This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft File: rKZqWTivVnqeKbT3bxFWB8K4qiA.mft (raw, json) Hash identifier: skP6KfM1nJfLwBOzTizvFRFrB2qB1Ox0eO0HlBvKGPA= Subject key identifier: F6:5B:76:7A:97:CF:C9:6F:BC:23:1B:18:17:AA:EC:6F:79:F2:F4:36 Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20 Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20 Certificate serial: 019AF276BA7F39934EBF7DE24F9A0ACF944B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft Manifest number: 17AA Signing time: Sat 06 Dec 2025 07:00:58 +0000 Manifest this update: Sat 06 Dec 2025 07:00:58 +0000 Manifest next update: Sun 07 Dec 2025 07:00:58 +0000 Files and hashes: 1: ImHRlfwmPN78P_Oh9gE4V3RQlNI.roa (hash: milMy3dSE5K3t0uErJqYwzKrh2KzlT2VgvjtrqJfAkI=) 2: NXi6BiEUeLmLx0EnK11CHUUboHU.roa (hash: S/TsUoCXZkfTfOOKvUTF8Zz4Fuiobz4qRMGvcIUvZaQ=) 3: UkCQdP3RrZAe6U2EZsGgmUYM6T4.roa (hash: v1eSSUjEmDBKjFNO3CwwmScWxLPiyY9bodIun8a3QK4=) 4: _BA7tm8EF_tbwBM_8Y5W_eHYfic.roa (hash: db4l1hxQOgB+o48kmvSgTfCUsHPyWt6jnE1LZ4z2tb8=) 5: gt3jbvK7kO8d_xTYIGYJD2cUiGE.roa (hash: 4UbuDpyze6Z3g+LOHqr6qp0gaoTqf6iKQVEolNVaZbk=) 6: rKZqWTivVnqeKbT3bxFWB8K4qiA.crl (hash: GOBVYdBOkRbZB3WJFzMsGLvrQzaKxi5uX0oIqO3bdGs=) 7: zaD-dp88t1vdyZK_258nhN4-HRE.roa (hash: 1ZtcUEcaTgE5bSHzBmJkaAjk5HYhgpCLfkDuM5vJsHA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:ba:7f:39:93:4e:bf:7d:e2:4f:9a:0a:cf:94:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20 Validity Not Before: Dec 6 07:00:58 2025 GMT Not After : Dec 7 07:00:58 2025 GMT Subject: CN=f65b767a97cfc96fbc231b1817aaec6f79f2f436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d0:ea:0d:9c:5a:37:57:78:e3:ed:52:53:c7: 86:e1:f2:f0:fb:e7:e8:2c:f0:ef:fe:47:a0:03:7c: e2:cf:54:4a:07:f7:5f:8b:de:db:35:96:b4:16:26: 75:e3:45:b9:27:37:0e:e7:d9:7c:46:8f:e4:eb:2f: 91:d7:d2:0d:0a:e0:8a:2a:95:97:6a:a6:b8:34:a0: 7a:82:1b:4b:32:fe:da:91:32:80:34:28:fc:61:96: 0b:5f:d5:21:7b:8a:cf:a6:9d:a8:2a:b2:ff:d6:3a: 30:cb:f5:e2:cd:34:74:b2:26:2d:cb:b0:9d:88:94: 38:5b:db:0a:78:c3:e8:51:98:54:91:77:0d:20:12: 31:02:6d:d3:1f:2e:62:9b:79:55:6e:5f:90:48:c7: f2:25:01:c4:4e:ca:bb:a0:7e:4f:fd:96:76:d7:0b: c1:f7:38:a6:25:8d:61:21:06:6d:d1:08:f7:7c:cc: f3:5e:15:69:f7:b1:a7:d9:c4:1d:c6:44:cd:0b:c1: 35:b3:60:a1:4a:3c:f5:25:12:6c:18:6e:df:5c:ff: c2:97:3c:af:49:f0:de:72:0d:52:bd:33:83:e1:9f: 14:0c:6b:df:9f:8e:d9:91:96:ef:ca:28:87:13:59: ea:98:7e:a6:a9:bf:38:3f:a8:f6:ae:2d:5e:90:b7: cc:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:5B:76:7A:97:CF:C9:6F:BC:23:1B:18:17:AA:EC:6F:79:F2:F4:36 X509v3 Authority Key Identifier: keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:ee:21:49:f9:93:e4:80:48:ba:85:a7:06:71:3c:c5:ac:52: 70:23:8f:ec:13:08:1d:56:01:7f:6d:da:30:5a:c3:31:28:a3: 7a:81:0c:9f:84:2c:66:4f:69:0c:59:5f:98:38:c4:11:e1:a0: 09:a0:ef:f7:e3:87:3f:48:7f:12:4f:df:4a:5c:35:3c:2e:db: 89:1f:c9:a2:dd:96:e3:ec:32:50:8a:33:98:0d:b9:ce:09:db: b8:98:2c:71:5c:1b:1b:b2:99:9f:59:b1:03:d3:ee:b7:d0:2b: 8d:5e:45:53:ba:ea:e6:03:ee:6e:95:73:41:92:6a:3c:ce:74: 15:0f:20:9b:1d:d5:69:d0:71:c5:99:31:59:d7:85:9a:1e:8b: 73:08:c4:8a:07:62:48:f5:2f:1c:7d:94:5d:0d:9f:c6:89:b7: b5:e4:ae:56:f8:87:34:73:07:94:aa:d0:66:e6:84:1d:7a:d3: 9c:6e:07:48:84:2d:9c:47:c9:60:e8:3a:9d:6c:f2:29:8e:4c: d3:c6:91:19:1f:9e:2c:e8:a5:c2:c7:52:29:7a:34:85:51:eb: 46:6d:a3:92:4a:18:27:77:b2:2a:d0:5b:2f:d3:c6:99:14:ea: 4e:d1:a7:bd:2f:f3:c2:08:0b:85:7d:eb:5d:a0:a2:ba:9f:ed: e4:a1:0f:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydrp/OZNOv33iT5oKz5RLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi OGFhMjAwHhcNMjUxMjA2MDcwMDU4WhcNMjUxMjA3MDcwMDU4WjAzMTEwLwYDVQQD EyhmNjViNzY3YTk3Y2ZjOTZmYmMyMzFiMTgxN2FhZWM2Zjc5ZjJmNDM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9DqDZxaN1d44+1SU8eG4fLw++fo LPDv/kegA3ziz1RKB/dfi97bNZa0FiZ140W5JzcO59l8Ro/k6y+R19INCuCKKpWX aqa4NKB6ghtLMv7akTKANCj8YZYLX9Uhe4rPpp2oKrL/1jowy/XizTR0siYty7Cd iJQ4W9sKeMPoUZhUkXcNIBIxAm3THy5im3lVbl+QSMfyJQHETsq7oH5P/ZZ21wvB 9zimJY1hIQZt0Qj3fMzzXhVp97Gn2cQdxkTNC8E1s2ChSjz1JRJsGG7fXP/Clzyv SfDecg1SvTOD4Z8UDGvfn47ZkZbvyiiHE1nqmH6mqb84P6j2ri1ekLfMVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPZbdnqXz8lvvCMbGBeq7G958vQ2MB8GA1UdIwQY MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt YjliNjU0MDJiOTI4LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4 LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGO4hSfmT 5IBIuoWnBnE8xaxScCOP7BMIHVYBf23aMFrDMSijeoEMn4QsZk9pDFlfmDjEEeGg CaDv9+OHP0h/Ek/fSlw1PC7biR/Jot2W4+wyUIozmA25zgnbuJgscVwbG7KZn1mx A9Put9ArjV5FU7rq5gPubpVzQZJqPM50FQ8gmx3VadBxxZkxWdeFmh6LcwjEigdi SPUvHH2UXQ2fxom3teSuVviHNHMHlKrQZuaEHXrTnG4HSIQtnEfJYOg6nWzyKY5M 08aRGR+eLOilwsdSKXo0hVHrRm2jkkoYJ3eyKtBbL9PGmRTqTtGnvS/zwggLhX3r XaCiup/t5KEPsA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:08 2025 by rpki-client