This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft File: VDxwGANHJZY6lxyWqMqrWYyuY4o.mft (raw, json) Hash identifier: rF3rQaTcPI4pNuSzvXBUHBPhqqMqXI9kL9ahIwRy74M= Subject key identifier: 31:9C:3F:98:C3:A3:C7:8E:EC:EB:15:8E:E6:83:31:69:BC:E8:FA:0F Authority key identifier: 54:3C:70:18:03:47:25:96:3A:97:1C:96:A8:CA:AB:59:8C:AE:63:8A Certificate issuer: /CN=543c7018034725963a971c96a8caab598cae638a Certificate serial: 019AF16416B43F48C0354AF6D8BD21E04379 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxwGANHJZY6lxyWqMqrWYyuY4o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft Manifest number: 0556 Signing time: Sat 06 Dec 2025 02:00:59 +0000 Manifest this update: Sat 06 Dec 2025 02:00:59 +0000 Manifest next update: Sun 07 Dec 2025 02:00:59 +0000 Files and hashes: 1: O7wVhYp5aN-EHbBcAt5o4QIzfyg.roa (hash: 1pH3pLqu6QshZ8HwYPfHNSe335AW5zx9SMrVG3Y2btc=) 2: VDxwGANHJZY6lxyWqMqrWYyuY4o.crl (hash: KtIvcFpqMdCJlzpSBOWrlczb8PKe4a6YHqLe7yBDA68=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.crl rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft rsync://rpki.ripe.net/repository/DEFAULT/VDxwGANHJZY6lxyWqMqrWYyuY4o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:16:b4:3f:48:c0:35:4a:f6:d8:bd:21:e0:43:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=543c7018034725963a971c96a8caab598cae638a Validity Not Before: Dec 6 02:00:59 2025 GMT Not After : Dec 7 02:00:59 2025 GMT Subject: CN=319c3f98c3a3c78eeceb158ee6833169bce8fa0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:b5:b6:a1:be:6c:9f:40:a9:16:6e:b9:f0:94: ef:98:5d:30:0a:95:c6:16:9b:1d:e3:41:c1:b3:56: 7c:7a:ac:b1:6c:e4:80:e0:ab:51:a3:49:f6:1d:e4: f3:76:c2:ce:0b:11:9b:df:9f:5d:5c:2d:ae:47:57: c4:f6:f8:5a:4c:2e:02:6c:26:a1:48:a7:f3:ff:d3: 54:5e:e8:05:f8:ab:f1:37:38:14:37:30:8f:14:16: bf:fa:1e:e6:78:15:3c:71:1d:43:6b:c7:3f:c8:7e: 8f:b0:ac:57:c1:6a:31:3f:8a:29:e7:04:99:95:e8: c9:83:fc:a5:be:0d:4f:f4:26:a0:95:30:5c:86:0a: e6:d9:f2:16:79:31:8f:96:bf:01:f9:98:76:a7:6f: e3:67:7c:39:61:93:ff:54:cf:2d:2c:06:7c:24:27: c5:d0:f2:a0:2c:dd:5a:ac:a6:e5:1b:ff:f8:9a:39: 47:e4:28:9d:b1:1c:fc:82:33:1b:84:3f:4c:2e:7e: a1:9d:37:c5:4b:82:42:40:a6:27:f0:ca:ca:43:54: 62:d1:28:ca:c7:84:08:e5:98:57:e2:14:69:e3:54: 8e:2b:02:6c:fd:4f:d8:15:9d:e8:58:8c:ae:38:dc: 47:fa:ea:b7:93:f4:11:54:d3:6b:37:6f:cd:81:f7: 7f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:9C:3F:98:C3:A3:C7:8E:EC:EB:15:8E:E6:83:31:69:BC:E8:FA:0F X509v3 Authority Key Identifier: keyid:54:3C:70:18:03:47:25:96:3A:97:1C:96:A8:CA:AB:59:8C:AE:63:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxwGANHJZY6lxyWqMqrWYyuY4o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:bc:c4:e2:c4:3f:61:7d:88:99:03:2a:70:8d:b5:d5:ad:0d: 6c:c2:fb:a0:ad:80:79:fa:e1:f8:ad:2b:8a:cc:7d:ff:bb:ed: 20:fd:19:16:87:00:04:b0:1c:98:59:04:fd:7f:ee:d0:62:76: d2:68:a3:af:99:39:ba:39:d6:3f:15:a3:2b:b2:de:07:3e:8e: de:54:e8:af:1e:f6:48:33:96:f4:06:b4:f6:27:42:d0:8e:7d: 82:c7:fc:a1:2b:02:c2:9f:e4:af:18:8f:87:f6:4a:8f:67:4a: 91:7e:3d:be:db:eb:77:a2:fb:dc:b5:39:53:b7:d0:8e:df:e8: ec:c0:be:13:66:dd:6e:39:9b:0f:68:d5:60:a8:84:18:e8:30: 7d:66:f3:b3:85:38:7c:fc:86:4d:37:0f:85:b1:22:bd:3c:94: 90:79:c0:c5:a5:2c:af:4f:4e:3a:72:cf:86:fd:f5:fc:a0:f2: 2e:82:9a:e4:2c:5b:19:13:71:11:35:d6:31:a6:b7:31:cd:5d: ef:81:16:0d:48:11:7b:52:85:7a:de:39:69:c0:8b:99:09:97: c1:cc:9c:65:e9:7b:ca:15:2b:8b:13:41:e0:4d:d3:98:d9:71: 7d:f5:ac:0a:6c:f0:73:1e:f2:bb:c2:81:de:b0:f0:a9:e1:b6: c2:62:34:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZBa0P0jANUr22L0h4EN5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0M2M3MDE4MDM0NzI1OTYzYTk3MWM5NmE4Y2FhYjU5OGNh ZTYzOGEwHhcNMjUxMjA2MDIwMDU5WhcNMjUxMjA3MDIwMDU5WjAzMTEwLwYDVQQD EygzMTljM2Y5OGMzYTNjNzhlZWNlYjE1OGVlNjgzMzE2OWJjZThmYTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LW2ob5sn0CpFm658JTvmF0wCpXG Fpsd40HBs1Z8eqyxbOSA4KtRo0n2HeTzdsLOCxGb359dXC2uR1fE9vhaTC4CbCah SKfz/9NUXugF+KvxNzgUNzCPFBa/+h7meBU8cR1Da8c/yH6PsKxXwWoxP4op5wSZ lejJg/ylvg1P9CaglTBchgrm2fIWeTGPlr8B+Zh2p2/jZ3w5YZP/VM8tLAZ8JCfF 0PKgLN1arKblG//4mjlH5CidsRz8gjMbhD9MLn6hnTfFS4JCQKYn8MrKQ1Ri0SjK x4QI5ZhX4hRp41SOKwJs/U/YFZ3oWIyuONxH+uq3k/QRVNNrN2/Ngfd/KQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDGcP5jDo8eO7OsVjuaDMWm86PoPMB8GA1UdIwQY MBaAFFQ8cBgDRyWWOpcclqjKq1mMrmOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkR4d0dBTkhKWlk2bHh5V3FNcXJXWXl1WTRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81MDlkMGItYWNkMS00OTU4LWEzY2Qt Mzc1ZjI0NDlhOGMxLzEvVkR4d0dBTkhKWlk2bHh5V3FNcXJXWXl1WTRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS81MDlkMGItYWNkMS00OTU4LWEzY2QtMzc1ZjI0NDlhOGMx LzEvVkR4d0dBTkhKWlk2bHh5V3FNcXJXWXl1WTRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLzE4sQ/ YX2ImQMqcI211a0NbML7oK2Aefrh+K0risx9/7vtIP0ZFocABLAcmFkE/X/u0GJ2 0mijr5k5ujnWPxWjK7LeBz6O3lTorx72SDOW9Aa09idC0I59gsf8oSsCwp/krxiP h/ZKj2dKkX49vtvrd6L73LU5U7fQjt/o7MC+E2bdbjmbD2jVYKiEGOgwfWbzs4U4 fPyGTTcPhbEivTyUkHnAxaUsr09OOnLPhv31/KDyLoKa5CxbGRNxETXWMaa3Mc1d 74EWDUgRe1KFet45acCLmQmXwcycZel7yhUrixNB4E3TmNlxffWsCmzwcx7yu8KB 3rDwqeG2wmI0mw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:40:33 2025 by rpki-client