This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft File: CEIhaO2oQjBU2C6wGMOD4tvor98.mft (raw, json) Hash identifier: 9vVUlziGMbnOURSqLfkkqtuI2XSCWK8gNB5+NANZ7k8= Subject key identifier: 38:86:46:89:D1:67:22:E6:6F:9D:5F:A4:13:40:28:49:FA:3C:2A:14 Authority key identifier: 08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF Certificate issuer: /CN=08422168eda8423054d82eb018c383e2dbe8afdf Certificate serial: 019AF240063B77B900B73B7911588B5936AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft Manifest number: 148B Signing time: Sat 06 Dec 2025 06:01:13 +0000 Manifest this update: Sat 06 Dec 2025 06:01:13 +0000 Manifest next update: Sun 07 Dec 2025 06:01:13 +0000 Files and hashes: 1: CEIhaO2oQjBU2C6wGMOD4tvor98.crl (hash: Dmi+9ZBZKC5lwONs/7BApoz7SyIBL+oIaLKXY+qFS3I=) 2: ESQpVAiSLlfE8UMM75aY_vsPDNc.roa (hash: ubyXNF+odFgCxSHtSbasAdaDvs7x7Wh5p2HTa/QrZgQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:06:3b:77:b9:00:b7:3b:79:11:58:8b:59:36:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08422168eda8423054d82eb018c383e2dbe8afdf Validity Not Before: Dec 6 06:01:13 2025 GMT Not After : Dec 7 06:01:13 2025 GMT Subject: CN=38864689d16722e66f9d5fa413402849fa3c2a14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:58:e6:7b:e7:42:c6:aa:f1:c4:7f:03:f6:99: 49:61:88:10:d7:7a:d2:51:cf:a6:36:a6:24:12:0f: 66:bc:03:96:8c:f4:2c:60:2b:e1:f5:f6:42:3a:7a: 07:5b:7f:95:b6:72:e5:42:4c:ec:19:cb:41:3c:00: ae:10:d0:27:aa:06:0c:6b:88:1d:95:da:4f:07:4c: dc:68:10:53:2d:fe:15:b2:82:91:20:a5:ae:f9:30: b9:b9:84:b5:78:39:68:61:50:a8:c7:67:f9:7c:60: 98:be:fc:d5:39:c8:fd:90:8d:4c:0d:fa:07:83:37: 7a:3a:34:bb:e9:84:b6:c3:a6:13:19:94:63:8d:bb: eb:94:3a:15:c3:64:a1:f1:84:19:eb:8d:ce:85:6e: b4:ae:06:5e:af:fd:f4:b5:43:63:dc:f2:9c:f4:84: 98:42:22:60:1c:8d:62:4e:b5:59:a6:5d:d5:bf:6c: 43:bb:6f:f2:66:37:0a:1c:57:16:cf:09:50:dc:90: 47:3a:af:6a:77:44:88:41:5d:62:c4:4e:e7:5f:1d: e4:9e:bd:5d:5f:23:e8:7b:c6:4b:76:70:24:81:6e: 74:3a:d0:e8:c1:5f:2e:67:0d:cf:f4:ad:d9:c2:9a: e3:ce:76:9c:ba:24:9c:87:c5:93:da:05:6c:77:8d: bd:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:86:46:89:D1:67:22:E6:6F:9D:5F:A4:13:40:28:49:FA:3C:2A:14 X509v3 Authority Key Identifier: keyid:08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:ac:2e:b7:e2:b1:0c:86:e6:90:68:1f:06:48:59:e2:a3:69: 8e:9c:70:50:1d:9f:57:ad:76:30:fd:58:03:72:97:d5:bf:41: 6b:16:6a:67:ec:ac:88:07:96:d1:05:e4:e8:6a:1d:5b:5d:15: 36:9b:75:72:0f:51:4d:1f:17:d7:fa:54:a4:f2:b9:76:c2:99: e2:5a:ff:1c:bf:1c:0f:f5:3a:92:a2:8c:65:e4:99:1f:6b:35: e1:bd:55:c0:89:da:db:68:54:f7:54:96:5e:b7:aa:6f:c5:c4: 4d:3a:16:da:5b:21:15:24:e6:9a:24:c8:b5:37:50:f3:86:27: 1e:83:03:02:84:22:f3:a8:da:66:28:87:df:2a:fd:13:b7:6c: d9:70:e9:2a:16:ae:b2:82:54:bc:53:70:e1:63:c7:90:19:e1: e4:ab:37:71:24:c4:fe:e9:b2:77:79:80:8c:59:a1:34:9d:80: 1b:25:eb:7b:b6:e0:4d:49:c1:84:f3:9e:1f:e9:b9:80:ca:de: 6b:4c:5e:a2:fa:f9:ab:d7:00:75:18:b4:69:ed:08:dd:48:c7: 37:87:02:74:e0:50:7b:2e:e2:57:37:92:1d:34:c1:d3:9a:60: c4:26:b0:52:53:a2:91:c8:99:e3:13:03:4d:aa:ef:34:04:7b: 8b:04:4b:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQAY7d7kAtzt5EViLWTaqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NDIyMTY4ZWRhODQyMzA1NGQ4MmViMDE4YzM4M2UyZGJl OGFmZGYwHhcNMjUxMjA2MDYwMTEzWhcNMjUxMjA3MDYwMTEzWjAzMTEwLwYDVQQD EygzODg2NDY4OWQxNjcyMmU2NmY5ZDVmYTQxMzQwMjg0OWZhM2MyYTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqljme+dCxqrxxH8D9plJYYgQ13rS Uc+mNqYkEg9mvAOWjPQsYCvh9fZCOnoHW3+VtnLlQkzsGctBPACuENAnqgYMa4gd ldpPB0zcaBBTLf4VsoKRIKWu+TC5uYS1eDloYVCox2f5fGCYvvzVOcj9kI1MDfoH gzd6OjS76YS2w6YTGZRjjbvrlDoVw2Sh8YQZ643OhW60rgZer/30tUNj3PKc9ISY QiJgHI1iTrVZpl3Vv2xDu2/yZjcKHFcWzwlQ3JBHOq9qd0SIQV1ixE7nXx3knr1d XyPoe8ZLdnAkgW50OtDowV8uZw3P9K3ZwprjznacuiSch8WT2gVsd429UQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDiGRonRZyLmb51fpBNAKEn6PCoUMB8GA1UdIwQY MBaAFAhCIWjtqEIwVNgusBjDg+Lb6K/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEt NmUxOWY2NzlhNjIzLzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEtNmUxOWY2NzlhNjIz LzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVawut+Kx DIbmkGgfBkhZ4qNpjpxwUB2fV612MP1YA3KX1b9BaxZqZ+ysiAeW0QXk6GodW10V Npt1cg9RTR8X1/pUpPK5dsKZ4lr/HL8cD/U6kqKMZeSZH2s14b1VwIna22hU91SW Xreqb8XETToW2lshFSTmmiTItTdQ84YnHoMDAoQi86jaZiiH3yr9E7ds2XDpKhau soJUvFNw4WPHkBnh5Ks3cSTE/umyd3mAjFmhNJ2AGyXre7bgTUnBhPOeH+m5gMre a0xeovr5q9cAdRi0ae0I3UjHN4cCdOBQey7iVzeSHTTB05pgxCawUlOikciZ4xMD TarvNAR7iwRLNg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:33:24 2025 by rpki-client