This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft File: RDTtvhtBAbKKviMvK88qAUiXglo.mft (raw, json) Hash identifier: 9cksS+5aLg8jJpGf6fTMsJSyrRjP4YMGn3zOXflu0yA= Subject key identifier: 5F:8E:23:D5:F7:C3:97:81:EB:C9:F1:0B:A0:8B:88:C4:72:53:DE:DD Authority key identifier: 44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A Certificate issuer: /CN=4434edbe1b4101b28abe232f2bcf2a014897825a Certificate serial: 019AF164238AC3CC6C2BA96DD49E1F2B4CC7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft Manifest number: 114C Signing time: Sat 06 Dec 2025 02:01:02 +0000 Manifest this update: Sat 06 Dec 2025 02:01:02 +0000 Manifest next update: Sun 07 Dec 2025 02:01:02 +0000 Files and hashes: 1: MBnjR0q6eR7PujQYuvXc6EY3kbo.roa (hash: HNqzyjDd+TtlMN5tniTDAwjj1tssNX0++6C4Wyg438o=) 2: RDTtvhtBAbKKviMvK88qAUiXglo.crl (hash: LeVliOcsldkbqpZkXdif2m5KbPhx2wfNl1jFNrC8m2I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:23:8a:c3:cc:6c:2b:a9:6d:d4:9e:1f:2b:4c:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4434edbe1b4101b28abe232f2bcf2a014897825a Validity Not Before: Dec 6 02:01:02 2025 GMT Not After : Dec 7 02:01:02 2025 GMT Subject: CN=5f8e23d5f7c39781ebc9f10ba08b88c47253dedd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:14:38:68:f8:14:1e:50:8f:e6:b0:00:cb:ce: 90:30:43:16:57:c7:39:4a:e8:37:43:2d:e1:74:77: 5b:5e:3c:91:25:3f:8c:96:7b:67:fe:bb:da:34:c5: 27:6f:3f:bc:fc:fe:3e:31:27:c6:4f:8f:5a:28:ea: 9d:49:b8:05:9c:6a:75:8c:dd:f3:e3:6c:9f:1d:b4: 42:73:a9:3f:9a:e8:c2:1f:1c:77:33:d6:7a:3b:c1: f3:14:b1:52:85:58:8e:d6:f7:5b:6c:d4:b3:e7:4a: 21:01:b3:4a:03:d0:aa:39:6d:ab:bd:8f:0a:3c:7c: af:44:40:55:d7:8c:9d:d8:ab:46:fd:a8:cc:a9:9f: 18:cc:e4:9c:4a:fe:b4:ed:0f:50:ec:89:bb:18:e1: 53:a9:0a:15:2f:98:34:3a:82:7a:0c:68:08:09:92: d6:fd:2a:48:e1:95:55:01:2c:ca:bd:a5:7a:6b:50: 69:a5:ae:a8:64:64:f4:d0:d2:bb:4d:01:d0:8e:e0: 49:13:00:61:30:8b:1d:94:16:a3:fd:0c:50:6c:aa: 89:1b:79:58:77:f7:f5:5d:29:d5:3f:cc:f1:4e:b9: da:de:50:5a:a3:74:d1:81:4a:ba:c7:82:72:9a:4b: b7:3b:57:cd:de:7f:7c:57:09:2b:26:bf:80:32:91: 91:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:8E:23:D5:F7:C3:97:81:EB:C9:F1:0B:A0:8B:88:C4:72:53:DE:DD X509v3 Authority Key Identifier: keyid:44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:8c:d9:c4:59:0e:83:cd:7a:40:82:99:a6:1f:78:bb:f9:2b: d8:41:14:ad:60:77:07:fd:b2:4d:e6:6a:de:19:b5:01:b8:5f: ad:b0:d7:c9:e7:5a:ec:3b:0d:e2:73:ae:83:ad:86:8c:23:45: 3a:a6:ce:1d:a8:08:b6:36:d9:3d:78:0d:54:de:b9:46:41:86: bd:4a:0d:f3:51:5e:af:9b:f6:7f:6a:4c:5d:c7:7c:01:73:52: a2:94:08:f1:53:ce:ae:96:e0:25:c1:7c:7c:af:49:75:ed:ca: 7b:6c:73:31:2c:ee:d3:d7:b3:ec:c2:97:4b:e5:78:2c:68:68: 71:df:90:b7:87:9b:19:c1:32:29:dc:91:28:fd:35:95:f5:f8: c1:9e:57:2c:0b:b2:4c:44:2d:af:59:9b:18:5c:d5:85:09:a1: 6f:a5:4d:6c:56:57:39:6c:61:76:1a:a1:ba:fb:0a:9b:cb:ee: f5:54:4a:7b:d4:c6:73:2e:7d:a0:7b:e8:76:2c:5c:15:6b:78: 93:ec:ac:e9:df:1d:fe:67:dc:db:b4:2d:c8:d3:46:9c:89:1a: 2a:d5:6b:42:92:c2:1c:6a:f3:21:b8:70:6f:49:9f:18:0d:8d: 51:5a:54:37:c8:00:7c:91:8e:82:7f:85:f7:cd:79:93:da:9e: 45:26:ea:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZCOKw8xsK6lt1J4fK0zHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0MzRlZGJlMWI0MTAxYjI4YWJlMjMyZjJiY2YyYTAxNDg5 NzgyNWEwHhcNMjUxMjA2MDIwMTAyWhcNMjUxMjA3MDIwMTAyWjAzMTEwLwYDVQQD Eyg1ZjhlMjNkNWY3YzM5NzgxZWJjOWYxMGJhMDhiODhjNDcyNTNkZWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBQ4aPgUHlCP5rAAy86QMEMWV8c5 Sug3Qy3hdHdbXjyRJT+Mlntn/rvaNMUnbz+8/P4+MSfGT49aKOqdSbgFnGp1jN3z 42yfHbRCc6k/mujCHxx3M9Z6O8HzFLFShViO1vdbbNSz50ohAbNKA9CqOW2rvY8K PHyvREBV14yd2KtG/ajMqZ8YzOScSv607Q9Q7Im7GOFTqQoVL5g0OoJ6DGgICZLW /SpI4ZVVASzKvaV6a1Bppa6oZGT00NK7TQHQjuBJEwBhMIsdlBaj/QxQbKqJG3lY d/f1XSnVP8zxTrna3lBao3TRgUq6x4Jymku3O1fN3n98VwkrJr+AMpGRmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF+OI9X3w5eB68nxC6CLiMRyU97dMB8GA1UdIwQY MBaAFEQ07b4bQQGyir4jLyvPKgFIl4JaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDkt MTBjYWY1NDk4NmZmLzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDktMTBjYWY1NDk4NmZm LzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACozZxFkO g816QIKZph94u/kr2EEUrWB3B/2yTeZq3hm1AbhfrbDXyeda7DsN4nOug62GjCNF OqbOHagItjbZPXgNVN65RkGGvUoN81Fer5v2f2pMXcd8AXNSopQI8VPOrpbgJcF8 fK9Jde3Ke2xzMSzu09ez7MKXS+V4LGhocd+Qt4ebGcEyKdyRKP01lfX4wZ5XLAuy TEQtr1mbGFzVhQmhb6VNbFZXOWxhdhqhuvsKm8vu9VRKe9TGcy59oHvodixcFWt4 k+ys6d8d/mfc27QtyNNGnIkaKtVrQpLCHGrzIbhwb0mfGA2NUVpUN8gAfJGOgn+F 9815k9qeRSbqjQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:57:58 2025 by rpki-client