This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft File: pol1o9gy4UUny7or4QujwebGOFY.mft (raw, json) Hash identifier: r7qd1UTuwJGWeLN5SnvwgEWXzpPwCh9T9L9HwJy9QHw= Subject key identifier: D9:3E:63:6C:8D:97:99:43:59:55:34:07:2E:CC:25:2E:FA:3C:4C:1C Authority key identifier: A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56 Certificate issuer: /CN=a68975a3d832e14527cbba2be10ba3c1e6c63856 Certificate serial: 019B255244C1549B9FF7C77A620F522E7C7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft Manifest number: 0750 Signing time: Tue 16 Dec 2025 04:01:46 +0000 Manifest this update: Tue 16 Dec 2025 04:01:46 +0000 Manifest next update: Wed 17 Dec 2025 04:01:46 +0000 Files and hashes: 1: pol1o9gy4UUny7or4QujwebGOFY.crl (hash: qNsjHkcr9ZmioBlaJJShoF8PjMvchnvvLdBZYCdk/Vs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:52:44:c1:54:9b:9f:f7:c7:7a:62:0f:52:2e:7c:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a68975a3d832e14527cbba2be10ba3c1e6c63856 Validity Not Before: Dec 16 04:01:46 2025 GMT Not After : Dec 17 04:01:46 2025 GMT Subject: CN=d93e636c8d979943595534072ecc252efa3c4c1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3e:99:4b:fd:23:c6:19:c7:11:a6:42:58:2f: 1a:7b:d0:d9:82:df:1b:e1:f5:36:2c:9a:d9:7c:1e: 4b:e5:f9:d1:3c:46:5f:37:6c:03:85:af:c9:b0:c9: d1:9b:eb:25:f2:03:5d:47:5f:e9:69:65:97:6f:98: 66:3b:69:f5:8c:76:01:aa:c2:49:8b:88:7c:04:b0: ae:58:97:90:79:28:63:c7:e3:99:ae:f4:c4:1c:f5: cd:cb:59:86:99:f9:07:a7:fc:39:4c:f4:f7:9d:c2: 35:36:2b:c6:0b:67:77:38:64:a4:b3:a6:33:34:09: cb:4e:62:dd:3e:03:de:f8:36:74:70:0a:36:43:8a: 92:39:a2:a2:a2:b1:19:b5:50:d1:30:2c:83:cc:2a: e3:4d:1f:4c:40:38:b5:07:1d:eb:59:c6:9f:e8:c6: e8:c2:96:e8:31:be:d2:52:44:90:1b:2e:66:14:2c: 13:78:1b:4c:cd:e0:f5:0d:bd:27:6a:cb:ff:44:e5: 81:36:25:40:9b:a9:87:de:53:ee:d4:6d:d9:4b:38: 12:ff:1f:d3:d0:27:71:8d:f0:2d:ac:98:0a:3c:57: 21:d1:88:4c:32:ed:54:00:26:53:ca:9a:43:c1:47: 09:bd:23:c7:39:c8:71:6f:af:fd:9b:6c:0e:90:4d: e1:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:3E:63:6C:8D:97:99:43:59:55:34:07:2E:CC:25:2E:FA:3C:4C:1C X509v3 Authority Key Identifier: keyid:A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:44:1a:c3:29:57:d4:71:13:2e:3a:1e:9d:a4:52:e3:75:25: f2:0b:0a:5f:99:fa:56:1f:00:87:33:5e:3a:5f:ff:75:83:59: 1c:71:c5:92:cd:f7:94:8d:63:7e:15:a8:2e:4e:87:13:b0:06: 56:25:51:94:5b:20:9f:17:fc:89:77:53:60:b6:46:0d:07:21: 3f:a3:ee:7e:75:67:6d:d9:73:89:cc:c1:a9:7c:b6:1a:6c:fc: 95:ff:87:c2:dc:f8:d1:98:33:5b:27:f8:a7:ba:91:e5:e7:27: 38:06:f1:b2:27:74:5b:23:a7:2a:ae:dc:99:67:3e:9c:c0:9e: 74:81:8d:b3:f4:97:5c:32:63:6b:27:03:3c:c1:ff:44:08:53: 54:42:5a:02:59:f1:5e:e2:8e:3f:a0:87:a1:29:6d:55:3e:40: e0:08:f6:5d:5e:9e:f8:f9:6d:9e:d4:f2:9e:39:14:70:25:ca: ad:7c:4d:17:60:55:5b:1c:f0:3b:e7:15:d6:05:71:dc:35:9b: 69:9e:19:0d:03:fb:6a:b2:0d:67:e9:b7:42:b4:eb:c2:8d:61: ed:37:8c:95:cb:9b:59:11:23:04:8b:60:f1:51:ef:37:90:33: 8e:6a:b9:97:3d:b8:fa:31:6e:40:11:95:e9:b8:71:d4:7f:7c: 28:2f:e9:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZslUkTBVJuf98d6Yg9SLnx/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2ODk3NWEzZDgzMmUxNDUyN2NiYmEyYmUxMGJhM2MxZTZj NjM4NTYwHhcNMjUxMjE2MDQwMTQ2WhcNMjUxMjE3MDQwMTQ2WjAzMTEwLwYDVQQD EyhkOTNlNjM2YzhkOTc5OTQzNTk1NTM0MDcyZWNjMjUyZWZhM2M0YzFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz6ZS/0jxhnHEaZCWC8ae9DZgt8b 4fU2LJrZfB5L5fnRPEZfN2wDha/JsMnRm+sl8gNdR1/paWWXb5hmO2n1jHYBqsJJ i4h8BLCuWJeQeShjx+OZrvTEHPXNy1mGmfkHp/w5TPT3ncI1NivGC2d3OGSks6Yz NAnLTmLdPgPe+DZ0cAo2Q4qSOaKiorEZtVDRMCyDzCrjTR9MQDi1Bx3rWcaf6Mbo wpboMb7SUkSQGy5mFCwTeBtMzeD1Db0nasv/ROWBNiVAm6mH3lPu1G3ZSzgS/x/T 0CdxjfAtrJgKPFch0YhMMu1UACZTyppDwUcJvSPHOchxb6/9m2wOkE3hkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNk+Y2yNl5lDWVU0By7MJS76PEwcMB8GA1UdIwQY MBaAFKaJdaPYMuFFJ8u6K+ELo8HmxjhWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUt MTMxNmFkODA1ZTY0LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUtMTMxNmFkODA1ZTY0 LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUQawylX 1HETLjoenaRS43Ul8gsKX5n6Vh8AhzNeOl//dYNZHHHFks33lI1jfhWoLk6HE7AG ViVRlFsgnxf8iXdTYLZGDQchP6PufnVnbdlziczBqXy2Gmz8lf+Hwtz40ZgzWyf4 p7qR5ecnOAbxsid0WyOnKq7cmWc+nMCedIGNs/SXXDJjaycDPMH/RAhTVEJaAlnx XuKOP6CHoSltVT5A4Aj2XV6e+PltntTynjkUcCXKrXxNF2BVWxzwO+cV1gVx3DWb aZ4ZDQP7arINZ+m3QrTrwo1h7TeMlcubWREjBItg8VHvN5Azjmq5lz24+jFuQBGV 6bhx1H98KC/pjA== -----END CERTIFICATE-----Generated at Tue Dec 16 06:43:56 2025 by rpki-client