This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft File: 6OcnETayGhWK70CdMOLGAB1bDak.mft (raw, json) Hash identifier: zCSvE1X3B1ywfiYU17WUoVa/OjuceA69s8qqFjZeXXc= Subject key identifier: CC:DB:B2:12:80:33:1F:CA:51:A0:86:94:DB:8D:BC:D7:6C:3B:4D:3B Authority key identifier: E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9 Certificate issuer: /CN=e8e7271136b21a158aef409d30e2c6001d5b0da9 Certificate serial: 019B285288AC1DD6F0F9807DF5D63B8F9621 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft Manifest number: 10D4 Signing time: Tue 16 Dec 2025 18:00:56 +0000 Manifest this update: Tue 16 Dec 2025 18:00:56 +0000 Manifest next update: Wed 17 Dec 2025 18:00:56 +0000 Files and hashes: 1: 6OcnETayGhWK70CdMOLGAB1bDak.crl (hash: NrLUJWa+Z4LlZP5RVYsVfuJM7stbKCPbcWGGSPpYqZU=) 2: dxgxd6-xP9JkwgZUnUwpf-WY-Kw.roa (hash: hqOsy5iRYOF259KVMk0QtmelCMMCDmkaOIHQ2ucYLWE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:28:52:88:ac:1d:d6:f0:f9:80:7d:f5:d6:3b:8f:96:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e8e7271136b21a158aef409d30e2c6001d5b0da9 Validity Not Before: Dec 16 18:00:56 2025 GMT Not After : Dec 17 18:00:56 2025 GMT Subject: CN=ccdbb21280331fca51a08694db8dbcd76c3b4d3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:cd:87:f4:fc:9a:a4:88:b8:21:9f:c6:17:6a: 1d:fb:34:89:f8:d8:98:51:60:bf:f5:f2:d2:b7:35: 55:91:f6:ad:7d:3f:0c:8a:0d:4a:86:b2:38:78:35: 3f:4f:4c:97:58:f6:5f:e6:73:39:b6:01:40:5f:5b: f7:16:0d:76:29:8f:47:65:1f:41:7e:65:fa:6e:0c: a7:04:f1:9a:96:f7:57:a8:f7:01:6f:99:84:fc:79: 95:08:2f:9d:50:f4:88:39:9e:4c:9e:08:30:96:21: d8:60:34:13:9f:fd:39:91:c3:9f:f3:08:33:90:d7: 59:9d:ac:e3:c8:ef:27:5a:4f:a7:05:a1:0a:2c:eb: 74:6d:4e:a0:ab:04:6f:61:d6:4c:46:06:9b:39:c6: fa:25:47:2d:21:b1:22:7a:88:d0:44:ea:34:7a:06: f0:dc:d0:4b:27:95:5a:5b:3a:70:33:c6:c9:3a:eb: eb:32:0f:aa:33:b2:ba:8c:9b:c4:7f:1a:68:6d:4d: a0:78:10:c4:15:52:ee:fc:22:65:c4:d3:35:2e:b7: a9:13:35:c4:4f:fe:9a:d8:c9:0a:a2:b9:16:3d:16: 45:57:be:fe:3a:8f:94:2e:a6:ee:54:8e:19:c1:8e: 15:1b:02:d3:2d:1c:c0:82:bc:a2:88:84:50:c6:e1: d6:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:DB:B2:12:80:33:1F:CA:51:A0:86:94:DB:8D:BC:D7:6C:3B:4D:3B X509v3 Authority Key Identifier: keyid:E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:e4:c8:d0:56:ed:a4:34:8e:82:9d:60:4e:f9:95:5c:4b:e8: 5f:8f:ec:a2:72:44:ba:9e:0f:69:cf:f2:ab:14:e6:0f:80:55: 49:5c:fc:2d:dc:fe:4e:81:e4:b5:71:8c:8c:41:f2:f2:91:ec: d2:1d:b1:da:89:cb:31:a7:55:f5:39:82:38:cc:00:a4:70:15: f4:3d:89:53:2a:10:39:82:77:6a:30:9a:c3:82:97:da:c8:df: 15:01:b7:10:e5:68:29:3e:f0:98:eb:1c:53:57:f7:31:0b:a2: 2d:19:26:86:98:95:66:19:16:77:13:59:b1:fa:cc:7f:25:9c: a9:de:43:4c:43:38:6b:d6:d8:1b:9e:43:cd:70:06:b7:d0:90: f0:44:1d:0e:b4:d9:fa:d9:e6:e3:e3:f3:39:25:7d:7e:5d:2a: 9f:80:71:1b:3c:4d:92:c9:4f:5b:e1:a0:a5:95:37:c8:c3:cc: 40:06:d1:4f:6b:16:f2:0f:ab:9e:18:36:cf:59:12:df:fe:d7: 09:11:84:8f:f3:3c:93:38:47:3c:a5:ac:de:66:e7:e7:44:3f: 67:fa:27:37:96:73:9c:90:81:8c:5d:9d:46:75:b6:0b:9a:e5: 17:8c:a3:86:b6:0e:5c:ad:92:28:48:42:35:82:08:98:d9:5d: 0a:75:8a:d8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsoUoisHdbw+YB99dY7j5YhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU4ZTcyNzExMzZiMjFhMTU4YWVmNDA5ZDMwZTJjNjAwMWQ1 YjBkYTkwHhcNMjUxMjE2MTgwMDU2WhcNMjUxMjE3MTgwMDU2WjAzMTEwLwYDVQQD EyhjY2RiYjIxMjgwMzMxZmNhNTFhMDg2OTRkYjhkYmNkNzZjM2I0ZDNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2s2H9PyapIi4IZ/GF2od+zSJ+NiY UWC/9fLStzVVkfatfT8Mig1KhrI4eDU/T0yXWPZf5nM5tgFAX1v3Fg12KY9HZR9B fmX6bgynBPGalvdXqPcBb5mE/HmVCC+dUPSIOZ5MnggwliHYYDQTn/05kcOf8wgz kNdZnazjyO8nWk+nBaEKLOt0bU6gqwRvYdZMRgabOcb6JUctIbEieojQROo0egbw 3NBLJ5VaWzpwM8bJOuvrMg+qM7K6jJvEfxpobU2geBDEFVLu/CJlxNM1LrepEzXE T/6a2MkKorkWPRZFV77+Oo+ULqbuVI4ZwY4VGwLTLRzAgryiiIRQxuHWUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMzbshKAMx/KUaCGlNuNvNdsO007MB8GA1UdIwQY MBaAFOjnJxE2shoViu9AnTDixgAdWw2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYt ODM1NmQyZDQyNzcxLzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYtODM1NmQyZDQyNzcx LzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmOTI0Fbt pDSOgp1gTvmVXEvoX4/sonJEup4Pac/yqxTmD4BVSVz8Ldz+ToHktXGMjEHy8pHs 0h2x2onLMadV9TmCOMwApHAV9D2JUyoQOYJ3ajCaw4KX2sjfFQG3EOVoKT7wmOsc U1f3MQuiLRkmhpiVZhkWdxNZsfrMfyWcqd5DTEM4a9bYG55DzXAGt9CQ8EQdDrTZ +tnm4+PzOSV9fl0qn4BxGzxNkslPW+GgpZU3yMPMQAbRT2sW8g+rnhg2z1kS3/7X CRGEj/M8kzhHPKWs3mbn50Q/Z/onN5ZznJCBjF2dRnW2C5rlF4yjhrYOXK2SKEhC NYIImNldCnWK2A== -----END CERTIFICATE-----Generated at Wed Dec 17 03:53:30 2025 by rpki-client