This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft File: VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json) Hash identifier: eqGoW4b4g7Qd83GGgs5LTDdgPFlWNTuwrPH+Y5x94oY= Subject key identifier: 85:4B:CB:63:6D:A1:D9:0B:2D:F2:44:0D:A9:45:4E:7D:A4:3B:52:CC Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70 Certificate issuer: /CN=5476e09001c3186526190d1f35d2a5b99fcaa270 Certificate serial: 019B481582DDA3B338BFF76C394190D9CC01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft Manifest number: 178C Signing time: Mon 22 Dec 2025 22:02:07 +0000 Manifest this update: Mon 22 Dec 2025 22:02:07 +0000 Manifest next update: Tue 23 Dec 2025 22:02:07 +0000 Files and hashes: 1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: oQwoZE4kgGutXffpu+n8iw1yvSjcbxG6N6BPAumHKzo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:82:dd:a3:b3:38:bf:f7:6c:39:41:90:d9:cc:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270 Validity Not Before: Dec 22 22:02:07 2025 GMT Not After : Dec 23 22:02:07 2025 GMT Subject: CN=854bcb636da1d90b2df2440da9454e7da43b52cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:cc:23:d3:71:dc:d5:9d:e3:70:50:a1:2b:53: 4f:cc:56:5d:ea:a2:33:db:f5:44:32:43:e6:6f:6e: 50:11:93:50:1a:e3:5e:b1:c8:b0:29:fa:d6:e7:68: 5e:a9:f1:70:ff:3b:6d:4f:d6:f0:70:87:c2:99:bd: 84:23:bd:8e:1b:73:3a:27:d7:13:d6:83:22:c6:9c: a9:e8:6c:40:f9:d6:e7:fd:9b:2b:2b:7f:5d:53:a1: ca:d0:05:bd:4b:cb:2d:02:b5:9a:39:7b:87:ff:4d: 7e:0b:c2:90:a7:63:ee:2f:9e:bb:77:63:b3:79:bf: d5:0f:af:dd:f7:41:2b:97:50:52:dc:82:5f:69:b3: 4d:5f:3a:9b:f5:a1:20:ce:4d:b5:17:3d:f9:44:07: 7d:35:9e:f6:76:50:fe:2b:36:25:5d:26:0e:1e:c0: 1c:4c:b8:a5:c6:91:96:4b:a1:b6:fd:13:e2:42:54: 7a:6f:79:64:d1:a3:07:a0:58:04:8f:5f:fd:94:77: 2d:37:bd:33:66:e0:78:17:86:8b:1d:5f:66:e3:70: fd:c2:f6:ba:a2:d1:9a:7f:1c:ba:f4:dc:1c:2b:05: 7b:b0:bd:63:26:86:3f:a9:23:96:09:31:2f:23:8c: 1b:77:89:ba:aa:64:57:cd:f7:f5:21:74:ad:c7:65: 69:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:4B:CB:63:6D:A1:D9:0B:2D:F2:44:0D:A9:45:4E:7D:A4:3B:52:CC X509v3 Authority Key Identifier: keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:d4:6c:be:52:3a:5c:d3:a4:6a:60:df:20:17:03:0c:cb:3b: 2e:30:b4:30:0f:be:77:ed:4a:3d:0f:7c:f3:37:fe:ef:b5:6c: 15:ee:a6:cb:74:03:25:56:db:3b:47:3b:c7:9c:62:d5:37:45: 3b:5d:b9:cf:6d:74:2e:c8:e6:91:5e:c7:47:b1:f2:d6:ef:35: a6:a3:f2:f5:d8:66:9f:5c:cd:4c:da:eb:6e:c0:5f:11:1e:7e: ca:9e:7e:1f:a2:86:d1:06:0d:7f:cc:f4:19:ae:01:dc:a6:dc: 8e:73:cd:7e:1a:09:23:c9:10:53:b0:e1:8e:2d:67:fa:b4:93: e8:c9:c7:36:7f:93:bb:b9:39:3d:87:ea:15:33:a9:84:22:fb: 0b:c0:89:51:28:6a:fb:61:ab:2d:79:7a:66:c3:da:a2:12:3d: f5:ff:6e:7a:c4:fd:ad:ea:0c:bc:98:2d:04:d5:09:ef:22:fb: 5a:de:1b:0e:97:92:19:a9:4f:c2:19:1d:ef:d8:9d:a0:3e:73: 05:d7:aa:8e:0b:81:58:99:9b:2e:6e:34:29:3f:50:3d:6f:66: e2:c7:4f:bc:95:23:b6:d0:15:45:e6:8a:cf:be:ed:0b:cc:8a: 3d:88:87:d9:e5:04:03:f9:1e:00:5e:63:dc:e0:6b:d1:aa:df: 52:70:ce:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFYLdo7M4v/dsOUGQ2cwBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj YWEyNzAwHhcNMjUxMjIyMjIwMjA3WhcNMjUxMjIzMjIwMjA3WjAzMTEwLwYDVQQD Eyg4NTRiY2I2MzZkYTFkOTBiMmRmMjQ0MGRhOTQ1NGU3ZGE0M2I1MmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvswj03Hc1Z3jcFChK1NPzFZd6qIz 2/VEMkPmb25QEZNQGuNesciwKfrW52heqfFw/zttT9bwcIfCmb2EI72OG3M6J9cT 1oMixpyp6GxA+dbn/ZsrK39dU6HK0AW9S8stArWaOXuH/01+C8KQp2PuL567d2Oz eb/VD6/d90Erl1BS3IJfabNNXzqb9aEgzk21Fz35RAd9NZ72dlD+KzYlXSYOHsAc TLilxpGWS6G2/RPiQlR6b3lk0aMHoFgEj1/9lHctN70zZuB4F4aLHV9m43D9wva6 otGafxy69NwcKwV7sL1jJoY/qSOWCTEvI4wbd4m6qmRXzff1IXStx2VpcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIVLy2NtodkLLfJEDalFTn2kO1LMMB8GA1UdIwQY MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArtRsvlI6 XNOkamDfIBcDDMs7LjC0MA++d+1KPQ988zf+77VsFe6my3QDJVbbO0c7x5xi1TdF O125z210LsjmkV7HR7Hy1u81pqPy9dhmn1zNTNrrbsBfER5+yp5+H6KG0QYNf8z0 Ga4B3KbcjnPNfhoJI8kQU7Dhji1n+rST6MnHNn+Tu7k5PYfqFTOphCL7C8CJUShq +2GrLXl6ZsPaohI99f9uesT9reoMvJgtBNUJ7yL7Wt4bDpeSGalPwhkd79idoD5z BdeqjguBWJmbLm40KT9QPW9m4sdPvJUjttAVReaKz77tC8yKPYiH2eUEA/keAF5j 3OBr0arfUnDO+g== -----END CERTIFICATE-----Generated at Tue Dec 23 02:00:21 2025 by rpki-client