This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pVB1uOQuRRTvSdP-ovGHJk50-y4.mft File: pVB1uOQuRRTvSdP-ovGHJk50-y4.mft (raw, json) Hash identifier: vN4K51WxE48wYeM8ZWDR6QGHQSRjmGgP5NiYzneAdyg= Subject key identifier: BD:D8:BB:2A:63:68:1A:B6:70:B8:5F:93:CA:44:04:9F:12:37:19:02 Authority key identifier: A5:50:75:B8:E4:2E:45:14:EF:49:D3:FE:A2:F1:87:26:4E:74:FB:2E Certificate issuer: /CN=a55075b8e42e4514ef49d3fea2f187264e74fb2e Certificate serial: 019AF1D1DEDA0DC220663D898E9F0F96AC4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pVB1uOQuRRTvSdP-ovGHJk50-y4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pVB1uOQuRRTvSdP-ovGHJk50-y4.mft Manifest number: 03FC Signing time: Sat 06 Dec 2025 04:00:54 +0000 Manifest this update: Sat 06 Dec 2025 04:00:54 +0000 Manifest next update: Sun 07 Dec 2025 04:00:54 +0000 Files and hashes: 1: AHyerdr5uxL6xuyGfsHFNBv_XjU.roa (hash: /uUPID3475V6+DCQHcFaqhePNwogod/B8RgCIUOzHrI=) 2: pVB1uOQuRRTvSdP-ovGHJk50-y4.crl (hash: jNT/UPFAU9PP6+aO5gkERg4lJOuCs+Y31YzJ7/yryzE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pVB1uOQuRRTvSdP-ovGHJk50-y4.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pVB1uOQuRRTvSdP-ovGHJk50-y4.mft rsync://rpki.ripe.net/repository/DEFAULT/pVB1uOQuRRTvSdP-ovGHJk50-y4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:de:da:0d:c2:20:66:3d:89:8e:9f:0f:96:ac:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a55075b8e42e4514ef49d3fea2f187264e74fb2e Validity Not Before: Dec 6 04:00:54 2025 GMT Not After : Dec 7 04:00:54 2025 GMT Subject: CN=bdd8bb2a63681ab670b85f93ca44049f12371902 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:07:be:be:02:ac:67:50:84:af:21:c3:54:3d: 25:9d:ac:31:d9:a7:a9:6c:52:ce:2e:f6:b8:11:8e: ad:3d:8e:40:4d:b7:01:91:87:a1:25:0f:76:ee:2a: 9a:d4:1d:41:40:1e:87:31:94:5e:64:73:01:08:3f: 9f:52:58:5b:ef:3f:ac:fc:bb:b7:b3:84:36:fa:63: 03:4c:24:65:56:a5:8e:5f:f4:03:4a:76:63:84:d6: 28:7b:38:40:6b:a2:ef:c7:62:e1:98:88:08:30:3f: c1:94:ea:24:3a:33:7d:2a:6f:f2:a4:a0:43:e3:eb: 26:28:06:f1:d0:76:97:60:9c:68:44:a2:1c:55:34: 8f:0c:36:b7:d8:4e:b9:0c:a7:1f:af:00:1c:c3:14: 10:fe:0a:87:25:e0:33:e5:f2:97:46:a2:49:f1:b1: 29:7f:6e:13:5a:a1:99:08:7c:74:81:43:45:8f:f8: a7:b4:27:b6:f4:e1:89:e7:b4:d4:31:70:56:3c:17: 42:24:40:5e:81:ad:71:af:6e:37:a1:b7:cc:69:0e: 1c:8d:5d:0a:28:37:c1:b4:d3:40:40:a0:06:54:15: 38:10:05:cf:da:26:ff:f0:8d:e2:49:d8:17:06:49: b5:29:ec:0f:88:77:37:28:05:d9:78:8f:ba:c8:d2: db:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:D8:BB:2A:63:68:1A:B6:70:B8:5F:93:CA:44:04:9F:12:37:19:02 X509v3 Authority Key Identifier: keyid:A5:50:75:B8:E4:2E:45:14:EF:49:D3:FE:A2:F1:87:26:4E:74:FB:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pVB1uOQuRRTvSdP-ovGHJk50-y4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pVB1uOQuRRTvSdP-ovGHJk50-y4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/pVB1uOQuRRTvSdP-ovGHJk50-y4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:e4:9b:15:00:7e:c0:ae:bf:9b:e2:2d:f0:bb:b6:e6:a1:68: f8:05:98:4f:03:8b:13:a5:96:9d:5a:ec:63:dc:43:85:7d:fd: 53:e5:94:93:1e:2b:da:cb:b0:12:b2:1c:6c:12:35:81:d5:5a: bf:79:56:6c:7f:d2:6e:c7:79:b3:77:c4:39:93:81:f6:be:17: 2d:bb:7a:a1:98:2a:68:8c:0d:cf:65:4e:73:1c:40:61:34:fe: bd:e1:93:da:1a:ce:54:88:9d:5d:0b:11:39:25:9e:88:0f:c1: f4:0b:0e:57:5c:46:2a:8f:02:37:9a:22:1b:da:d5:2b:c2:20: bd:2b:b9:69:c1:e4:a6:32:de:56:1f:ac:9d:fa:c4:79:3e:22: cd:b1:85:e2:0f:dc:b6:1a:af:7a:25:47:90:0c:23:7e:7f:42: 36:bf:be:86:c1:1c:bf:f8:c7:cf:e6:b7:76:00:d7:ee:15:ea: df:cf:eb:dd:ab:24:94:3a:47:03:52:ad:9e:c5:c5:80:d2:d1: aa:61:2d:26:df:49:a5:17:d4:e7:2b:87:6a:9c:68:fe:f8:de: 5c:21:2a:ac:7c:e5:27:62:c5:20:7b:32:a1:c9:65:7c:3b:e7: 73:40:c6:11:57:cc:d5:a4:59:33:b1:63:1e:07:1d:cb:a7:98: 96:2e:59:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0d7aDcIgZj2Jjp8PlqxOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1NTA3NWI4ZTQyZTQ1MTRlZjQ5ZDNmZWEyZjE4NzI2NGU3 NGZiMmUwHhcNMjUxMjA2MDQwMDU0WhcNMjUxMjA3MDQwMDU0WjAzMTEwLwYDVQQD EyhiZGQ4YmIyYTYzNjgxYWI2NzBiODVmOTNjYTQ0MDQ5ZjEyMzcxOTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAe+vgKsZ1CEryHDVD0lnawx2aep bFLOLva4EY6tPY5ATbcBkYehJQ927iqa1B1BQB6HMZReZHMBCD+fUlhb7z+s/Lu3 s4Q2+mMDTCRlVqWOX/QDSnZjhNYoezhAa6Lvx2LhmIgIMD/BlOokOjN9Km/ypKBD 4+smKAbx0HaXYJxoRKIcVTSPDDa32E65DKcfrwAcwxQQ/gqHJeAz5fKXRqJJ8bEp f24TWqGZCHx0gUNFj/intCe29OGJ57TUMXBWPBdCJEBega1xr243obfMaQ4cjV0K KDfBtNNAQKAGVBU4EAXP2ib/8I3iSdgXBkm1KewPiHc3KAXZeI+6yNLbCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL3YuypjaBq2cLhfk8pEBJ8SNxkCMB8GA1UdIwQY MBaAFKVQdbjkLkUU70nT/qLxhyZOdPsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFZCMXVPUXVSUlR2U2RQLW92R0hKazUwLXk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85YjFmOTUtM2IxOC00ODEyLTkyNGUt N2JmZGE2MjU0NGNlLzEvcFZCMXVPUXVSUlR2U2RQLW92R0hKazUwLXk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS85YjFmOTUtM2IxOC00ODEyLTkyNGUtN2JmZGE2MjU0NGNl LzEvcFZCMXVPUXVSUlR2U2RQLW92R0hKazUwLXk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALuSbFQB+ wK6/m+It8Lu25qFo+AWYTwOLE6WWnVrsY9xDhX39U+WUkx4r2suwErIcbBI1gdVa v3lWbH/Sbsd5s3fEOZOB9r4XLbt6oZgqaIwNz2VOcxxAYTT+veGT2hrOVIidXQsR OSWeiA/B9AsOV1xGKo8CN5oiG9rVK8IgvSu5acHkpjLeVh+snfrEeT4izbGF4g/c thqveiVHkAwjfn9CNr++hsEcv/jHz+a3dgDX7hXq38/r3asklDpHA1KtnsXFgNLR qmEtJt9JpRfU5yuHapxo/vjeXCEqrHzlJ2LFIHsyocllfDvnc0DGEVfM1aRZM7Fj Hgcdy6eYli5Zng== -----END CERTIFICATE-----Generated at Sat Dec 6 12:07:35 2025 by rpki-client