This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft File: COohU1NqgjgJmupmgIAfpEW_qd8.mft (raw, json) Hash identifier: iZzfQ4CLou0VUCHSEp4RpSRK5LEGy4c0ooY/cJ1WG0Y= Subject key identifier: 5B:6C:59:75:35:22:D1:1D:3C:46:D3:8C:89:31:52:3F:22:6A:1D:30 Authority key identifier: 08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF Certificate issuer: /CN=08ea2153536a8238099aea6680801fa445bfa9df Certificate serial: 019B1080DC08EE89E448B1E39C5E5C4EB0CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft Manifest number: 16B8 Signing time: Fri 12 Dec 2025 03:00:38 +0000 Manifest this update: Fri 12 Dec 2025 03:00:38 +0000 Manifest next update: Sat 13 Dec 2025 03:00:38 +0000 Files and hashes: 1: COohU1NqgjgJmupmgIAfpEW_qd8.crl (hash: f53aUKe5pX+iWjPVbGUt6k5lsjEfnQ0E+j2lhlNvid4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:80:dc:08:ee:89:e4:48:b1:e3:9c:5e:5c:4e:b0:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08ea2153536a8238099aea6680801fa445bfa9df Validity Not Before: Dec 12 03:00:38 2025 GMT Not After : Dec 13 03:00:38 2025 GMT Subject: CN=5b6c59753522d11d3c46d38c8931523f226a1d30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:dc:ff:b2:0b:95:4d:f6:28:de:ef:1d:7d:1f: 1c:90:a5:65:02:af:ab:6d:56:18:59:18:94:17:83: 14:1d:af:a3:7a:06:09:b2:ea:fb:6d:9c:e1:da:a2: 2e:6b:4e:0c:d5:2b:04:0c:48:8a:4d:d3:57:12:9c: 3c:9b:19:00:6a:bd:43:a5:e2:08:b3:ee:91:8e:98: 7e:8c:28:4b:ce:06:4b:da:ab:58:bb:84:46:e8:5d: 6f:dc:3d:d1:d3:df:16:3a:21:20:48:c5:6b:59:ad: 16:ff:b6:00:f6:d2:b3:64:a9:9a:03:66:fd:86:e0: ae:f4:ba:b2:a2:59:41:03:86:3c:98:0e:9e:a2:dd: 12:58:4a:34:31:0d:cf:2f:4d:ef:8d:70:70:f4:eb: 1a:2c:bd:61:ef:b7:81:6b:d0:75:64:51:39:c1:20: 0a:2e:48:b6:58:85:88:e9:44:73:44:30:46:a1:40: 82:5a:12:33:cc:fb:06:86:fa:08:9d:1f:ca:eb:52: 8b:6c:24:ed:34:00:6f:97:88:46:5f:26:88:e0:31: 0a:78:05:46:7a:71:4f:49:a5:83:e3:e8:4b:2e:11: 16:7f:6f:4e:aa:98:00:78:05:51:77:aa:74:9a:d4: 6d:a4:9a:54:f6:5a:a6:fc:4c:31:75:14:c6:fc:06: 91:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:6C:59:75:35:22:D1:1D:3C:46:D3:8C:89:31:52:3F:22:6A:1D:30 X509v3 Authority Key Identifier: keyid:08:EA:21:53:53:6A:82:38:09:9A:EA:66:80:80:1F:A4:45:BF:A9:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/COohU1NqgjgJmupmgIAfpEW_qd8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/91f0a6-84f2-4013-b8cb-ae37ba0a1081/1/COohU1NqgjgJmupmgIAfpEW_qd8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:b8:38:19:a7:a5:9b:a2:e6:0d:4d:fe:97:1b:f9:c1:db:1c: a5:ab:f4:c6:6a:6f:a5:d8:fc:81:23:6f:29:cb:ad:7c:35:cf: 91:4c:e4:90:8f:22:0e:69:95:24:62:f8:fe:99:76:d5:29:d8: 4b:e0:00:de:ff:6a:25:09:b9:0c:84:91:c8:72:14:b4:31:aa: 41:f2:f8:9a:b5:75:2f:44:bb:c8:07:94:13:ab:77:da:f2:47: e6:03:8a:ee:14:62:5d:33:d2:a5:d6:dc:fd:83:bf:9c:d6:37: 01:cd:44:bc:1b:45:6c:31:fa:65:04:51:5c:8e:20:db:39:0c: b6:6a:85:ab:c0:f1:90:2b:3e:1c:3a:48:90:64:e5:99:45:7a: 24:db:b0:a9:54:e3:4f:c8:38:c4:48:30:14:fc:f5:bb:23:f3: 7c:0a:41:50:db:df:c1:5c:1a:48:3f:3e:61:c1:34:71:5f:a1: 4b:3e:a5:ba:b2:66:29:cd:9a:2b:8d:92:4d:cf:79:e1:40:bc: b3:b4:60:61:11:de:58:29:85:ca:0d:95:bd:3d:92:29:b5:28: df:e6:df:b8:b9:e7:8a:10:64:79:d7:f1:84:c3:62:5c:77:2e: 30:5d:ad:39:dd:ce:ca:41:3a:71:6b:6e:70:e5:49:e3:43:31: a6:e6:f9:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQgNwI7onkSLHjnF5cTrDOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4ZWEyMTUzNTM2YTgyMzgwOTlhZWE2NjgwODAxZmE0NDVi ZmE5ZGYwHhcNMjUxMjEyMDMwMDM4WhcNMjUxMjEzMDMwMDM4WjAzMTEwLwYDVQQD Eyg1YjZjNTk3NTM1MjJkMTFkM2M0NmQzOGM4OTMxNTIzZjIyNmExZDMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9z/sguVTfYo3u8dfR8ckKVlAq+r bVYYWRiUF4MUHa+jegYJsur7bZzh2qIua04M1SsEDEiKTdNXEpw8mxkAar1DpeII s+6Rjph+jChLzgZL2qtYu4RG6F1v3D3R098WOiEgSMVrWa0W/7YA9tKzZKmaA2b9 huCu9LqyollBA4Y8mA6eot0SWEo0MQ3PL03vjXBw9OsaLL1h77eBa9B1ZFE5wSAK Lki2WIWI6URzRDBGoUCCWhIzzPsGhvoInR/K61KLbCTtNABvl4hGXyaI4DEKeAVG enFPSaWD4+hLLhEWf29OqpgAeAVRd6p0mtRtpJpU9lqm/EwxdRTG/AaRsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFtsWXU1ItEdPEbTjIkxUj8iah0wMB8GA1UdIwQY MBaAFAjqIVNTaoI4CZrqZoCAH6RFv6nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2It YWUzN2JhMGExMDgxLzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC85MWYwYTYtODRmMi00MDEzLWI4Y2ItYWUzN2JhMGExMDgx LzEvQ09vaFUxTnFnamdKbXVwbWdJQWZwRVdfcWQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANbg4Gael m6LmDU3+lxv5wdscpav0xmpvpdj8gSNvKcutfDXPkUzkkI8iDmmVJGL4/pl21SnY S+AA3v9qJQm5DISRyHIUtDGqQfL4mrV1L0S7yAeUE6t32vJH5gOK7hRiXTPSpdbc /YO/nNY3Ac1EvBtFbDH6ZQRRXI4g2zkMtmqFq8DxkCs+HDpIkGTlmUV6JNuwqVTj T8g4xEgwFPz1uyPzfApBUNvfwVwaSD8+YcE0cV+hSz6lurJmKc2aK42STc954UC8 s7RgYRHeWCmFyg2VvT2SKbUo3+bfuLnnihBkedfxhMNiXHcuMF2tOd3OykE6cWtu cOVJ40Mxpub53w== -----END CERTIFICATE-----Generated at Fri Dec 12 05:18:19 2025 by rpki-client