This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft File: CnAgLDEt0sem_8MXqobk4gaSSaY.mft (raw, json) Hash identifier: dONdRVcZo00+LiUTX+/cJl7YA9t9y9DJ8LXuWTXurpc= Subject key identifier: FA:18:BE:A7:AF:63:F4:F6:A4:32:71:06:36:56:38:1C:1E:56:D6:1D Authority key identifier: 0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6 Certificate issuer: /CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6 Certificate serial: 019B262D1097B986B04A8645B27DBE8B0393 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft Manifest number: 0AA9 Signing time: Tue 16 Dec 2025 08:00:46 +0000 Manifest this update: Tue 16 Dec 2025 08:00:46 +0000 Manifest next update: Wed 17 Dec 2025 08:00:46 +0000 Files and hashes: 1: CnAgLDEt0sem_8MXqobk4gaSSaY.crl (hash: p/MlgAP90OEmb9+FS7zMfM1tygKQpxkFVHiz0QZ4xc8=) 2: eTuN91J09OBNoZtxEtruVhH4DbY.roa (hash: F1iOkNAfZrkXFWgz/sdsk9Ul6Wkc9BDyHiaUC1recQY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 08:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:2d:10:97:b9:86:b0:4a:86:45:b2:7d:be:8b:03:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6 Validity Not Before: Dec 16 08:00:46 2025 GMT Not After : Dec 17 08:00:46 2025 GMT Subject: CN=fa18bea7af63f4f6a43271063656381c1e56d61d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:44:94:e9:04:89:7e:96:e5:f6:f6:ad:68:b0: a2:04:c7:c7:f2:b9:9a:c8:ce:75:49:0c:24:ac:c7: f5:52:77:09:f4:04:72:a9:43:ff:c7:97:d1:cf:b5: 6b:dd:be:39:20:3e:c7:11:4f:0d:81:7b:81:72:de: 7c:d9:89:f0:0d:e5:19:5b:fc:35:5a:8a:6c:8a:cb: 2c:be:bb:50:b6:2b:45:59:da:59:03:3a:59:ad:fb: 7b:2a:17:e3:ed:16:65:41:3a:c5:77:60:82:f0:ea: c6:eb:5f:96:78:69:de:24:e4:f1:0c:9b:a6:fd:51: fe:62:b2:66:b6:6a:03:f1:a8:8f:e1:aa:37:84:3a: 5b:57:99:4f:28:f1:86:d4:50:67:04:96:26:b9:8d: 93:9a:e8:e9:11:bc:ea:8d:62:03:86:6f:c6:59:e0: ba:fb:06:07:64:fd:78:b5:76:15:b9:6e:f4:3b:3d: 1b:8d:a9:a5:60:75:7f:8c:44:14:cf:14:85:c9:79: e4:40:1d:6b:6b:e9:e0:fe:35:5e:99:25:bd:c6:70: 17:6c:7c:35:2e:f1:4f:3e:b6:9c:d8:b1:22:45:e0: d3:8b:1d:72:e2:12:5d:36:da:5d:8a:1f:1c:2e:08: d0:4a:e6:33:37:5c:cc:7a:9e:0d:fa:c9:58:a5:a7: 84:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:18:BE:A7:AF:63:F4:F6:A4:32:71:06:36:56:38:1C:1E:56:D6:1D X509v3 Authority Key Identifier: keyid:0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:93:e5:ae:e9:d8:28:46:47:d1:9e:09:8a:80:26:c5:d0:b4: 94:fd:81:d3:d6:62:f9:fe:b8:0d:14:92:e0:cd:8e:50:16:18: 03:eb:6f:79:ac:09:b3:e3:53:2b:9c:3e:b9:a1:14:a2:5c:37: 64:39:a5:01:e8:86:ec:be:92:f4:8e:32:89:41:f4:51:1d:52: 2c:a8:34:55:f2:2f:e1:1c:fb:3c:90:74:4f:ef:32:bf:7a:2b: 8e:a8:7f:9a:7b:ba:5d:e0:1a:a3:e7:c9:51:a8:ba:76:05:11: 22:70:62:6d:67:e0:91:1c:1d:69:2b:bb:9d:ef:23:57:d9:22: a2:ca:b0:30:69:fb:1d:a6:4a:8d:7c:0d:9b:18:56:e6:ba:a8: 34:3d:e1:90:e4:05:35:a5:bd:50:3c:20:58:60:63:d3:f4:9a: 4a:d3:23:33:0d:0e:88:88:03:c2:26:08:16:d7:48:e6:48:16: 40:8c:e3:9d:93:58:00:64:6b:d2:38:08:3b:40:56:95:16:9d: 26:33:13:e2:82:4a:dc:15:6d:d5:89:4d:82:42:a1:3a:d5:18: f9:c4:2c:07:cf:c2:27:f1:91:4c:d4:42:9d:91:45:f1:8f:9a: 3f:91:2a:c8:e3:47:1a:9a:30:31:11:a7:a3:a9:a4:db:93:2c: ba:0a:2b:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmLRCXuYawSoZFsn2+iwOTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhNzAyMDJjMzEyZGQyYzdhNmZmYzMxN2FhODZlNGUyMDY5 MjQ5YTYwHhcNMjUxMjE2MDgwMDQ2WhcNMjUxMjE3MDgwMDQ2WjAzMTEwLwYDVQQD EyhmYTE4YmVhN2FmNjNmNGY2YTQzMjcxMDYzNjU2MzgxYzFlNTZkNjFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0SU6QSJfpbl9vataLCiBMfH8rma yM51SQwkrMf1UncJ9ARyqUP/x5fRz7Vr3b45ID7HEU8NgXuBct582YnwDeUZW/w1 WopsisssvrtQtitFWdpZAzpZrft7Khfj7RZlQTrFd2CC8OrG61+WeGneJOTxDJum /VH+YrJmtmoD8aiP4ao3hDpbV5lPKPGG1FBnBJYmuY2TmujpEbzqjWIDhm/GWeC6 +wYHZP14tXYVuW70Oz0bjamlYHV/jEQUzxSFyXnkQB1ra+ng/jVemSW9xnAXbHw1 LvFPPrac2LEiReDTix1y4hJdNtpdih8cLgjQSuYzN1zMep4N+slYpaeEXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPoYvqevY/T2pDJxBjZWOBweVtYdMB8GA1UdIwQY MBaAFApwICwxLdLHpv/DF6qG5OIGkkmmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMt NjhjODQ5Mjc3ZDczLzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMtNjhjODQ5Mjc3ZDcz LzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj5PlrunY KEZH0Z4JioAmxdC0lP2B09Zi+f64DRSS4M2OUBYYA+tveawJs+NTK5w+uaEUolw3 ZDmlAeiG7L6S9I4yiUH0UR1SLKg0VfIv4Rz7PJB0T+8yv3orjqh/mnu6XeAao+fJ Uai6dgURInBibWfgkRwdaSu7ne8jV9kiosqwMGn7HaZKjXwNmxhW5rqoND3hkOQF NaW9UDwgWGBj0/SaStMjMw0OiIgDwiYIFtdI5kgWQIzjnZNYAGRr0jgIO0BWlRad JjMT4oJK3BVt1YlNgkKhOtUY+cQsB8/CJ/GRTNRCnZFF8Y+aP5EqyONHGpowMRGn o6mk25Msugorig== -----END CERTIFICATE-----Generated at Tue Dec 16 11:26:05 2025 by rpki-client