This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.mft File: 1PvHTNH4egvxbEgvYgHJueskTqI.mft (raw, json) Hash identifier: yqp/1fiD/FnQoB0VQF2WG1XgtGZLd3kQcB5Cp9UYX/k= Subject key identifier: 04:D9:BA:AE:B3:03:F2:92:EE:00:C3:7C:84:96:03:D8:FF:31:7E:EE Authority key identifier: D4:FB:C7:4C:D1:F8:7A:0B:F1:6C:48:2F:62:01:C9:B9:EB:24:4E:A2 Certificate issuer: /CN=d4fbc74cd1f87a0bf16c482f6201c9b9eb244ea2 Certificate serial: 019AF19BA005D4439E4A125C63BFA2E2DAFD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1PvHTNH4egvxbEgvYgHJueskTqI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 03:01:39 +0000 Manifest this update: Sat 06 Dec 2025 03:01:39 +0000 Manifest next update: Sun 07 Dec 2025 03:01:39 +0000 Files and hashes: 1: 1PvHTNH4egvxbEgvYgHJueskTqI.crl (hash: sXcpbxs0WUfm8LY8gqMSyxcfWO0+KX+pNvK9jvA5Kw4=) 2: Lf04Gu4CGxYLcQBclc4AN9VDJLA.roa (hash: dSOlHoyFZA5kqNN/4PjLQn10doJUzZFyYe2NTurY+0M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.mft rsync://rpki.ripe.net/repository/DEFAULT/1PvHTNH4egvxbEgvYgHJueskTqI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:a0:05:d4:43:9e:4a:12:5c:63:bf:a2:e2:da:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4fbc74cd1f87a0bf16c482f6201c9b9eb244ea2 Validity Not Before: Dec 6 03:01:39 2025 GMT Not After : Dec 7 03:01:39 2025 GMT Subject: CN=04d9baaeb303f292ee00c37c849603d8ff317eee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:21:e4:8a:15:c0:ff:8b:dd:5c:09:72:8e:54: 1c:b3:4c:7b:2a:15:1e:0c:45:ed:07:8d:fc:bd:ac: f4:13:51:b8:7e:67:f8:a9:88:3a:1a:5b:5b:a5:2a: eb:4f:08:74:56:41:67:3b:4b:88:50:77:01:5c:c6: 4b:63:81:f8:aa:b6:db:6e:60:8e:24:a0:9e:65:81: 6a:76:bc:37:dd:3e:29:88:0f:13:b5:40:a8:9a:0c: c7:c3:bd:a4:75:52:46:5e:a0:1f:24:86:8b:64:16: be:0d:32:97:16:0e:4b:3a:6e:f5:b2:ed:e4:ce:6a: a3:fc:00:7d:d6:14:23:bb:38:8c:2d:1c:84:78:12: bf:40:f2:42:9a:3d:d0:6a:40:6d:58:72:34:bb:df: fb:98:60:0a:22:0d:fe:1f:b9:ce:c9:9f:98:2e:af: fc:36:e0:14:8e:f7:a3:b4:59:65:0d:96:c0:49:27: 8f:33:c8:e6:0d:76:de:ea:db:2d:8c:fe:f9:4f:43: 4a:60:50:05:b4:01:6f:61:54:0f:e5:60:9b:2f:6a: d5:22:21:a3:1a:9d:36:f5:f8:46:e4:54:57:45:f6: 10:53:64:27:60:52:54:f5:c9:97:4c:49:fa:be:5c: f9:b6:92:62:3b:2f:55:8a:b9:dc:2e:98:59:75:0f: 90:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:D9:BA:AE:B3:03:F2:92:EE:00:C3:7C:84:96:03:D8:FF:31:7E:EE X509v3 Authority Key Identifier: keyid:D4:FB:C7:4C:D1:F8:7A:0B:F1:6C:48:2F:62:01:C9:B9:EB:24:4E:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PvHTNH4egvxbEgvYgHJueskTqI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:1e:3f:0c:4d:61:d8:b0:e2:6f:41:c1:43:a6:c1:f9:27:22: be:a3:96:78:66:07:e1:7b:56:b4:d3:38:9b:d4:56:2b:45:19: 0d:4d:25:27:ef:dd:94:f0:fc:87:d7:04:67:d4:fc:a6:4a:e5: 84:7c:0b:4f:9c:f9:9f:05:c2:3a:8c:08:af:79:23:15:b7:02: 42:1f:78:bf:36:97:48:64:b3:aa:fd:b4:a4:f1:b0:bb:b2:06: c2:e6:7c:29:79:62:39:26:04:a5:b9:2b:14:c4:c7:02:9e:0e: b8:d7:58:a3:48:b9:45:8d:09:e2:ad:a2:e3:ee:8e:7b:19:ea: 37:ac:aa:dd:3d:cb:0a:72:49:96:99:58:cc:9c:34:4e:69:00: 2c:dd:8a:fe:4d:a7:a7:99:cc:a6:bd:3a:61:71:44:01:c0:20: aa:49:ef:34:e7:8c:5f:fe:85:68:70:7d:80:a7:22:21:07:93: be:b0:a5:6b:a2:16:72:30:29:97:47:6f:22:6f:e7:44:68:03: 21:e2:89:f6:d0:88:05:d4:87:07:fb:be:c1:8d:4a:f0:ca:9d: ee:39:b9:a8:11:cf:70:4e:22:4c:78:4a:60:dc:ce:2f:ab:ef: 76:e7:0d:06:e7:c3:be:a8:09:17:28:7d:67:1c:7c:5f:1c:6b: 87:3f:17:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm6AF1EOeShJcY7+i4tr9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ZmJjNzRjZDFmODdhMGJmMTZjNDgyZjYyMDFjOWI5ZWIy NDRlYTIwHhcNMjUxMjA2MDMwMTM5WhcNMjUxMjA3MDMwMTM5WjAzMTEwLwYDVQQD EygwNGQ5YmFhZWIzMDNmMjkyZWUwMGMzN2M4NDk2MDNkOGZmMzE3ZWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yHkihXA/4vdXAlyjlQcs0x7KhUe DEXtB438vaz0E1G4fmf4qYg6GltbpSrrTwh0VkFnO0uIUHcBXMZLY4H4qrbbbmCO JKCeZYFqdrw33T4piA8TtUComgzHw72kdVJGXqAfJIaLZBa+DTKXFg5LOm71su3k zmqj/AB91hQjuziMLRyEeBK/QPJCmj3QakBtWHI0u9/7mGAKIg3+H7nOyZ+YLq/8 NuAUjvejtFllDZbASSePM8jmDXbe6tstjP75T0NKYFAFtAFvYVQP5WCbL2rVIiGj Gp029fhG5FRXRfYQU2QnYFJU9cmXTEn6vlz5tpJiOy9VirncLphZdQ+QGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFATZuq6zA/KS7gDDfISWA9j/MX7uMB8GA1UdIwQY MBaAFNT7x0zR+HoL8WxIL2IBybnrJE6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVB2SFROSDRlZ3Z4YkVndllnSEp1ZXNrVHFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84NzMxMmMtNjljNC00ODEzLWI3NDAt MWM5NjY3NzMwNTM0LzEvMVB2SFROSDRlZ3Z4YkVndllnSEp1ZXNrVHFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS84NzMxMmMtNjljNC00ODEzLWI3NDAtMWM5NjY3NzMwNTM0 LzEvMVB2SFROSDRlZ3Z4YkVndllnSEp1ZXNrVHFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALh4/DE1h 2LDib0HBQ6bB+ScivqOWeGYH4XtWtNM4m9RWK0UZDU0lJ+/dlPD8h9cEZ9T8pkrl hHwLT5z5nwXCOowIr3kjFbcCQh94vzaXSGSzqv20pPGwu7IGwuZ8KXliOSYEpbkr FMTHAp4OuNdYo0i5RY0J4q2i4+6OexnqN6yq3T3LCnJJlplYzJw0TmkALN2K/k2n p5nMpr06YXFEAcAgqknvNOeMX/6FaHB9gKciIQeTvrCla6IWcjApl0dvIm/nRGgD IeKJ9tCIBdSHB/u+wY1K8Mqd7jm5qBHPcE4iTHhKYNzOL6vvducNBufDvqgJFyh9 Zxx8Xxxrhz8X6w== -----END CERTIFICATE-----Generated at Sat Dec 6 09:30:25 2025 by rpki-client