This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft File: 0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json) Hash identifier: S0S18mWtyHpyfO3fxD2HI+1Nxd388E0nrQqKmLESILE= Subject key identifier: 54:0A:6D:24:0C:A2:49:A0:98:05:D8:74:19:1D:0A:4D:15:90:65:0F Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32 Certificate issuer: /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632 Certificate serial: 019B4B1534BE6637803FC9054FE8AF17F936 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft Manifest number: 07BC Signing time: Tue 23 Dec 2025 12:00:39 +0000 Manifest this update: Tue 23 Dec 2025 12:00:39 +0000 Manifest next update: Wed 24 Dec 2025 12:00:39 +0000 Files and hashes: 1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: kK0NeGmBGFoB/qH3oIkZ1xhD30Cwmj357WUFFIRdlQ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 12:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:15:34:be:66:37:80:3f:c9:05:4f:e8:af:17:f9:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632 Validity Not Before: Dec 23 12:00:39 2025 GMT Not After : Dec 24 12:00:39 2025 GMT Subject: CN=540a6d240ca249a09805d874191d0a4d1590650f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:de:43:39:cb:08:16:52:77:e5:11:af:06:0c: 82:07:7d:86:19:10:53:a4:11:31:11:85:b4:46:dd: 34:7f:0d:52:ac:69:8b:f6:40:d9:a0:f8:04:dd:52: 59:31:7f:6e:f7:d3:71:c0:08:db:90:64:36:a9:1f: 81:a4:3d:43:fc:20:6e:b4:8e:dc:2e:27:ef:e9:3c: 3d:4a:2d:2b:78:b7:8a:af:98:42:34:ec:a8:f0:63: 0b:bf:b8:00:b4:64:9d:a5:31:84:32:27:97:88:01: 07:4f:c9:68:9f:5a:ba:78:b6:52:3a:14:86:32:ac: 22:cb:ec:97:f6:d6:53:aa:a2:94:05:6e:35:9a:1d: 3b:0e:4b:68:65:6f:36:b3:91:bf:6e:fa:45:00:45: 30:77:7a:cb:e2:c4:47:25:0e:66:da:a9:c1:7a:ce: 67:2f:22:f2:db:d2:ff:be:c5:fa:e9:ee:62:d9:7d: 64:02:24:47:e7:ad:19:77:41:84:c7:98:38:c9:03: 9e:a5:98:b9:a8:bc:0c:4e:32:ec:56:93:ba:cf:2d: f1:f1:b1:43:4c:30:1d:d0:d8:40:b9:3a:61:9b:d2: ca:4d:58:6b:b6:81:82:e0:da:fd:77:2d:d5:ba:9c: 6b:e5:84:c2:c6:02:63:50:b3:d4:6d:e4:c4:54:3c: 12:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:0A:6D:24:0C:A2:49:A0:98:05:D8:74:19:1D:0A:4D:15:90:65:0F X509v3 Authority Key Identifier: keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:24:fe:f1:e3:38:a0:14:3f:04:f2:6f:37:19:38:3a:99:df: d8:af:a5:0e:b7:09:f0:ad:9a:42:0d:85:73:88:99:a3:8a:38: c4:9e:f4:f8:c1:3c:67:6b:fa:74:ee:20:f4:23:24:e9:82:09: 4d:69:5e:cd:7c:fe:0d:81:5c:96:0f:67:9c:8d:4e:2f:1d:4a: 03:cb:51:59:1d:00:69:4d:99:16:00:17:1c:d9:1c:5a:d0:41: 56:53:b6:71:c0:5f:04:e0:96:29:cc:ac:ae:7a:a3:d2:09:67: 34:fe:23:15:b7:73:98:8d:04:7f:87:a8:ef:e7:0f:2a:9f:61: 63:90:43:0e:ef:b8:70:74:6b:84:d4:c9:c6:45:d3:7d:fd:29: 44:07:08:d1:7f:ff:a5:dc:94:26:7f:fd:0a:3c:f3:50:dd:ac: 99:39:06:a5:50:64:64:c6:54:59:ca:b3:f2:4f:63:f7:eb:27: 0d:87:8d:b4:5d:ef:89:9e:49:9a:41:c6:c2:83:42:e6:c4:fa: 7e:08:6c:5a:1c:57:13:7e:cb:1c:96:ca:7f:bd:6e:05:ab:30: 2f:b9:38:50:f5:6e:34:fe:28:3f:c6:b7:f0:6d:12:8d:75:c1: 5a:e4:c2:4d:c9:e1:1d:21:5c:ce:25:b3:b3:f9:9a:6a:66:9a: 61:8c:f4:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLFTS+ZjeAP8kFT+ivF/k2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm YWM2MzIwHhcNMjUxMjIzMTIwMDM5WhcNMjUxMjI0MTIwMDM5WjAzMTEwLwYDVQQD Eyg1NDBhNmQyNDBjYTI0OWEwOTgwNWQ4NzQxOTFkMGE0ZDE1OTA2NTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd5DOcsIFlJ35RGvBgyCB32GGRBT pBExEYW0Rt00fw1SrGmL9kDZoPgE3VJZMX9u99NxwAjbkGQ2qR+BpD1D/CButI7c Lifv6Tw9Si0reLeKr5hCNOyo8GMLv7gAtGSdpTGEMieXiAEHT8lon1q6eLZSOhSG Mqwiy+yX9tZTqqKUBW41mh07DktoZW82s5G/bvpFAEUwd3rL4sRHJQ5m2qnBes5n LyLy29L/vsX66e5i2X1kAiRH560Zd0GEx5g4yQOepZi5qLwMTjLsVpO6zy3x8bFD TDAd0NhAuTphm9LKTVhrtoGC4Nr9dy3Vupxr5YTCxgJjULPUbeTEVDwScQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFQKbSQMokmgmAXYdBkdCk0VkGUPMB8GA1UdIwQY MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5 LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfiT+8eM4 oBQ/BPJvNxk4Opnf2K+lDrcJ8K2aQg2Fc4iZo4o4xJ70+ME8Z2v6dO4g9CMk6YIJ TWlezXz+DYFclg9nnI1OLx1KA8tRWR0AaU2ZFgAXHNkcWtBBVlO2ccBfBOCWKcys rnqj0glnNP4jFbdzmI0Ef4eo7+cPKp9hY5BDDu+4cHRrhNTJxkXTff0pRAcI0X// pdyUJn/9CjzzUN2smTkGpVBkZMZUWcqz8k9j9+snDYeNtF3viZ5JmkHGwoNC5sT6 fghsWhxXE37LHJbKf71uBaswL7k4UPVuNP4oP8a38G0SjXXBWuTCTcnhHSFcziWz s/maamaaYYz0lw== -----END CERTIFICATE-----Generated at Tue Dec 23 18:00:21 2025 by rpki-client