This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft File: 9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft (raw, json) Hash identifier: mKJ1hUmj0TKGoEKijzq2frF4lybDG4kD2g4t9iRyf9c= Subject key identifier: 5B:2A:58:5F:1B:0E:8D:F6:64:4C:90:95:48:4E:08:B3:6E:1D:DB:66 Authority key identifier: F4:FA:75:8E:E1:D3:2A:1C:BD:94:64:6F:AF:43:6D:7B:8D:80:9E:A4 Certificate issuer: /CN=f4fa758ee1d32a1cbd94646faf436d7b8d809ea4 Certificate serial: 019AF38989CD4FF01BFD7A7D18889F6576C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Pp1juHTKhy9lGRvr0Nte42AnqQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft Manifest number: 030D Signing time: Sat 06 Dec 2025 12:01:08 +0000 Manifest this update: Sat 06 Dec 2025 12:01:08 +0000 Manifest next update: Sun 07 Dec 2025 12:01:08 +0000 Files and hashes: 1: 9Pp1juHTKhy9lGRvr0Nte42AnqQ.crl (hash: qbv0GH6/IsIWgs1QU2HndbtiEKZldxFJfSyNQqZvGDI=) 2: PPSqCB6yaGdvCZ-tsYoPWq8l0VU.roa (hash: LL8gW3Q1TN3/WR1DSBlXf67Lrrr8/Z0DptcYdMs1Ro4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft rsync://rpki.ripe.net/repository/DEFAULT/9Pp1juHTKhy9lGRvr0Nte42AnqQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:89:cd:4f:f0:1b:fd:7a:7d:18:88:9f:65:76:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f4fa758ee1d32a1cbd94646faf436d7b8d809ea4 Validity Not Before: Dec 6 12:01:08 2025 GMT Not After : Dec 7 12:01:08 2025 GMT Subject: CN=5b2a585f1b0e8df6644c9095484e08b36e1ddb66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:cf:e9:36:96:51:df:d5:6a:35:5c:d0:6c:fc: 22:ad:49:d7:68:3d:8a:50:f4:ee:7a:e6:e3:54:5b: fe:ad:78:e8:7c:3c:ee:6c:54:4f:4e:7d:14:a9:e6: 27:86:d7:8c:cd:0e:06:6d:05:84:0c:62:ba:c3:ea: 9c:37:b7:f2:6f:d9:60:a2:c6:7f:9c:4d:cd:d0:4b: c7:50:ef:e8:21:c7:8a:0b:c7:84:5c:94:e0:ba:25: 5a:a4:cd:bb:c2:60:2d:0d:70:91:d5:60:4b:cc:d9: 2b:c6:39:a2:84:9f:56:95:de:54:cb:8f:5a:f2:58: c0:89:93:48:39:51:94:0e:e9:06:c1:d3:86:72:4e: ad:4a:db:c1:03:fe:a1:b4:ab:ff:ac:e6:24:a8:a8: d5:2f:70:8e:67:00:dc:00:f6:0a:c5:b8:ec:5a:ae: c8:47:0c:8c:0a:a0:b7:20:bc:1a:5b:e8:55:ef:4d: ae:8e:9c:86:ed:95:c0:9e:32:15:4f:48:c7:7e:96: f8:52:20:c7:5b:8a:fb:46:3d:e4:23:34:63:84:9e: c7:78:b1:d6:0b:27:6e:a5:c1:ad:e8:39:b8:d9:e5: 55:3a:fb:7e:fc:19:ba:bf:1c:12:b2:2f:f0:86:5a: 5d:aa:46:65:f3:7d:32:a5:20:c6:cf:45:0d:5b:68: 5b:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:2A:58:5F:1B:0E:8D:F6:64:4C:90:95:48:4E:08:B3:6E:1D:DB:66 X509v3 Authority Key Identifier: keyid:F4:FA:75:8E:E1:D3:2A:1C:BD:94:64:6F:AF:43:6D:7B:8D:80:9E:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Pp1juHTKhy9lGRvr0Nte42AnqQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:a8:fc:d0:15:7a:81:d2:dc:6e:f4:28:89:ab:6a:e3:01:65: 05:c5:b5:df:ea:46:cc:34:43:d3:99:2f:49:34:3f:9c:fb:fa: 08:72:cc:ac:57:43:40:21:05:4c:61:93:e8:53:36:8a:c6:0c: 3c:ec:5e:93:92:b6:fd:40:f0:d6:a5:49:34:a6:8e:23:6d:de: d9:be:73:da:ee:96:33:16:46:ae:f4:ec:55:31:ad:18:d1:00: 67:4e:ff:b4:1d:b4:49:fb:27:ef:51:2d:34:4f:f8:2e:8f:ea: 79:38:0c:f4:17:8a:4a:f1:25:4f:83:ff:81:ab:9e:59:c4:88: e0:75:56:be:5f:22:e9:54:66:17:4a:a0:b9:22:88:dc:13:cd: 23:3f:9d:00:19:b8:f9:6c:91:f8:fb:95:2d:f2:1c:c8:78:62: 1f:87:cd:d4:11:01:3e:d3:ed:f2:9b:e5:59:dd:d9:ba:4f:db: 60:d4:33:3a:a3:ed:26:ef:2f:77:54:ac:63:27:0b:0a:fc:1a: bd:90:bf:36:c2:4f:92:af:5b:34:ad:06:60:e5:3c:0a:03:74: 75:d3:11:16:03:59:87:56:68:4a:cf:27:b6:45:3f:d8:f5:1e: 2c:07:5b:c4:8a:4b:4e:92:de:41:14:56:c2:3a:0c:e1:00:d4: 96:2a:13:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziYnNT/Ab/Xp9GIifZXbBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY0ZmE3NThlZTFkMzJhMWNiZDk0NjQ2ZmFmNDM2ZDdiOGQ4 MDllYTQwHhcNMjUxMjA2MTIwMTA4WhcNMjUxMjA3MTIwMTA4WjAzMTEwLwYDVQQD Eyg1YjJhNTg1ZjFiMGU4ZGY2NjQ0YzkwOTU0ODRlMDhiMzZlMWRkYjY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78/pNpZR39VqNVzQbPwirUnXaD2K UPTueubjVFv+rXjofDzubFRPTn0UqeYnhteMzQ4GbQWEDGK6w+qcN7fyb9lgosZ/ nE3N0EvHUO/oIceKC8eEXJTguiVapM27wmAtDXCR1WBLzNkrxjmihJ9Wld5Uy49a 8ljAiZNIOVGUDukGwdOGck6tStvBA/6htKv/rOYkqKjVL3COZwDcAPYKxbjsWq7I RwyMCqC3ILwaW+hV702ujpyG7ZXAnjIVT0jHfpb4UiDHW4r7Rj3kIzRjhJ7HeLHW CydupcGt6Dm42eVVOvt+/Bm6vxwSsi/whlpdqkZl830ypSDGz0UNW2hbxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFsqWF8bDo32ZEyQlUhOCLNuHdtmMB8GA1UdIwQY MBaAFPT6dY7h0yocvZRkb69DbXuNgJ6kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVBwMWp1SFRLaHk5bEdSdnIwTnRlNDJBbnFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9iZjBjMjYtMjI3Ny00MDUwLWFjNDkt ZTc5ZjhkYjMxM2JmLzEvOVBwMWp1SFRLaHk5bEdSdnIwTnRlNDJBbnFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS9iZjBjMjYtMjI3Ny00MDUwLWFjNDktZTc5ZjhkYjMxM2Jm LzEvOVBwMWp1SFRLaHk5bEdSdnIwTnRlNDJBbnFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqj80BV6 gdLcbvQoiatq4wFlBcW13+pGzDRD05kvSTQ/nPv6CHLMrFdDQCEFTGGT6FM2isYM POxek5K2/UDw1qVJNKaOI23e2b5z2u6WMxZGrvTsVTGtGNEAZ07/tB20Sfsn71Et NE/4Lo/qeTgM9BeKSvElT4P/gaueWcSI4HVWvl8i6VRmF0qguSKI3BPNIz+dABm4 +WyR+PuVLfIcyHhiH4fN1BEBPtPt8pvlWd3Zuk/bYNQzOqPtJu8vd1SsYycLCvwa vZC/NsJPkq9bNK0GYOU8CgN0ddMRFgNZh1ZoSs8ntkU/2PUeLAdbxIpLTpLeQRRW wjoM4QDUlioTNA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:08:28 2025 by rpki-client