This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft File: 00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft (raw, json) Hash identifier: SRxNDMKLzYxixKB6UkQOlXOLeoLiI62BkpxkBnKapbM= Subject key identifier: D5:6F:B3:AC:E1:E1:65:D7:9B:AD:A5:32:E7:B0:69:1A:A4:9E:7F:9F Authority key identifier: D3:46:E5:D4:62:91:F6:BC:53:B9:65:86:50:51:BA:39:97:49:EB:2D Certificate issuer: /CN=d346e5d46291f6bc53b965865051ba399749eb2d Certificate serial: 019B446E73BF20476303E9727C7DB431AB0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00bl1GKR9rxTuWWGUFG6OZdJ6y0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft Manifest number: 0334 Signing time: Mon 22 Dec 2025 05:00:47 +0000 Manifest this update: Mon 22 Dec 2025 05:00:47 +0000 Manifest next update: Tue 23 Dec 2025 05:00:47 +0000 Files and hashes: 1: 00bl1GKR9rxTuWWGUFG6OZdJ6y0.crl (hash: jYjl0fK/gNL/s16ge/F9NJh2j/9hGhQxOIUVrPHxQgM=) 2: gYQl8tX6UzR3RDmi_Q8x7-FjoRo.roa (hash: Ql10T2YHVZxrbMNqGA2K5KVTFR5OZbWrykLTc4F+v5A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft rsync://rpki.ripe.net/repository/DEFAULT/00bl1GKR9rxTuWWGUFG6OZdJ6y0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:6e:73:bf:20:47:63:03:e9:72:7c:7d:b4:31:ab:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d346e5d46291f6bc53b965865051ba399749eb2d Validity Not Before: Dec 22 05:00:47 2025 GMT Not After : Dec 23 05:00:47 2025 GMT Subject: CN=d56fb3ace1e165d79bada532e7b0691aa49e7f9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:37:9c:c2:df:73:bb:aa:57:a0:5c:25:30:fb: 58:f4:cf:f5:06:98:31:29:92:f6:b8:da:5f:bb:b0: 17:53:56:9f:35:7c:e1:68:6c:c6:d8:05:36:b4:89: 2d:f3:06:ee:3f:d6:92:65:c4:21:5f:f5:7c:51:c2: 3f:b3:75:64:fc:57:25:d8:1b:9c:36:c9:dd:b6:4b: 25:dd:e7:d7:c0:04:d8:5d:09:c2:0d:48:a6:11:db: ed:0e:4a:75:90:ad:f7:7d:7d:1f:a2:39:12:bc:b8: dc:99:4b:c1:af:01:63:12:c5:12:d8:d8:fb:25:80: 1b:5e:1c:cb:09:a1:e4:f2:ff:54:d4:ad:81:66:95: e3:87:a4:01:f8:01:bf:a0:07:83:51:51:e3:57:53: 0e:e9:81:b6:e0:05:db:02:87:13:a1:02:cc:a0:ad: fe:f4:91:e6:e4:55:7e:bc:f9:07:cd:ee:a3:2a:34: 74:8c:24:c6:36:63:bf:4d:0d:fc:44:47:72:61:df: f3:6a:22:11:e6:60:6d:1b:ee:7c:8c:22:a2:bf:e3: 04:6c:2c:f6:8b:af:dc:7f:cc:cd:92:74:85:29:16: ca:1f:11:8c:7f:90:5a:d1:78:54:32:08:cd:b1:19: 3f:be:26:a4:bf:15:b2:b3:80:59:7b:0d:2f:d1:26: b4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:6F:B3:AC:E1:E1:65:D7:9B:AD:A5:32:E7:B0:69:1A:A4:9E:7F:9F X509v3 Authority Key Identifier: keyid:D3:46:E5:D4:62:91:F6:BC:53:B9:65:86:50:51:BA:39:97:49:EB:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00bl1GKR9rxTuWWGUFG6OZdJ6y0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/7c8e9c-ec48-4a90-86e5-3e943f97ff31/1/00bl1GKR9rxTuWWGUFG6OZdJ6y0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:a5:a5:bd:88:b0:73:86:9d:90:dc:6e:af:35:d5:89:b9:62: 94:92:3f:0c:a1:56:c8:3a:eb:c3:25:a8:d1:84:2f:67:f2:91: ae:f9:28:c0:4f:f1:b1:df:fb:21:7e:e8:c4:11:63:27:6f:d6: 9d:02:1c:70:8f:2f:3a:b6:f8:d1:c4:08:3e:fd:97:cd:5f:8c: b1:1b:55:35:90:1c:78:50:3e:20:ef:b5:44:8b:14:ad:c3:ae: 58:0b:df:91:63:4f:24:2b:bc:ac:8d:bf:81:72:9d:73:e2:a7: 60:6a:48:16:5b:9d:0f:58:82:d4:06:3d:16:7f:6e:4c:77:77: c8:24:9b:b1:27:96:a7:ad:a1:d7:f2:1e:3f:94:43:d5:55:5a: e7:c9:97:c8:f8:fd:09:9a:02:3f:8f:ba:29:bf:2b:24:e9:1a: 68:90:75:c4:5f:74:14:e3:99:89:26:5c:9f:cd:24:93:dc:ab: 00:98:ea:b4:3d:e4:8d:aa:45:c1:58:b2:80:be:48:e6:af:40: 82:35:3a:96:fc:57:37:11:b4:14:6e:79:ba:3a:a8:22:67:10: 38:19:b3:76:83:f3:a6:b2:ff:c6:91:c3:94:20:bd:84:c6:70: bd:18:56:c9:91:c7:b8:65:32:ce:a1:8e:6e:68:4b:df:4b:4d: 7c:49:b2:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEbnO/IEdjA+lyfH20MasOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNDZlNWQ0NjI5MWY2YmM1M2I5NjU4NjUwNTFiYTM5OTc0 OWViMmQwHhcNMjUxMjIyMDUwMDQ3WhcNMjUxMjIzMDUwMDQ3WjAzMTEwLwYDVQQD EyhkNTZmYjNhY2UxZTE2NWQ3OWJhZGE1MzJlN2IwNjkxYWE0OWU3ZjlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTecwt9zu6pXoFwlMPtY9M/1Bpgx KZL2uNpfu7AXU1afNXzhaGzG2AU2tIkt8wbuP9aSZcQhX/V8UcI/s3Vk/Fcl2Buc Nsndtksl3efXwATYXQnCDUimEdvtDkp1kK33fX0fojkSvLjcmUvBrwFjEsUS2Nj7 JYAbXhzLCaHk8v9U1K2BZpXjh6QB+AG/oAeDUVHjV1MO6YG24AXbAocToQLMoK3+ 9JHm5FV+vPkHze6jKjR0jCTGNmO/TQ38REdyYd/zaiIR5mBtG+58jCKiv+MEbCz2 i6/cf8zNknSFKRbKHxGMf5Ba0XhUMgjNsRk/viakvxWys4BZew0v0Sa00wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNVvs6zh4WXXm62lMuewaRqknn+fMB8GA1UdIwQY MBaAFNNG5dRikfa8U7llhlBRujmXSestMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDBibDFHS1I5cnhUdVdXR1VGRzZPWmRKNnkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC83YzhlOWMtZWM0OC00YTkwLTg2ZTUt M2U5NDNmOTdmZjMxLzEvMDBibDFHS1I5cnhUdVdXR1VGRzZPWmRKNnkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC83YzhlOWMtZWM0OC00YTkwLTg2ZTUtM2U5NDNmOTdmZjMx LzEvMDBibDFHS1I5cnhUdVdXR1VGRzZPWmRKNnkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6WlvYiw c4adkNxurzXViblilJI/DKFWyDrrwyWo0YQvZ/KRrvkowE/xsd/7IX7oxBFjJ2/W nQIccI8vOrb40cQIPv2XzV+MsRtVNZAceFA+IO+1RIsUrcOuWAvfkWNPJCu8rI2/ gXKdc+KnYGpIFludD1iC1AY9Fn9uTHd3yCSbsSeWp62h1/IeP5RD1VVa58mXyPj9 CZoCP4+6Kb8rJOkaaJB1xF90FOOZiSZcn80kk9yrAJjqtD3kjapFwViygL5I5q9A gjU6lvxXNxG0FG55ujqoImcQOBmzdoPzprL/xpHDlCC9hMZwvRhWyZHHuGUyzqGO bmhL30tNfEmyoA== -----END CERTIFICATE-----Generated at Mon Dec 22 08:25:58 2025 by rpki-client