This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft File: cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft (raw, json) Hash identifier: 61eHWe2jHxUvquGzaFOM5litdeFTFN7yCFmbHt6K2KY= Subject key identifier: DF:9A:7F:06:FE:25:FF:8E:F0:1C:AB:60:1C:60:1D:77:2C:52:A5:AE Authority key identifier: 72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF Certificate issuer: /CN=72bd0e36e1c202304a35133b11666625e5d6e5ef Certificate serial: 019B5975BF50E7C0EDB5E0C1489ADCA647BD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft Manifest number: 0B38 Signing time: Fri 26 Dec 2025 07:00:47 +0000 Manifest this update: Fri 26 Dec 2025 07:00:47 +0000 Manifest next update: Sat 27 Dec 2025 07:00:47 +0000 Files and hashes: 1: YJ__Jpr1denKLIU4A4wwpaBEGuM.roa (hash: HQMvWJSgBySt+TDaIiCe+VSZte2lW30WZtz1IJWSvxM=) 2: cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl (hash: et8EHArvglecCllLvxIzvMc2qXrdO/cDGzjRrymb0Z0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:bf:50:e7:c0:ed:b5:e0:c1:48:9a:dc:a6:47:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72bd0e36e1c202304a35133b11666625e5d6e5ef Validity Not Before: Dec 26 07:00:47 2025 GMT Not After : Dec 27 07:00:47 2025 GMT Subject: CN=df9a7f06fe25ff8ef01cab601c601d772c52a5ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d4:ad:4f:ad:f1:77:c5:19:0a:d8:37:18:d7: 59:1b:e4:91:d5:c1:ef:37:f5:a0:42:82:62:3c:d4: 28:83:94:06:c4:14:7b:d1:0f:ad:ec:d6:fb:67:7e: 5c:89:f3:1f:36:79:25:ec:7a:6c:f9:1f:fa:8d:3f: 96:23:20:fe:bc:68:16:d3:34:de:e5:0d:83:63:78: 76:bd:62:07:af:f5:cd:82:b8:9a:05:98:b5:02:87: 1c:fa:c4:02:30:a5:95:a6:2a:25:6e:c6:86:ea:6a: a2:b2:94:3b:d5:d5:dd:65:99:23:e2:5f:28:1b:f9: 58:17:96:a8:49:7f:74:3f:05:4a:63:9d:5e:3b:7e: 27:f0:67:1b:d4:4a:30:f9:46:e2:18:76:d5:dd:b9: 3d:d7:5a:26:f5:6e:f3:3b:b4:e8:82:51:5c:00:39: f6:bf:30:d3:cf:8a:8e:f9:c4:5f:c8:b7:7d:39:ec: 97:20:29:7d:93:bd:66:55:3c:62:4a:85:df:1c:34: 57:66:b6:2b:ef:ca:07:d3:43:9c:a4:60:ad:80:df: ee:dd:97:72:79:b7:7c:5a:32:aa:fe:9a:9b:6c:42: c5:68:da:78:08:b6:38:5b:03:a1:30:71:53:b4:e7: 6c:b1:20:a5:2a:1a:a6:fa:bc:87:5b:a0:db:58:b3: df:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:9A:7F:06:FE:25:FF:8E:F0:1C:AB:60:1C:60:1D:77:2C:52:A5:AE X509v3 Authority Key Identifier: keyid:72:BD:0E:36:E1:C2:02:30:4A:35:13:3B:11:66:66:25:E5:D6:E5:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cr0ONuHCAjBKNRM7EWZmJeXW5e8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/52476d-a794-47d5-8f50-aeda824678d4/1/cr0ONuHCAjBKNRM7EWZmJeXW5e8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:20:ef:30:d4:b1:eb:7d:bf:cd:9e:80:18:24:e6:fb:52:70: 02:6b:3a:b2:f5:ae:37:fe:12:19:86:4e:e1:b5:e2:bb:2d:de: c7:d9:0d:65:79:49:da:8e:ba:96:9e:d4:b7:51:48:7b:21:e7: 74:1e:55:ce:b6:8a:0e:d7:bf:d0:d0:51:96:76:fa:50:aa:90: cb:06:fa:ed:34:fd:a1:81:76:99:82:31:bf:23:78:35:44:aa: 2b:5b:d7:1a:e5:b4:05:59:15:59:db:af:5e:88:15:80:b6:45: 38:ef:2d:7a:f1:a8:6a:b2:46:01:d5:fa:50:ae:e5:f1:7d:53: ea:2e:06:a4:26:e8:a4:02:2c:8d:21:30:dc:d4:02:45:8b:f9: 07:7f:4a:a5:5c:50:b4:65:17:42:bc:1e:c2:9e:b4:f4:03:23: 00:98:2b:42:1d:ed:8a:d9:16:c0:4f:9a:d9:39:e2:d6:68:24: dd:1a:7f:b3:85:12:b9:5d:df:83:79:e9:0e:b2:90:f2:84:9e: bd:11:e2:3c:f9:03:07:2d:c7:fb:e7:95:ca:b1:69:50:4f:2b: f8:c4:cb:1a:e9:2f:ce:c6:8a:4e:9c:cf:91:04:81:55:37:38: 03:d1:21:0c:2d:e3:63:44:20:11:7c:ed:c3:10:6e:3e:3b:48: 28:67:59:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdb9Q58DtteDBSJrcpke9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYmQwZTM2ZTFjMjAyMzA0YTM1MTMzYjExNjY2NjI1ZTVk NmU1ZWYwHhcNMjUxMjI2MDcwMDQ3WhcNMjUxMjI3MDcwMDQ3WjAzMTEwLwYDVQQD EyhkZjlhN2YwNmZlMjVmZjhlZjAxY2FiNjAxYzYwMWQ3NzJjNTJhNWFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztStT63xd8UZCtg3GNdZG+SR1cHv N/WgQoJiPNQog5QGxBR70Q+t7Nb7Z35cifMfNnkl7Hps+R/6jT+WIyD+vGgW0zTe 5Q2DY3h2vWIHr/XNgriaBZi1Aocc+sQCMKWVpiolbsaG6mqispQ71dXdZZkj4l8o G/lYF5aoSX90PwVKY51eO34n8Gcb1Eow+UbiGHbV3bk911om9W7zO7ToglFcADn2 vzDTz4qO+cRfyLd9OeyXICl9k71mVTxiSoXfHDRXZrYr78oH00OcpGCtgN/u3Zdy ebd8WjKq/pqbbELFaNp4CLY4WwOhMHFTtOdssSClKhqm+ryHW6DbWLPf+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN+afwb+Jf+O8ByrYBxgHXcsUqWuMB8GA1UdIwQY MBaAFHK9DjbhwgIwSjUTOxFmZiXl1uXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAt YWVkYTgyNDY3OGQ0LzEvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC81MjQ3NmQtYTc5NC00N2Q1LThmNTAtYWVkYTgyNDY3OGQ0 LzEvY3IwT051SENBakJLTlJNN0VXWm1KZVhXNWU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOSDvMNSx 632/zZ6AGCTm+1JwAms6svWuN/4SGYZO4bXiuy3ex9kNZXlJ2o66lp7Ut1FIeyHn dB5VzraKDte/0NBRlnb6UKqQywb67TT9oYF2mYIxvyN4NUSqK1vXGuW0BVkVWduv XogVgLZFOO8tevGoarJGAdX6UK7l8X1T6i4GpCbopAIsjSEw3NQCRYv5B39KpVxQ tGUXQrwewp609AMjAJgrQh3titkWwE+a2Tni1mgk3Rp/s4USuV3fg3npDrKQ8oSe vRHiPPkDBy3H++eVyrFpUE8r+MTLGukvzsaKTpzPkQSBVTc4A9EhDC3jY0QgEXzt wxBuPjtIKGdZDg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:35 2025 by rpki-client