This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/41dd00-b57b-4638-a08b-6853c41ca03e/1/0tS9caQ9jN1GKmHu4NlHAMfmQl8.mft File: 0tS9caQ9jN1GKmHu4NlHAMfmQl8.mft (raw, json) Hash identifier: BO+ot6U6dTajSYcySz83FYQK+72wtJphYEGebbUMmRU= Subject key identifier: B2:CF:61:C1:24:E6:68:3B:65:08:BC:A3:E1:58:DA:A7:79:52:B9:7D Authority key identifier: D2:D4:BD:71:A4:3D:8C:DD:46:2A:61:EE:E0:D9:47:00:C7:E6:42:5F Certificate issuer: /CN=d2d4bd71a43d8cdd462a61eee0d94700c7e6425f Certificate serial: 019B59082A907746FE605F3ED0B88A69458B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tS9caQ9jN1GKmHu4NlHAMfmQl8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/41dd00-b57b-4638-a08b-6853c41ca03e/1/0tS9caQ9jN1GKmHu4NlHAMfmQl8.mft Manifest number: 0111 Signing time: Fri 26 Dec 2025 05:01:05 +0000 Manifest this update: Fri 26 Dec 2025 05:01:05 +0000 Manifest next update: Sat 27 Dec 2025 05:01:05 +0000 Files and hashes: 1: 0tS9caQ9jN1GKmHu4NlHAMfmQl8.crl (hash: se0e4IOJLzb99taAJ1Zl7pLKFI3sL5d2YkAVZYchjuQ=) 2: KKgMs-wElUJViKwmcf1fvk9lnVM.roa (hash: J4sRQGzBOdgtJ9HehK5V6sdntDrbSLepduIzznR8wJo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/41dd00-b57b-4638-a08b-6853c41ca03e/1/0tS9caQ9jN1GKmHu4NlHAMfmQl8.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/41dd00-b57b-4638-a08b-6853c41ca03e/1/0tS9caQ9jN1GKmHu4NlHAMfmQl8.mft rsync://rpki.ripe.net/repository/DEFAULT/0tS9caQ9jN1GKmHu4NlHAMfmQl8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:2a:90:77:46:fe:60:5f:3e:d0:b8:8a:69:45:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2d4bd71a43d8cdd462a61eee0d94700c7e6425f Validity Not Before: Dec 26 05:01:05 2025 GMT Not After : Dec 27 05:01:05 2025 GMT Subject: CN=b2cf61c124e6683b6508bca3e158daa77952b97d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:71:30:06:a4:1f:3b:b3:2d:71:c4:38:f8:1f: 8d:a8:ce:b1:b7:01:aa:dc:79:5e:04:fd:12:67:c4: 0c:b0:93:53:c6:fd:6b:69:37:4d:e4:7a:53:86:9f: f3:b5:1f:7a:92:5c:7d:f3:a6:c7:56:c1:c4:d2:2b: 21:59:e7:c2:7f:85:96:dc:0f:37:23:24:c2:fb:b2: f9:3f:26:7a:6b:66:26:21:92:ec:a9:b2:7e:f9:2a: fb:65:33:d5:14:6b:81:d5:65:4c:ff:b9:b9:49:13: ed:91:64:90:82:5e:58:67:e1:b8:ab:2a:d8:0e:c9: f1:de:27:d0:ca:5d:30:1b:c9:d5:8c:f4:ca:ca:8f: c4:b7:00:e9:76:ee:af:35:4f:b0:3f:92:9d:4a:b2: 95:9f:40:2f:72:5b:16:d8:9a:0c:1c:8c:ca:8a:aa: ab:4a:06:41:dd:33:78:00:f7:2c:86:3d:45:07:4c: da:ef:76:78:b0:48:94:17:ff:1c:21:67:00:31:71: 0d:49:d2:2d:06:ce:84:0c:cd:06:f1:a2:2f:72:53: 3d:bd:e4:15:4f:ae:6c:1a:85:28:1c:16:6d:1c:11: 24:f1:37:85:1e:0a:8e:61:45:e5:c0:df:e0:c5:59: 2a:33:60:3a:e3:ef:2d:73:91:66:ce:e9:98:91:a7: 03:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:CF:61:C1:24:E6:68:3B:65:08:BC:A3:E1:58:DA:A7:79:52:B9:7D X509v3 Authority Key Identifier: keyid:D2:D4:BD:71:A4:3D:8C:DD:46:2A:61:EE:E0:D9:47:00:C7:E6:42:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tS9caQ9jN1GKmHu4NlHAMfmQl8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/41dd00-b57b-4638-a08b-6853c41ca03e/1/0tS9caQ9jN1GKmHu4NlHAMfmQl8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/41dd00-b57b-4638-a08b-6853c41ca03e/1/0tS9caQ9jN1GKmHu4NlHAMfmQl8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:ce:f2:60:da:c9:6c:ae:6c:9a:9d:72:7a:0c:f2:a9:a1:f6: 5c:b7:82:f7:7d:1c:37:82:fa:91:b3:a5:d9:55:ae:38:2a:e5: c7:7c:26:87:1b:d1:3f:8f:f5:87:8f:25:2f:30:ee:a0:d1:b9: 18:4e:78:94:45:e8:f6:ba:f7:38:89:9f:cf:af:2b:b8:07:1b: 99:fa:49:03:1c:1b:69:7a:dc:6a:1d:9f:5c:70:2c:23:6e:c2: ef:a1:e8:fa:af:22:e0:03:96:59:11:40:11:b0:53:18:f5:e0: 0f:b1:93:c1:08:47:d9:92:ed:72:d3:54:1b:9c:37:0d:6c:f1: ae:fc:43:8d:0d:da:9c:db:74:c8:e9:0b:b5:5e:06:1b:8b:e2: 03:d9:79:35:11:33:fe:1f:a9:36:ce:11:46:d0:03:39:84:a8: 72:e3:e8:ac:a6:67:e8:4c:e1:d7:19:05:d4:4f:b8:3b:fb:ef: c0:3a:78:38:48:d3:35:11:19:8f:33:f6:2d:17:c1:42:63:bc: 6b:fe:37:d4:d2:da:20:fc:42:38:a7:d4:ce:88:d1:66:cf:2f: 08:8f:d7:be:d9:c3:fd:c2:8d:f8:68:b9:e1:98:97:42:6f:ea: de:42:b6:af:46:a5:73:bc:79:e1:51:9e:6f:4a:75:68:eb:4d: 6d:69:14:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCCqQd0b+YF8+0LiKaUWLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyZDRiZDcxYTQzZDhjZGQ0NjJhNjFlZWUwZDk0NzAwYzdl NjQyNWYwHhcNMjUxMjI2MDUwMTA1WhcNMjUxMjI3MDUwMTA1WjAzMTEwLwYDVQQD EyhiMmNmNjFjMTI0ZTY2ODNiNjUwOGJjYTNlMTU4ZGFhNzc5NTJiOTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXEwBqQfO7MtccQ4+B+NqM6xtwGq 3HleBP0SZ8QMsJNTxv1raTdN5HpThp/ztR96klx986bHVsHE0ishWefCf4WW3A83 IyTC+7L5PyZ6a2YmIZLsqbJ++Sr7ZTPVFGuB1WVM/7m5SRPtkWSQgl5YZ+G4qyrY Dsnx3ifQyl0wG8nVjPTKyo/EtwDpdu6vNU+wP5KdSrKVn0AvclsW2JoMHIzKiqqr SgZB3TN4APcshj1FB0za73Z4sEiUF/8cIWcAMXENSdItBs6EDM0G8aIvclM9veQV T65sGoUoHBZtHBEk8TeFHgqOYUXlwN/gxVkqM2A64+8tc5FmzumYkacDVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLLPYcEk5mg7ZQi8o+FY2qd5Url9MB8GA1UdIwQY MBaAFNLUvXGkPYzdRiph7uDZRwDH5kJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHRTOWNhUTlqTjFHS21IdTRObEhBTWZtUWw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MWRkMDAtYjU3Yi00NjM4LWEwOGIt Njg1M2M0MWNhMDNlLzEvMHRTOWNhUTlqTjFHS21IdTRObEhBTWZtUWw4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi80MWRkMDAtYjU3Yi00NjM4LWEwOGItNjg1M2M0MWNhMDNl LzEvMHRTOWNhUTlqTjFHS21IdTRObEhBTWZtUWw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvM7yYNrJ bK5smp1yegzyqaH2XLeC930cN4L6kbOl2VWuOCrlx3wmhxvRP4/1h48lLzDuoNG5 GE54lEXo9rr3OImfz68ruAcbmfpJAxwbaXrcah2fXHAsI27C76Ho+q8i4AOWWRFA EbBTGPXgD7GTwQhH2ZLtctNUG5w3DWzxrvxDjQ3anNt0yOkLtV4GG4viA9l5NREz /h+pNs4RRtADOYSocuPorKZn6Ezh1xkF1E+4O/vvwDp4OEjTNREZjzP2LRfBQmO8 a/431NLaIPxCOKfUzojRZs8vCI/XvtnD/cKN+Gi54ZiXQm/q3kK2r0alc7x54VGe b0p1aOtNbWkU+A== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:20 2025 by rpki-client