:20: 11:11:01:5d:60:6a:11:8a:0c:af:f7:27:04:ec:3f:14:63:b5: c8:a7:9e:9e:13:31:4e:04:4f:dd:75:20:15:8e:a3:f0:22:e5: ba:1a:56:f6:1e:57:31:8f:e3:61:98:fa:e4:03:20:cb:a7:f0: 57:27:7d:1c:4d:00:1f:d8:91:ad:7d:a3:6c:7f:a3:a8:74:77: 8c:b4:d4:65:c4:43:10:9c:32:bf:2e:96:99:05:9d:fb:01:8c: da:f5:70:f2:12:d3:b9:a4:ab:17:dc:13:89:e8:62:aa:24:a4: a3:c4:d5:0c:95:09:22:fa:db:be:22:f1:62:51:5d:a3:1a:19: 53:e7:37:0e:40:ca:35:60:f0:77:ff:8f:aa:59:b5:55:48:0e: 8f:4e:0b:91:2a:a8:b8:41:1e:47:aa:ef:e1:53:86:50:58:94: c0:b0:99:e6:e5:0e:3a:b7:8d:80:11:13:34:12:90:05:e5:76: f0:3c:8b:00:29:6d:85:ff:5d:81:fe:6d:2c:56:89:f5:51:de: 08:f9:31:bc:cb:d9:2d:e0:3e:99:65:cb:e7:8b:0a:46:ea:a1: 3d:08:29:6b:b2:e3:c7:b5:08:d6:14:60:6f:af:f7:76:ea:55: 6f:86:f2:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOydOZHfmlrrt9fdCUCqs2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjMzgzNmUzOTZiYzUwNjQ0MzYwNmI5ZmQ3MzM3YTkyMGU3 MWRlZDEwHhcNMjUxMjExMTkwMTA2WhcNMjUxMjEyMTkwMTA2WjAzMTEwLwYDVQQD EygwNTRlYTBmZWE3MTgyYTljZDFlZTNmMzRiZDQ0MDlkYzE0YzkxZmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ctgEl4J1kE0C6oVW4CoJ0bK720G h1VFbG6cH03+Agjh/RfaBJxRnKKSKddB73e74nEzhk6aWdIV38jVRjJDa5PhaUBJ AlLX4DB/TonCPiKrS9n4RKMD+OK91HKmb2M/4UwNZTMFMb1stUmOZdwGvjEvr54n iYAhy16wWxvmKDJovV6P7teXE5lxXByTH/ZJKM8hMPLhoZg4Pkq9lzzc2hfFmO2z iB5yIYCK+UFENpFjiRXF4so279fYjxNNVPV3Xl3ko1zCoaLDzTdxhv5kqbUOnwIY QG3EgYR5C9LLpHL2HYK4fd1yqkDcF/SxB8U3iLRbcCzQ7yOr7Ch58lcpBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAVOoP6nGCqc0e4/NL1ECdwUyR/WMB8GA1UdIwQY MBaAFGw4NuOWvFBkQ2Brn9czepIOcd7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9mMzk5NGUtMGIxMC00MzgzLWIzNGMt ZWI2YjEzYzVlMjY4LzEvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy9mMzk5NGUtMGIxMC00MzgzLWIzNGMtZWI2YjEzYzVlMjY4 LzEvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8gaUWzu Wk38dM13VvF7VJ0gEREBXWBqEYoMr/cnBOw/FGO1yKeenhMxTgRP3XUgFY6j8CLl uhpW9h5XMY/jYZj65AMgy6fwVyd9HE0AH9iRrX2jbH+jqHR3jLTUZcRDEJwyvy6W mQWd+wGM2vVw8hLTuaSrF9wTiehiqiSko8TVDJUJIvrbviLxYlFdoxoZU+c3DkDK NWDwd/+Pqlm1VUgOj04LkSqouEEeR6rv4VOGUFiUwLCZ5uUOOreNgBETNBKQBeV2 8DyLAClthf9dgf5tLFaJ9VHeCPkxvMvZLeA+mWXL54sKRuqhPQgpa7Ljx7UI1hRg b6/3dupVb4byQQ== -----END CERTIFICATE-----Generated at Fri Dec 12 00:57:30 2025 by rpki-client