This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft File: 0IpNevM5v1JVcjk3VdHPszzdta0.mft (raw, json) Hash identifier: lfItLxTZkLE3GD81blEXmBFfOWoj31c4kEi/BCuE/DU= Subject key identifier: 9F:AD:05:33:1E:69:75:91:A2:0D:E2:5F:BD:AC:5A:67:39:A9:F1:D6 Authority key identifier: D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD Certificate issuer: /CN=d08a4d7af339bf525572393755d1cfb33cddb5ad Certificate serial: 019B1B0472464BE8F466C392A369C3A885FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft Manifest number: 1773 Signing time: Sun 14 Dec 2025 04:00:34 +0000 Manifest this update: Sun 14 Dec 2025 04:00:34 +0000 Manifest next update: Mon 15 Dec 2025 04:00:34 +0000 Files and hashes: 1: 0IpNevM5v1JVcjk3VdHPszzdta0.crl (hash: sUDjUuIh30R6go5VX+0ejAnwjloD7SQaZCDgvpzg6es=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:04:72:46:4b:e8:f4:66:c3:92:a3:69:c3:a8:85:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d08a4d7af339bf525572393755d1cfb33cddb5ad Validity Not Before: Dec 14 04:00:34 2025 GMT Not After : Dec 15 04:00:34 2025 GMT Subject: CN=9fad05331e697591a20de25fbdac5a6739a9f1d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:bc:db:15:62:7b:36:29:0a:05:21:3a:3a:36: ee:a5:a3:92:74:d3:f6:ee:e4:23:9e:31:b3:27:59: 87:4b:c8:83:d2:1c:7f:5b:7c:79:04:80:ab:7f:94: a3:5b:b9:c8:be:c9:ff:e3:91:b2:90:0e:a1:94:51: 8b:44:b4:95:dc:a8:04:72:57:82:21:27:ab:e8:c7: f3:5d:ed:63:f5:e0:ba:db:f0:40:f7:94:f9:bd:09: ed:a6:9e:12:4a:e3:2c:f6:0e:3e:36:25:9a:4b:db: 0e:7c:3a:75:06:27:77:b3:30:dd:35:89:1f:55:fb: 24:37:58:a6:46:46:73:66:6b:a9:eb:09:3d:58:f8: d8:21:95:b0:fd:ba:8a:2f:3f:c2:bf:36:41:dd:ca: 60:eb:d3:1e:63:b0:cb:29:32:35:74:ce:a8:95:f5: ce:ef:4c:a8:50:5d:ad:ad:e2:9b:c5:2b:1e:6e:68: 95:ba:56:eb:9f:f7:01:67:11:cc:f2:43:1e:5a:9e: 5b:b0:4d:61:08:3a:aa:08:e5:aa:40:fe:8c:93:6f: 71:3d:4e:ef:6f:04:29:91:78:59:ed:91:ee:c9:53: 35:f2:9d:f6:5a:95:d9:04:2c:1c:0d:de:c6:e9:38: ad:7e:87:79:26:7e:f2:10:96:ed:05:88:8c:5b:df: 44:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:AD:05:33:1E:69:75:91:A2:0D:E2:5F:BD:AC:5A:67:39:A9:F1:D6 X509v3 Authority Key Identifier: keyid:D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:d1:a3:d4:f5:9b:f0:75:0d:36:ad:40:ac:f6:c8:79:50:14: df:52:63:50:41:fa:d1:c2:69:3c:24:39:76:37:c6:2a:a2:1e: 78:d9:d1:c2:fe:3c:3c:7a:2d:24:22:df:10:24:19:3d:c9:4f: 58:d4:63:7b:24:e4:26:b4:33:8e:2d:da:80:a7:67:bd:2e:29: 26:4a:95:29:1a:1b:2c:1f:5b:6c:eb:c0:af:72:d6:3b:1b:2a: ac:d4:6b:c0:26:62:bd:25:cc:cd:f1:79:51:5b:c8:b2:d6:eb: a0:68:52:c3:dc:54:70:5e:94:b2:e3:ae:91:a3:de:bb:91:fe: 81:a2:68:b9:7e:99:76:b7:2c:15:ac:25:e3:8c:59:94:77:7f: a1:d0:6c:e6:ec:9e:7e:4b:27:8e:47:21:81:78:8c:8a:d0:57: ac:8a:9b:ac:00:97:b6:a2:8e:09:e8:de:d3:ca:90:af:11:65: 43:33:0c:54:14:26:28:98:55:1f:87:e1:5f:27:cf:0c:59:19: 26:fc:22:6f:ff:13:6c:64:35:68:02:86:34:dd:64:4e:7d:91: 58:26:2a:21:ab:77:29:3a:3f:72:cd:c7:df:ea:39:60:97:54: 2c:fa:41:48:9f:df:a9:c7:73:23:77:5f:bf:4a:2d:88:09:14: e9:56:e8:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbBHJGS+j0ZsOSo2nDqIX/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwOGE0ZDdhZjMzOWJmNTI1NTcyMzkzNzU1ZDFjZmIzM2Nk ZGI1YWQwHhcNMjUxMjE0MDQwMDM0WhcNMjUxMjE1MDQwMDM0WjAzMTEwLwYDVQQD Eyg5ZmFkMDUzMzFlNjk3NTkxYTIwZGUyNWZiZGFjNWE2NzM5YTlmMWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97zbFWJ7NikKBSE6OjbupaOSdNP2 7uQjnjGzJ1mHS8iD0hx/W3x5BICrf5SjW7nIvsn/45GykA6hlFGLRLSV3KgEcleC ISer6MfzXe1j9eC62/BA95T5vQntpp4SSuMs9g4+NiWaS9sOfDp1Bid3szDdNYkf VfskN1imRkZzZmup6wk9WPjYIZWw/bqKLz/CvzZB3cpg69MeY7DLKTI1dM6olfXO 70yoUF2treKbxSsebmiVulbrn/cBZxHM8kMeWp5bsE1hCDqqCOWqQP6Mk29xPU7v bwQpkXhZ7ZHuyVM18p32WpXZBCwcDd7G6Titfod5Jn7yEJbtBYiMW99EDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ+tBTMeaXWRog3iX72sWmc5qfHWMB8GA1UdIwQY MBaAFNCKTXrzOb9SVXI5N1XRz7M83bWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMt ZDVhMWVhOWVkYjA4LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMtZDVhMWVhOWVkYjA4 LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtGj1PWb 8HUNNq1ArPbIeVAU31JjUEH60cJpPCQ5djfGKqIeeNnRwv48PHotJCLfECQZPclP WNRjeyTkJrQzji3agKdnvS4pJkqVKRobLB9bbOvAr3LWOxsqrNRrwCZivSXMzfF5 UVvIstbroGhSw9xUcF6UsuOukaPeu5H+gaJouX6ZdrcsFawl44xZlHd/odBs5uye fksnjkchgXiMitBXrIqbrACXtqKOCeje08qQrxFlQzMMVBQmKJhVH4fhXyfPDFkZ Jvwib/8TbGQ1aAKGNN1kTn2RWCYqIat3KTo/cs3H3+o5YJdULPpBSJ/fqcdzI3df v0otiAkU6VboPg== -----END CERTIFICATE-----Generated at Sun Dec 14 09:31:24 2025 by rpki-client