This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f8a46e-bdfd-4df6-8261-f23283601764/1/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.mft File: vaPQu0IrC8pwZxbCD3rVjdJ2VHE.mft (raw, json) Hash identifier: JDa+n3NcvtkOy8nyqriYvBRKzDlmAmkLKhLGaXInxEM= Subject key identifier: 5C:6A:D7:CF:F5:02:46:38:F7:F5:53:E4:6B:40:86:FF:D6:FA:EA:E2 Authority key identifier: BD:A3:D0:BB:42:2B:0B:CA:70:67:16:C2:0F:7A:D5:8D:D2:76:54:71 Certificate issuer: /CN=bda3d0bb422b0bca706716c20f7ad58dd2765471 Certificate serial: 019AF3C03FF8E9B5D6413BE2FD400CFBF82C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f8a46e-bdfd-4df6-8261-f23283601764/1/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.mft Manifest number: 16B8 Signing time: Sat 06 Dec 2025 13:00:53 +0000 Manifest this update: Sat 06 Dec 2025 13:00:53 +0000 Manifest next update: Sun 07 Dec 2025 13:00:53 +0000 Files and hashes: 1: 2NhKjFbuAMp_doRz4AUPYRbSyEU.roa (hash: IgIsz5WqF9AXjPzeVD1tKo5xC9L3dTvcfnef5uQtbKI=) 2: vaPQu0IrC8pwZxbCD3rVjdJ2VHE.crl (hash: aUplZyVkIlc6iF8Soog542vRQcKyq6BkO0zeVx9jai0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f8a46e-bdfd-4df6-8261-f23283601764/1/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.crl rsync://rpki.ripe.net/repository/DEFAULT/42/f8a46e-bdfd-4df6-8261-f23283601764/1/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.mft rsync://rpki.ripe.net/repository/DEFAULT/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:3f:f8:e9:b5:d6:41:3b:e2:fd:40:0c:fb:f8:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bda3d0bb422b0bca706716c20f7ad58dd2765471 Validity Not Before: Dec 6 13:00:53 2025 GMT Not After : Dec 7 13:00:53 2025 GMT Subject: CN=5c6ad7cff5024638f7f553e46b4086ffd6faeae2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:e7:28:a4:44:13:77:92:8c:09:bc:1d:61:4e: f8:f1:19:cc:a4:49:09:a5:92:da:f6:ef:b7:ae:49: eb:13:8e:ec:48:38:87:c7:a4:56:3c:84:60:0e:32: 3b:fe:bf:e6:f8:53:eb:86:15:66:5b:ff:bf:a9:bc: 53:f0:48:02:4c:31:b3:09:c0:58:ae:62:55:6d:d4: 3a:f0:03:23:c3:4f:7d:dd:cc:a8:fb:9c:4d:3f:d9: e2:fa:20:39:31:c5:e0:5d:b0:d0:c9:06:74:80:61: 2b:aa:3d:29:a9:c1:0b:dd:38:e9:10:17:3b:5f:d0: af:1e:46:77:fa:43:a0:07:90:b7:81:6e:cc:ad:5e: 7d:b6:d3:7a:45:7f:f9:5b:54:33:7b:30:7c:4b:38: 14:3f:f5:1d:15:79:f4:28:8a:c2:47:6b:37:0e:56: fe:00:5f:e4:30:33:91:f0:fa:09:01:0a:bc:4d:9d: 72:5c:49:39:78:50:1d:e6:33:1f:d7:17:b6:1f:19: f9:73:13:b1:d9:71:f9:3b:21:d5:9f:9c:fb:83:f0: 23:f8:dc:6c:d0:85:7b:1d:d5:d8:42:3f:19:0b:f2: 59:8f:00:66:fc:1d:6f:e1:2d:71:fa:cf:5b:f7:2d: 52:82:6c:be:6d:e9:f8:6b:8f:e8:fd:08:83:c7:1e: 47:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:6A:D7:CF:F5:02:46:38:F7:F5:53:E4:6B:40:86:FF:D6:FA:EA:E2 X509v3 Authority Key Identifier: keyid:BD:A3:D0:BB:42:2B:0B:CA:70:67:16:C2:0F:7A:D5:8D:D2:76:54:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f8a46e-bdfd-4df6-8261-f23283601764/1/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f8a46e-bdfd-4df6-8261-f23283601764/1/vaPQu0IrC8pwZxbCD3rVjdJ2VHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:ff:a2:47:d1:85:c8:f4:8a:04:b2:c5:44:ca:07:7c:90:10: 9e:7b:a7:df:88:b9:a9:be:60:32:72:39:87:21:f9:78:60:68: bd:a5:70:a1:ac:bf:4d:f3:8f:90:d7:b5:17:d8:65:f0:7a:9b: d5:8f:9f:c5:50:86:25:40:54:91:98:41:44:d0:58:7f:1a:0f: c6:89:20:f4:2b:86:a0:a3:e9:4f:85:19:fc:64:30:f7:50:ad: f3:d4:12:d9:d0:e6:3d:ac:d6:8e:a4:f7:7b:1b:00:38:68:15: 4e:2d:3c:60:e1:75:7b:51:6a:62:44:25:73:a7:44:57:04:89: bf:67:0a:d2:f2:7e:89:23:df:e0:89:8c:d6:cb:ed:5d:00:4c: 38:53:ed:de:27:9f:c4:04:d2:6b:76:f4:93:03:29:b8:05:6d: 86:7b:35:fa:46:18:cd:14:e6:9b:a6:0a:49:9e:6c:db:6a:8c: a7:06:33:d4:a9:72:22:0a:5e:cd:bb:c5:93:38:23:59:10:bc: f1:64:50:15:bd:f6:d6:07:4c:a3:9e:99:dc:e3:8d:56:1f:03: 05:21:44:74:70:cb:68:08:ec:b5:cc:b4:a0:81:c3:80:b5:53: e1:16:e4:f0:c3:10:c8:23:43:6f:89:41:b3:76:68:67:3b:0d: b3:4b:4b:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwD/46bXWQTvi/UAM+/gsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkYTNkMGJiNDIyYjBiY2E3MDY3MTZjMjBmN2FkNThkZDI3 NjU0NzEwHhcNMjUxMjA2MTMwMDUzWhcNMjUxMjA3MTMwMDUzWjAzMTEwLwYDVQQD Eyg1YzZhZDdjZmY1MDI0NjM4ZjdmNTUzZTQ2YjQwODZmZmQ2ZmFlYWUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OcopEQTd5KMCbwdYU748RnMpEkJ pZLa9u+3rknrE47sSDiHx6RWPIRgDjI7/r/m+FPrhhVmW/+/qbxT8EgCTDGzCcBY rmJVbdQ68AMjw0993cyo+5xNP9ni+iA5McXgXbDQyQZ0gGErqj0pqcEL3TjpEBc7 X9CvHkZ3+kOgB5C3gW7MrV59ttN6RX/5W1QzezB8SzgUP/UdFXn0KIrCR2s3Dlb+ AF/kMDOR8PoJAQq8TZ1yXEk5eFAd5jMf1xe2Hxn5cxOx2XH5OyHVn5z7g/Aj+Nxs 0IV7HdXYQj8ZC/JZjwBm/B1v4S1x+s9b9y1Sgmy+ben4a4/o/QiDxx5HcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFxq18/1AkY49/VT5GtAhv/W+uriMB8GA1UdIwQY MBaAFL2j0LtCKwvKcGcWwg961Y3SdlRxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmFQUXUwSXJDOHB3WnhiQ0QzclZqZEoyVkhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mOGE0NmUtYmRmZC00ZGY2LTgyNjEt ZjIzMjgzNjAxNzY0LzEvdmFQUXUwSXJDOHB3WnhiQ0QzclZqZEoyVkhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9mOGE0NmUtYmRmZC00ZGY2LTgyNjEtZjIzMjgzNjAxNzY0 LzEvdmFQUXUwSXJDOHB3WnhiQ0QzclZqZEoyVkhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASv+iR9GF yPSKBLLFRMoHfJAQnnun34i5qb5gMnI5hyH5eGBovaVwoay/TfOPkNe1F9hl8Hqb 1Y+fxVCGJUBUkZhBRNBYfxoPxokg9CuGoKPpT4UZ/GQw91Ct89QS2dDmPazWjqT3 exsAOGgVTi08YOF1e1FqYkQlc6dEVwSJv2cK0vJ+iSPf4ImM1svtXQBMOFPt3ief xATSa3b0kwMpuAVthns1+kYYzRTmm6YKSZ5s22qMpwYz1KlyIgpezbvFkzgjWRC8 8WRQFb321gdMo56Z3OONVh8DBSFEdHDLaAjstcy0oIHDgLVT4Rbk8MMQyCNDb4lB s3ZoZzsNs0tLUQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:33:22 2025 by rpki-client