This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft File: 1onLcYkcbZS9nm8U8W5-N8LHKL8.mft (raw, json) Hash identifier: HP0kqtKuECXwbZdeMgcYYbkmRqRocqACOGKODRiLVgY= Subject key identifier: 99:1A:08:88:EE:E5:93:F4:0F:92:12:68:BD:A9:6A:D4:45:0E:94:12 Authority key identifier: D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF Certificate issuer: /CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf Certificate serial: 019ACEA16E9DB99A04C9C2DF3D69A4424061 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft Manifest number: 0504 Signing time: Sat 29 Nov 2025 08:01:17 +0000 Manifest this update: Sat 29 Nov 2025 08:01:17 +0000 Manifest next update: Sun 30 Nov 2025 08:01:17 +0000 Files and hashes: 1: 1onLcYkcbZS9nm8U8W5-N8LHKL8.crl (hash: d8RKY/EyiQ0Ks4a/WCOPkOHktyFwMLvhoyFnCraxUmo=) 2: kSER2798uaT4ZEQ3_Ywav1IgXDo.roa (hash: o89fQ/v3jr3XzrvC5mfE9JQZHOaC2hUzybiixeh55JI=) 3: yZlOT6r0_6wmgpAAvcSq6qfpXoA.roa (hash: CFuI4jvHDVJgJ7TNYXPE3aUuvYsSM/+AObIDbJtCPww=) 4: zl7tT8dRR7O1ZujdC0-GhGjBJAU.roa (hash: dZhp70Fm8wBLybFYAH8VTvH36PqVNE1zgwuzpEitFwQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 30 Nov 2025 08:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ce:a1:6e:9d:b9:9a:04:c9:c2:df:3d:69:a4:42:40:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf Validity Not Before: Nov 29 08:01:17 2025 GMT Not After : Nov 30 08:01:17 2025 GMT Subject: CN=991a0888eee593f40f921268bda96ad4450e9412 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:4b:c6:ce:b9:e0:60:3b:8e:e2:f4:c3:4c:3f: 0a:d1:8b:46:2a:48:bb:7c:1f:6d:21:f0:b3:ce:97: 53:b8:df:d2:1a:40:eb:de:e2:fb:5a:5d:d9:f4:fc: 1c:fc:c3:8c:0a:8c:26:8d:a2:8e:03:ea:78:86:c1: 9e:33:ac:22:ee:f4:e7:79:ce:9f:be:76:b1:16:60: 1b:0c:e8:3e:bf:33:1e:28:d5:8c:f1:de:70:47:84: 72:69:2f:4f:47:68:88:db:41:e5:26:d5:51:14:4c: 5e:c0:d9:c2:3a:05:5b:09:8d:23:1f:51:95:6b:8d: 76:fa:ec:16:0e:d4:60:e4:d1:04:12:20:49:ec:b8: 0b:bc:33:3e:9d:51:14:8d:36:71:d2:62:a6:03:65: 79:8e:a7:98:04:84:dc:20:38:52:84:76:93:9f:46: 44:1b:41:80:f6:91:d7:8e:e4:f3:e8:e9:33:d4:4d: 4d:b7:65:fd:36:dd:19:08:47:1c:88:66:b5:d2:f0: cc:2d:2f:26:32:1f:75:f2:49:26:90:65:59:7d:f0: 71:75:37:5d:aa:e2:fa:fa:e9:26:f9:c5:8d:b0:71: 19:79:c6:63:60:38:1f:2b:73:2c:d3:71:cd:d4:89: 06:d9:6e:76:1c:1c:5d:de:a0:35:60:e8:74:b4:70: 20:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:1A:08:88:EE:E5:93:F4:0F:92:12:68:BD:A9:6A:D4:45:0E:94:12 X509v3 Authority Key Identifier: keyid:D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:66:a0:ac:38:57:de:a3:f5:6f:dd:69:53:56:69:00:fa:c9: a5:b9:a2:7d:79:01:0d:55:ab:75:25:20:e8:38:0f:cb:b2:f6: 62:7c:8b:a3:99:8d:63:b3:3a:17:21:04:8d:f7:6f:57:b7:a4: a8:fc:0f:7f:8d:db:9f:bb:89:91:0a:90:34:29:1e:b6:34:a4: f7:da:db:0a:5f:87:2c:83:ff:8e:a5:16:6c:b1:6f:3f:59:69: af:15:77:95:2f:36:a8:a1:51:79:b9:5e:d3:e2:2c:6a:67:74: 5c:ac:43:8b:68:3d:27:cb:af:e1:5e:82:d6:f3:8b:68:2e:4f: d1:16:f9:17:4e:1d:55:5a:ff:25:20:ab:38:e1:6c:6c:dc:b3: ac:6e:13:70:c5:99:fd:f8:f1:4a:bb:04:64:ba:db:bc:3d:e4: cc:f8:dc:ac:b7:50:9f:95:e1:1f:51:ec:9f:b9:c4:c5:c5:53: d1:3d:15:68:fa:05:08:7c:31:e6:3a:1b:e4:c9:e1:2c:00:71: 2d:00:12:ee:56:02:60:30:5b:bc:01:4e:90:01:5d:ae:6c:60: 41:58:32:87:57:d1:82:4e:d6:b1:5c:40:2a:50:a0:b3:80:49: 7e:00:9e:f9:28:c1:5b:d8:68:a7:83:b9:b9:b7:1a:c7:21:71: 60:3a:a0:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrOoW6duZoEycLfPWmkQkBhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2ODljYjcxODkxYzZkOTRiZDllNmYxNGYxNmU3ZTM3YzJj NzI4YmYwHhcNMjUxMTI5MDgwMTE3WhcNMjUxMTMwMDgwMTE3WjAzMTEwLwYDVQQD Eyg5OTFhMDg4OGVlZTU5M2Y0MGY5MjEyNjhiZGE5NmFkNDQ1MGU5NDEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20vGzrngYDuO4vTDTD8K0YtGKki7 fB9tIfCzzpdTuN/SGkDr3uL7Wl3Z9Pwc/MOMCowmjaKOA+p4hsGeM6wi7vTnec6f vnaxFmAbDOg+vzMeKNWM8d5wR4RyaS9PR2iI20HlJtVRFExewNnCOgVbCY0jH1GV a412+uwWDtRg5NEEEiBJ7LgLvDM+nVEUjTZx0mKmA2V5jqeYBITcIDhShHaTn0ZE G0GA9pHXjuTz6Okz1E1Nt2X9Nt0ZCEcciGa10vDMLS8mMh918kkmkGVZffBxdTdd quL6+ukm+cWNsHEZecZjYDgfK3Ms03HN1IkG2W52HBxd3qA1YOh0tHAgTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJkaCIju5ZP0D5ISaL2patRFDpQSMB8GA1UdIwQY MBaAFNaJy3GJHG2UvZ5vFPFufjfCxyi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0Yjgt ODI0ZmZjNjk0MmY0LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0YjgtODI0ZmZjNjk0MmY0 LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGagrDhX 3qP1b91pU1ZpAPrJpbmifXkBDVWrdSUg6DgPy7L2YnyLo5mNY7M6FyEEjfdvV7ek qPwPf43bn7uJkQqQNCketjSk99rbCl+HLIP/jqUWbLFvP1lprxV3lS82qKFReble 0+Isamd0XKxDi2g9J8uv4V6C1vOLaC5P0Rb5F04dVVr/JSCrOOFsbNyzrG4TcMWZ /fjxSrsEZLrbvD3kzPjcrLdQn5XhH1Hsn7nExcVT0T0VaPoFCHwx5job5MnhLABx LQAS7lYCYDBbvAFOkAFdrmxgQVgyh1fRgk7WsVxAKlCgs4BJfgCe+SjBW9hop4O5 ubcaxyFxYDqgEw== -----END CERTIFICATE-----Generated at Sat Nov 29 14:09:23 2025 by rpki-client