This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft File: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json) Hash identifier: HqmZFJoZz54zsjyG7mebuVn3tfqWQ7GzKz5zM2ZsxME= Subject key identifier: C7:08:B7:F6:2A:28:3E:89:56:BE:9B:21:0A:3B:0B:F5:92:69:4D:51 Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0 Certificate issuer: /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0 Certificate serial: 019B3CEBE59AA9BCCC43A72FD6DC88496988 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft Manifest number: 0E32 Signing time: Sat 20 Dec 2025 18:00:51 +0000 Manifest this update: Sat 20 Dec 2025 18:00:51 +0000 Manifest next update: Sun 21 Dec 2025 18:00:51 +0000 Files and hashes: 1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: dMBISQ5FijoOtVgRHkp5Hn6nVFcLdYP1WE4xk2VPQ/c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:eb:e5:9a:a9:bc:cc:43:a7:2f:d6:dc:88:49:69:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0 Validity Not Before: Dec 20 18:00:51 2025 GMT Not After : Dec 21 18:00:51 2025 GMT Subject: CN=c708b7f62a283e8956be9b210a3b0bf592694d51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:82:e2:eb:d2:6f:74:97:f3:41:61:d7:b0:e7:c3: 0d:ed:1b:72:9c:86:53:81:31:f6:ae:2a:7e:f8:78: bc:98:ea:86:c5:67:3d:78:4d:83:05:a6:0a:99:86: a6:3f:4f:53:1e:14:5f:81:cd:c9:29:c3:2e:c9:83: 4b:c4:cc:f2:1d:7b:c6:55:6b:e6:96:65:30:94:51: 84:9e:77:1d:a3:b6:84:15:96:9d:d9:79:f9:8d:3b: 51:18:dd:a4:41:79:90:01:9c:8f:b9:5c:29:4d:01: 34:77:d9:58:25:f3:9b:68:76:19:81:a2:a5:15:cb: 9e:7e:9c:12:21:f9:9b:b2:93:08:73:11:79:bb:4a: 90:41:af:16:d2:5c:d0:29:c3:f4:fb:e6:ba:b6:44: a8:8c:df:88:da:e2:57:1c:12:60:f7:65:42:30:50: 50:2c:a0:3c:0b:22:cf:8c:26:d8:72:22:4a:0b:a2: e2:e0:a5:bf:4d:52:90:c9:46:e9:2e:6c:78:67:6d: e0:ec:f6:13:ac:d0:56:4f:5f:a1:f6:ec:6a:e6:ab: cb:56:2c:f4:bc:33:70:d2:68:68:c9:e4:ff:c9:75: 7b:88:ea:68:1e:b1:b1:ee:b2:c6:3f:fe:ba:49:8f: d0:cf:0b:cd:ff:d4:01:03:fc:bf:61:0b:e8:fe:8f: 43:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:08:B7:F6:2A:28:3E:89:56:BE:9B:21:0A:3B:0B:F5:92:69:4D:51 X509v3 Authority Key Identifier: keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:f6:2a:68:16:6c:57:71:c5:32:2f:e1:68:32:65:7e:7b:d2: 4d:e8:0c:93:2d:7a:20:02:10:bc:05:b2:a3:91:e7:e4:23:2b: aa:08:ab:9e:e8:83:2d:91:ef:a2:1d:f9:83:7b:51:dd:f0:a1: 66:6c:fc:21:5e:66:06:5a:e3:f1:0c:20:4a:ae:61:9a:54:1e: 54:6b:20:8e:94:bd:c3:d2:aa:c7:ec:eb:52:da:82:90:5c:3f: 9b:66:35:fc:f8:2c:95:9a:5d:22:9f:6f:ef:e2:57:ae:7c:d2: 50:8b:c7:3f:f8:b4:8e:11:c0:cf:51:9f:66:02:a7:49:8c:fd: 47:76:b0:22:53:83:47:51:8d:52:5c:3d:4c:3d:6e:20:ce:1b: 49:5b:98:c1:8f:a0:52:1f:a0:77:15:16:00:24:e6:93:68:f0: b0:6d:e5:a1:81:ad:c7:3a:3a:9e:50:14:61:0b:b7:dc:79:7e: a5:93:e4:5f:b2:23:e1:3c:23:19:5f:b1:f0:2a:1b:c8:81:e2: b7:74:1e:1a:8a:8c:c6:ee:ae:26:da:42:02:6f:55:8a:0e:a6: 73:ff:0d:b0:34:35:44:b8:36:b7:b4:38:5f:5d:e6:10:d8:07: 2b:8e:2e:9c:d4:a8:35:26:08:f6:ba:b9:05:dc:87:87:ca:9f: 53:24:f7:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs86+WaqbzMQ6cv1tyISWmIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi ZTNkZTAwHhcNMjUxMjIwMTgwMDUxWhcNMjUxMjIxMTgwMDUxWjAzMTEwLwYDVQQD EyhjNzA4YjdmNjJhMjgzZTg5NTZiZTliMjEwYTNiMGJmNTkyNjk0ZDUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguLr0m90l/NBYdew58MN7RtynIZT gTH2rip++Hi8mOqGxWc9eE2DBaYKmYamP09THhRfgc3JKcMuyYNLxMzyHXvGVWvm lmUwlFGEnncdo7aEFZad2Xn5jTtRGN2kQXmQAZyPuVwpTQE0d9lYJfObaHYZgaKl FcuefpwSIfmbspMIcxF5u0qQQa8W0lzQKcP0++a6tkSojN+I2uJXHBJg92VCMFBQ LKA8CyLPjCbYciJKC6Li4KW/TVKQyUbpLmx4Z23g7PYTrNBWT1+h9uxq5qvLViz0 vDNw0mhoyeT/yXV7iOpoHrGx7rLGP/66SY/QzwvN/9QBA/y/YQvo/o9D4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMcIt/YqKD6JVr6bIQo7C/WSaU1RMB8GA1UdIwQY MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2 LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/YqaBZs V3HFMi/haDJlfnvSTegMky16IAIQvAWyo5Hn5CMrqgirnuiDLZHvoh35g3tR3fCh Zmz8IV5mBlrj8QwgSq5hmlQeVGsgjpS9w9Kqx+zrUtqCkFw/m2Y1/PgslZpdIp9v 7+JXrnzSUIvHP/i0jhHAz1GfZgKnSYz9R3awIlODR1GNUlw9TD1uIM4bSVuYwY+g Uh+gdxUWACTmk2jwsG3loYGtxzo6nlAUYQu33Hl+pZPkX7Ij4TwjGV+x8CobyIHi t3QeGoqMxu6uJtpCAm9Vig6mc/8NsDQ1RLg2t7Q4X13mENgHK44unNSoNSYI9rq5 BdyHh8qfUyT33w== -----END CERTIFICATE-----Generated at Sat Dec 20 20:03:04 2025 by rpki-client