This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft File: 70AaUuP95plIbplnjb9Ih1Mpwz0.mft (raw, json) Hash identifier: xMocZ5mehN+43eST+RjPH7+jKkBlDX1Fx7f1dj78dHc= Subject key identifier: B6:84:11:A6:1F:AF:53:64:41:54:91:B2:CC:CD:AF:B1:E4:0D:50:6E Authority key identifier: EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D Certificate issuer: /CN=ef401a52e3fde699486e99678dbf48875329c33d Certificate serial: 019AF31CDE0D9114B888AEE1D5EAEC0B6618 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft Manifest number: 0ECD Signing time: Sat 06 Dec 2025 10:02:26 +0000 Manifest this update: Sat 06 Dec 2025 10:02:26 +0000 Manifest next update: Sun 07 Dec 2025 10:02:26 +0000 Files and hashes: 1: 70AaUuP95plIbplnjb9Ih1Mpwz0.crl (hash: 8MdoejQRz6IPkM4x7uM4qx69B2S/cV3CHEjf6i+KGiY=) 2: S4KhO_-8xzMvt1B6k_-GK_XNTGs.roa (hash: 298ot3rN9ux+k96S6A3kz+LkCwnTR/d/qtOX4jSeeqQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:de:0d:91:14:b8:88:ae:e1:d5:ea:ec:0b:66:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ef401a52e3fde699486e99678dbf48875329c33d Validity Not Before: Dec 6 10:02:26 2025 GMT Not After : Dec 7 10:02:26 2025 GMT Subject: CN=b68411a61faf5364415491b2cccdafb1e40d506e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e9:1f:9d:29:e7:33:57:1b:06:82:fc:71:b0: 28:b1:11:83:16:07:aa:7e:8b:67:da:ef:73:3b:15: e5:7e:dc:50:b4:7e:74:3e:65:fb:0d:a1:de:2c:85: de:7c:23:ed:52:6b:ce:60:eb:38:85:39:0a:dd:bb: cb:a5:2a:19:b2:36:05:86:f2:94:28:48:16:24:bc: b3:0a:1b:da:d4:17:6e:d6:df:69:14:64:2b:86:ea: 0f:2c:70:3d:78:87:53:79:d0:6c:53:96:17:4e:b4: fb:54:ca:aa:8f:32:35:03:70:13:44:08:90:a1:36: e9:fe:24:8b:32:2a:d0:cc:e4:35:51:6d:95:73:bc: c9:61:95:a2:aa:cd:17:4a:19:6f:f5:4e:60:a2:e0: bf:a4:dd:d3:a5:93:f6:df:07:16:17:bc:50:aa:ab: 07:61:48:e1:fd:b0:f2:9e:e4:d6:7d:77:2a:73:12: 61:55:8e:7c:f3:b9:7d:6e:e1:cf:5a:fa:7b:fd:1d: df:ca:f4:ce:e7:b8:a1:52:84:e0:29:1b:8f:5c:1e: d5:74:16:1f:64:57:3d:ce:bf:7f:7e:eb:75:48:19: cd:0c:58:2f:11:eb:c0:73:58:4a:42:53:8e:af:9e: ff:9e:cb:da:6d:2f:3c:83:0a:55:a3:98:a3:cf:4c: e9:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:84:11:A6:1F:AF:53:64:41:54:91:B2:CC:CD:AF:B1:E4:0D:50:6E X509v3 Authority Key Identifier: keyid:EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:09:6c:78:a5:e4:1b:85:b0:99:c2:77:e7:96:11:7d:84:60: a3:16:65:4c:93:34:5c:58:87:f7:df:b0:62:ac:63:18:9f:15: 66:1e:84:ae:b6:3d:31:cc:54:99:bd:1f:86:07:ee:98:31:87: c4:d5:9f:23:76:51:ee:9c:fd:89:8c:93:ef:7a:82:0d:de:de: bb:a9:aa:69:a5:79:69:1c:c0:52:9a:89:d1:7f:9a:74:96:e7: 7a:40:2e:01:69:3d:f8:c5:f8:55:01:ac:06:de:2e:5f:39:d5: 2c:66:4a:8f:57:2c:50:81:f3:6e:89:ad:71:8c:a5:21:ea:45: 27:7d:88:cc:b7:22:06:89:a2:7b:8a:f4:bf:c0:d5:4b:1f:bc: 09:b4:9d:a2:9b:74:21:fc:14:4c:70:d7:c7:c0:b6:9e:e7:5f: fd:e8:b8:51:2e:7f:c9:15:e3:44:a8:57:2d:8f:7d:c5:26:44: 2b:49:ac:b0:c5:53:88:58:08:ee:e8:5b:29:aa:a6:c2:5b:61: f9:04:7b:d7:e2:ad:4d:5b:e2:9c:eb:95:67:b7:fe:ca:b2:2f: 36:cf:6c:99:e2:55:ae:82:52:ed:8b:2c:82:f8:fd:2c:58:d0: 97:87:a6:21:bc:c2:ef:1c:2b:ec:18:a3:5b:5b:50:3e:93:57: f1:e4:47:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHN4NkRS4iK7h1ersC2YYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVmNDAxYTUyZTNmZGU2OTk0ODZlOTk2NzhkYmY0ODg3NTMy OWMzM2QwHhcNMjUxMjA2MTAwMjI2WhcNMjUxMjA3MTAwMjI2WjAzMTEwLwYDVQQD EyhiNjg0MTFhNjFmYWY1MzY0NDE1NDkxYjJjY2NkYWZiMWU0MGQ1MDZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+kfnSnnM1cbBoL8cbAosRGDFgeq fotn2u9zOxXlftxQtH50PmX7DaHeLIXefCPtUmvOYOs4hTkK3bvLpSoZsjYFhvKU KEgWJLyzChva1Bdu1t9pFGQrhuoPLHA9eIdTedBsU5YXTrT7VMqqjzI1A3ATRAiQ oTbp/iSLMirQzOQ1UW2Vc7zJYZWiqs0XShlv9U5gouC/pN3TpZP23wcWF7xQqqsH YUjh/bDynuTWfXcqcxJhVY5887l9buHPWvp7/R3fyvTO57ihUoTgKRuPXB7VdBYf ZFc9zr9/fut1SBnNDFgvEevAc1hKQlOOr57/nsvabS88gwpVo5ijz0zpiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLaEEaYfr1NkQVSRsszNr7HkDVBuMB8GA1UdIwQY MBaAFO9AGlLj/eaZSG6ZZ42/SIdTKcM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQt OWNhOTQ3YWE2NjVhLzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQtOWNhOTQ3YWE2NjVh LzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmAlseKXk G4WwmcJ355YRfYRgoxZlTJM0XFiH99+wYqxjGJ8VZh6ErrY9McxUmb0fhgfumDGH xNWfI3ZR7pz9iYyT73qCDd7eu6mqaaV5aRzAUpqJ0X+adJbnekAuAWk9+MX4VQGs Bt4uXznVLGZKj1csUIHzbomtcYylIepFJ32IzLciBomie4r0v8DVSx+8CbSdopt0 IfwUTHDXx8C2nudf/ei4US5/yRXjRKhXLY99xSZEK0mssMVTiFgI7uhbKaqmwlth +QR71+KtTVvinOuVZ7f+yrIvNs9smeJVroJS7Yssgvj9LFjQl4emIbzC7xwr7Bij W1tQPpNX8eRH/w== -----END CERTIFICATE-----Generated at Sat Dec 6 19:31:29 2025 by rpki-client