This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft File: RKqBMTnAax3PG_6DMrm4Aas-swI.mft (raw, json) Hash identifier: eP+uR1VnEr8ggtSfwPshSrUyYB0MaGNIbOIQKc1jpEw= Subject key identifier: E1:44:C1:3C:34:32:EC:58:F4:94:6F:2F:41:4F:DC:FE:2A:5C:8E:BE Authority key identifier: 44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02 Certificate issuer: /CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302 Certificate serial: 019AF23F9593D8E4EBB53E73ED4DB8C6B37D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft Manifest number: 0779 Signing time: Sat 06 Dec 2025 06:00:44 +0000 Manifest this update: Sat 06 Dec 2025 06:00:44 +0000 Manifest next update: Sun 07 Dec 2025 06:00:44 +0000 Files and hashes: 1: RKqBMTnAax3PG_6DMrm4Aas-swI.crl (hash: 0xNwzkUg/EfwixLWTFdHoQ/PPP32jVhCLRC430gc1mo=) 2: dulLD0ENjA9tfgPr9DrSQJxWn5k.roa (hash: ecAhh1+SnR4Xv8G0G+2S5KTuId8TsIACx8G94ng9hIA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.crl rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:95:93:d8:e4:eb:b5:3e:73:ed:4d:b8:c6:b3:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302 Validity Not Before: Dec 6 06:00:44 2025 GMT Not After : Dec 7 06:00:44 2025 GMT Subject: CN=e144c13c3432ec58f4946f2f414fdcfe2a5c8ebe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f4:24:92:da:11:2f:ec:fc:7f:29:b3:23:22: 3b:22:bb:17:b9:03:0b:e2:f5:9e:dc:31:9d:66:20: 40:6b:c0:36:57:20:db:67:2e:7b:73:9e:f0:a7:31: c4:f9:7a:29:1a:9d:8a:af:ca:eb:7e:51:86:be:68: d0:8b:db:44:ff:19:f9:cd:7a:d3:0a:d5:d5:ca:ba: 18:a1:56:73:be:83:f4:76:65:a5:9b:f6:16:56:39: d6:7c:8f:4e:fe:93:ab:60:82:a8:03:c8:07:2d:e2: 66:fd:2e:06:11:d6:dc:d8:1d:8c:40:56:20:00:1f: 15:28:48:e4:16:b6:93:20:f1:a0:01:25:33:6a:0f: 77:fd:a6:ff:2a:c2:d9:76:4a:74:d3:91:ef:8f:d3: 96:1a:4e:ec:8d:12:0f:1c:85:e8:46:47:24:eb:ab: 5b:f0:fa:53:31:e7:21:95:e2:7e:e2:e8:8a:15:ac: 53:4f:a0:cb:25:d8:27:96:75:e8:bc:f5:87:fd:fa: 25:d5:ed:2f:68:e3:59:a2:09:5b:52:d9:42:b8:8a: 88:a8:e8:75:75:ed:29:48:19:a4:23:09:35:23:3c: d1:18:1f:ec:4b:e8:d4:e9:02:d9:ea:f3:43:97:d2: b2:bc:ca:22:95:ea:16:68:d3:6b:76:f5:e4:4c:62: 55:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:44:C1:3C:34:32:EC:58:F4:94:6F:2F:41:4F:DC:FE:2A:5C:8E:BE X509v3 Authority Key Identifier: keyid:44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:89:ad:b7:65:d2:7c:08:18:b4:aa:aa:e3:5a:b3:88:95:8b: 27:c3:ed:1a:84:5c:02:af:80:e7:1f:ec:74:aa:60:ed:79:af: 78:af:62:51:31:4a:8e:46:25:a9:13:45:ec:01:b3:79:ee:36: 2e:df:32:85:6c:fe:55:40:46:f7:34:4e:d9:68:a3:df:9b:0f: 6f:72:68:eb:44:03:c5:cb:9f:1a:16:77:07:2e:4f:a0:08:9f: b0:3c:be:f5:0e:cc:c1:21:91:4a:77:56:06:5c:12:f0:d8:1d: 9c:88:08:6a:d9:6b:53:cc:11:9f:77:45:64:82:f6:e6:98:91: e8:d5:6a:ef:8a:ee:79:54:92:a7:d5:3d:0e:a0:5e:3f:9e:8c: c0:21:e7:76:af:48:d6:f5:ba:49:4c:93:09:c8:c9:a3:e6:e5: 01:80:fd:56:c3:a3:1a:2f:8d:bb:28:7f:0b:bb:96:f4:b0:f6: 13:70:ab:a7:43:5b:f0:5a:df:41:63:63:55:94:5e:27:6a:3f: 5a:67:85:65:32:b9:36:1c:74:ce:3f:5a:e2:f7:02:c4:4b:54: a3:5b:12:0e:b2:96:18:fa:04:c1:e0:c8:eb:64:40:48:2c:c1: cb:97:05:75:e7:93:e8:44:f0:2c:9e:2c:8b:be:d1:8d:e8:b5: 43:6d:52:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP5WT2OTrtT5z7U24xrN9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0YWE4MTMxMzljMDZiMWRjZjFiZmU4MzMyYjliODAxYWIz ZWIzMDIwHhcNMjUxMjA2MDYwMDQ0WhcNMjUxMjA3MDYwMDQ0WjAzMTEwLwYDVQQD EyhlMTQ0YzEzYzM0MzJlYzU4ZjQ5NDZmMmY0MTRmZGNmZTJhNWM4ZWJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPQkktoRL+z8fymzIyI7IrsXuQML 4vWe3DGdZiBAa8A2VyDbZy57c57wpzHE+XopGp2Kr8rrflGGvmjQi9tE/xn5zXrT CtXVyroYoVZzvoP0dmWlm/YWVjnWfI9O/pOrYIKoA8gHLeJm/S4GEdbc2B2MQFYg AB8VKEjkFraTIPGgASUzag93/ab/KsLZdkp005Hvj9OWGk7sjRIPHIXoRkck66tb 8PpTMechleJ+4uiKFaxTT6DLJdgnlnXovPWH/fol1e0vaONZoglbUtlCuIqIqOh1 de0pSBmkIwk1IzzRGB/sS+jU6QLZ6vNDl9KyvMoileoWaNNrdvXkTGJVJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOFEwTw0MuxY9JRvL0FP3P4qXI6+MB8GA1UdIwQY MBaAFESqgTE5wGsdzxv+gzK5uAGrPrMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUt NDFkZDdmM2VhN2E0LzEvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUtNDFkZDdmM2VhN2E0 LzEvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaImtt2XS fAgYtKqq41qziJWLJ8PtGoRcAq+A5x/sdKpg7XmveK9iUTFKjkYlqRNF7AGzee42 Lt8yhWz+VUBG9zRO2Wij35sPb3Jo60QDxcufGhZ3By5PoAifsDy+9Q7MwSGRSndW BlwS8NgdnIgIatlrU8wRn3dFZIL25piR6NVq74rueVSSp9U9DqBeP56MwCHndq9I 1vW6SUyTCcjJo+blAYD9VsOjGi+Nuyh/C7uW9LD2E3Crp0Nb8FrfQWNjVZReJ2o/ WmeFZTK5Nhx0zj9a4vcCxEtUo1sSDrKWGPoEweDI62RASCzBy5cFdeeT6ETwLJ4s i77Rjei1Q21Suw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:29 2025 by rpki-client