This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/c8b40c-2c0b-47ff-b921-e631463b123b/1/EXA1YTWt9H7ZcIywoTaAiUwjOeo.mft File: EXA1YTWt9H7ZcIywoTaAiUwjOeo.mft (raw, json) Hash identifier: m8WGdAnghJXg1vr3McsAck2wH86LC4ugI/gG+/DSpP8= Subject key identifier: 7C:36:25:A9:C2:F5:E4:D3:0B:13:F5:38:BA:03:65:B6:5F:1C:F5:89 Authority key identifier: 11:70:35:61:35:AD:F4:7E:D9:70:8C:B0:A1:36:80:89:4C:23:39:EA Certificate issuer: /CN=1170356135adf47ed9708cb0a13680894c2339ea Certificate serial: 019AF12DAB647700C599E431DB08B1AA4FA3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EXA1YTWt9H7ZcIywoTaAiUwjOeo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/c8b40c-2c0b-47ff-b921-e631463b123b/1/EXA1YTWt9H7ZcIywoTaAiUwjOeo.mft Manifest number: 16F3 Signing time: Sat 06 Dec 2025 01:01:33 +0000 Manifest this update: Sat 06 Dec 2025 01:01:33 +0000 Manifest next update: Sun 07 Dec 2025 01:01:33 +0000 Files and hashes: 1: 8u57ArQxKO_4JRsiP8ig9E_nJLs.roa (hash: ifzsEyICQHhNmNaBIhgOvnazrnhVrug9jj3mLB5h7cs=) 2: EXA1YTWt9H7ZcIywoTaAiUwjOeo.crl (hash: 7TAFO90mRw269alLzOdR6NnObQSN/6MC9t1LjOIpfbU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/c8b40c-2c0b-47ff-b921-e631463b123b/1/EXA1YTWt9H7ZcIywoTaAiUwjOeo.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/c8b40c-2c0b-47ff-b921-e631463b123b/1/EXA1YTWt9H7ZcIywoTaAiUwjOeo.mft rsync://rpki.ripe.net/repository/DEFAULT/EXA1YTWt9H7ZcIywoTaAiUwjOeo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:ab:64:77:00:c5:99:e4:31:db:08:b1:aa:4f:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1170356135adf47ed9708cb0a13680894c2339ea Validity Not Before: Dec 6 01:01:33 2025 GMT Not After : Dec 7 01:01:33 2025 GMT Subject: CN=7c3625a9c2f5e4d30b13f538ba0365b65f1cf589 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:3f:e9:e1:74:86:81:f9:4f:1c:c9:0c:d3:f8: 08:ad:20:34:bf:7d:27:f1:c2:6b:e0:80:e9:9d:25: ec:22:ae:eb:b7:20:77:b3:7c:27:3a:3e:f6:13:a2: 21:fa:df:9d:2c:ac:80:50:6c:e8:67:ac:a3:12:a9: e9:54:8a:36:2c:83:48:f3:9a:52:bf:fb:3d:b3:52: 5d:8c:4b:60:02:0b:66:50:46:85:f2:fe:aa:69:85: 95:f8:da:7a:f1:8f:62:d0:51:ec:49:f5:9d:d8:66: e1:61:33:80:e5:13:7e:f5:24:d9:f8:20:70:3b:02: 0e:8d:2a:54:9a:c3:6e:e2:47:e2:7d:39:9d:2a:21: 0c:0d:0b:e9:f1:e3:34:66:af:1e:1f:ba:05:a2:f5: 6f:24:13:24:83:9d:02:9e:4e:82:b9:29:03:45:d3: 48:a8:2b:ce:fa:4a:a4:ac:85:d7:7c:dc:3d:53:f6: d9:8e:c8:48:8c:ec:5f:11:01:81:e9:73:90:f9:f1: 64:ef:2f:c5:a2:a4:ff:fe:5b:44:5a:e7:3d:a9:4f: 82:c7:4d:af:0c:9b:4f:89:d1:bc:3a:be:9a:27:3f: a7:5e:51:dc:e0:df:e2:67:d1:1e:4e:9f:24:16:c7: 2b:a5:97:be:ae:b3:96:c8:b5:b8:5e:73:ba:41:65: 0e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:36:25:A9:C2:F5:E4:D3:0B:13:F5:38:BA:03:65:B6:5F:1C:F5:89 X509v3 Authority Key Identifier: keyid:11:70:35:61:35:AD:F4:7E:D9:70:8C:B0:A1:36:80:89:4C:23:39:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EXA1YTWt9H7ZcIywoTaAiUwjOeo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/c8b40c-2c0b-47ff-b921-e631463b123b/1/EXA1YTWt9H7ZcIywoTaAiUwjOeo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/c8b40c-2c0b-47ff-b921-e631463b123b/1/EXA1YTWt9H7ZcIywoTaAiUwjOeo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:4d:06:1a:6c:39:fc:c9:45:9c:57:fd:6f:dd:88:27:4c:2d: 79:88:8d:b3:71:3b:d0:fe:de:53:88:cb:3d:29:d6:7a:0b:76: 54:30:94:d4:f0:09:62:3d:0e:9f:96:8b:fd:79:d5:03:1d:cf: b0:da:7f:99:fb:d3:29:b5:eb:1d:4f:a6:79:4b:ba:b5:1c:31: 74:98:3e:ad:2a:57:e4:bb:0c:8a:87:2d:bf:d3:13:2c:2b:2d: 5c:0b:58:4c:b6:4e:d5:51:06:ad:95:dd:26:fe:70:65:ad:95: ea:88:22:3c:aa:57:87:fa:a9:05:ad:63:ef:1a:c4:aa:88:75: bd:d4:e0:c2:58:22:f1:64:76:0c:3e:09:a5:06:30:e0:85:c9: 26:b6:98:99:c0:40:15:41:7c:0c:db:fb:e3:52:5b:19:0d:dc: 2a:38:6a:f6:c2:05:2b:d4:45:b4:5c:0a:40:ad:41:01:b1:9d: 77:c5:ba:f1:f9:f3:d7:13:df:9c:c4:2c:20:1d:dd:6e:77:fe: f1:38:49:de:00:56:7e:07:88:05:70:73:48:cf:ee:ac:db:dc: 51:a5:1c:fd:9e:d8:d4:d3:19:01:06:6d:3f:35:48:47:f1:7e: 41:81:2a:c1:81:91:87:39:b8:b9:7c:96:18:41:4e:ec:b7:36: b6:13:40:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLatkdwDFmeQx2wixqk+jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExNzAzNTYxMzVhZGY0N2VkOTcwOGNiMGExMzY4MDg5NGMy MzM5ZWEwHhcNMjUxMjA2MDEwMTMzWhcNMjUxMjA3MDEwMTMzWjAzMTEwLwYDVQQD Eyg3YzM2MjVhOWMyZjVlNGQzMGIxM2Y1MzhiYTAzNjViNjVmMWNmNTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz/p4XSGgflPHMkM0/gIrSA0v30n 8cJr4IDpnSXsIq7rtyB3s3wnOj72E6Ih+t+dLKyAUGzoZ6yjEqnpVIo2LINI85pS v/s9s1JdjEtgAgtmUEaF8v6qaYWV+Np68Y9i0FHsSfWd2GbhYTOA5RN+9STZ+CBw OwIOjSpUmsNu4kfifTmdKiEMDQvp8eM0Zq8eH7oFovVvJBMkg50Cnk6CuSkDRdNI qCvO+kqkrIXXfNw9U/bZjshIjOxfEQGB6XOQ+fFk7y/FoqT//ltEWuc9qU+Cx02v DJtPidG8Or6aJz+nXlHc4N/iZ9EeTp8kFscrpZe+rrOWyLW4XnO6QWUOMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHw2JanC9eTTCxP1OLoDZbZfHPWJMB8GA1UdIwQY MBaAFBFwNWE1rfR+2XCMsKE2gIlMIznqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVhBMVlUV3Q5SDdaY0l5d29UYUFpVXdqT2VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9jOGI0MGMtMmMwYi00N2ZmLWI5MjEt ZTYzMTQ2M2IxMjNiLzEvRVhBMVlUV3Q5SDdaY0l5d29UYUFpVXdqT2VvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9jOGI0MGMtMmMwYi00N2ZmLWI5MjEtZTYzMTQ2M2IxMjNi LzEvRVhBMVlUV3Q5SDdaY0l5d29UYUFpVXdqT2VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUU0GGmw5 /MlFnFf9b92IJ0wteYiNs3E70P7eU4jLPSnWegt2VDCU1PAJYj0On5aL/XnVAx3P sNp/mfvTKbXrHU+meUu6tRwxdJg+rSpX5LsMioctv9MTLCstXAtYTLZO1VEGrZXd Jv5wZa2V6ogiPKpXh/qpBa1j7xrEqoh1vdTgwlgi8WR2DD4JpQYw4IXJJraYmcBA FUF8DNv741JbGQ3cKjhq9sIFK9RFtFwKQK1BAbGdd8W68fnz1xPfnMQsIB3dbnf+ 8ThJ3gBWfgeIBXBzSM/urNvcUaUc/Z7Y1NMZAQZtPzVIR/F+QYEqwYGRhzm4uXyW GEFO7Lc2thNAUg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:00:41 2025 by rpki-client