This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json) Hash identifier: SiL8hdNP8QsEoXh5pCufZ3/nTmwYNZ1VPAhiX/NCEAY= Subject key identifier: 4B:96:C6:E7:FC:6D:B2:F4:67:D7:29:E5:C8:2E:6A:63:51:8B:62:CC Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75 Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875 Certificate serial: 019AF72F9A39A2C8EC1214FD7155AE5D55D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft Manifest number: 1765 Signing time: Sun 07 Dec 2025 05:01:23 +0000 Manifest this update: Sun 07 Dec 2025 05:01:23 +0000 Manifest next update: Mon 08 Dec 2025 05:01:23 +0000 Files and hashes: 1: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (hash: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=) 2: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: l8mRjYBTlMcx5sRJ7FFEKd749KyjVg6XfCb3hLTikA4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 05:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f7:2f:9a:39:a2:c8:ec:12:14:fd:71:55:ae:5d:55:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875 Validity Not Before: Dec 7 05:01:23 2025 GMT Not After : Dec 8 05:01:23 2025 GMT Subject: CN=4b96c6e7fc6db2f467d729e5c82e6a63518b62cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2c:7f:de:be:d1:68:7a:1b:d5:19:e0:15:a8: 29:03:d1:dc:21:b4:bd:d4:ff:31:96:c8:9e:66:c5: 16:6d:f0:74:a3:a5:18:a5:35:aa:86:32:b6:7a:db: cb:21:82:12:93:2b:86:af:4f:02:bc:6c:65:16:24: 86:ba:e1:af:08:5a:16:b4:45:e9:55:d1:e8:a5:7b: 9e:47:7c:59:3c:b7:f8:1e:fb:66:66:90:4b:34:5a: e1:fa:06:a0:17:1b:6d:12:c6:33:ae:ac:bf:0b:ef: 4d:93:f5:75:9e:fa:09:4d:a5:a3:38:db:f9:9a:d4: f4:58:77:ec:42:ad:3c:8c:87:df:13:3f:67:67:d5: 64:7f:b9:d3:28:d7:41:9d:2e:ed:25:ac:68:4d:f9: cd:db:e4:0f:19:d0:9e:fa:f9:52:1d:c4:9c:91:59: f7:97:b4:0b:0f:46:07:af:53:8a:2a:62:ec:ae:a9: ee:38:15:2f:f2:b5:0b:c0:a1:53:55:77:6e:d8:c4: 31:bf:82:a7:c9:f4:81:f3:12:86:a1:b8:ec:29:bb: f7:07:fc:c0:81:9d:eb:97:08:00:f1:79:f7:e3:b5: b5:c2:48:30:d2:02:d6:eb:8e:10:7e:63:e2:06:d0: f8:71:9e:29:4b:ed:fe:21:cc:af:95:7f:58:de:9b: a4:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:96:C6:E7:FC:6D:B2:F4:67:D7:29:E5:C8:2E:6A:63:51:8B:62:CC X509v3 Authority Key Identifier: keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:e2:03:45:06:6a:2f:a1:80:ec:69:eb:95:d6:dd:19:b5:1a: 3d:1b:b9:c1:66:4f:17:2b:a6:d1:8f:ed:08:11:69:8a:b5:59: fc:9e:fb:52:93:b8:a8:a6:a3:46:25:52:4e:23:db:93:0f:8d: e5:2d:82:10:f4:34:cb:f1:45:ac:60:3c:55:b3:21:55:a4:4b: 69:3c:45:11:b1:8b:4d:f6:d7:f1:d5:24:5a:86:59:93:4a:b7: 77:1f:be:5c:13:26:05:b8:bd:ba:cb:96:6d:5f:2a:5e:24:53: 9d:1b:74:47:8f:be:b0:9f:9a:2e:37:9c:c6:d1:2b:f3:61:0a: c5:68:5a:69:36:ab:b7:80:38:be:c9:6c:4b:26:ad:dc:7a:85: 9c:c5:d0:29:36:2c:a1:a9:13:2d:ea:93:16:c0:b0:b5:71:77: 2b:79:8f:d4:95:cd:34:27:74:ca:a1:16:2f:d7:b1:71:48:cd: 27:b7:78:b7:7f:9a:5e:5b:c7:db:50:e4:83:90:cb:d0:cf:9d: 4c:7e:5f:4c:fb:a9:4d:7c:e1:ae:04:de:c4:d5:7d:3e:bd:2a: 16:1c:3a:16:bb:94:3f:67:88:d8:69:86:ca:b9:5e:48:a0:75: 9f:d2:33:31:d0:e7:71:0e:c1:bd:cb:d8:77:12:43:0c:ac:1f: 0f:2e:25:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr3L5o5osjsEhT9cVWuXVXVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl NTc4NzUwHhcNMjUxMjA3MDUwMTIzWhcNMjUxMjA4MDUwMTIzWjAzMTEwLwYDVQQD Eyg0Yjk2YzZlN2ZjNmRiMmY0NjdkNzI5ZTVjODJlNmE2MzUxOGI2MmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApix/3r7RaHob1RngFagpA9HcIbS9 1P8xlsieZsUWbfB0o6UYpTWqhjK2etvLIYISkyuGr08CvGxlFiSGuuGvCFoWtEXp VdHopXueR3xZPLf4HvtmZpBLNFrh+gagFxttEsYzrqy/C+9Nk/V1nvoJTaWjONv5 mtT0WHfsQq08jIffEz9nZ9Vkf7nTKNdBnS7tJaxoTfnN2+QPGdCe+vlSHcSckVn3 l7QLD0YHr1OKKmLsrqnuOBUv8rULwKFTVXdu2MQxv4KnyfSB8xKGobjsKbv3B/zA gZ3rlwgA8Xn347W1wkgw0gLW644QfmPiBtD4cZ4pS+3+IcyvlX9Y3pukLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEuWxuf8bbL0Z9cp5cguamNRi2LMMB8GA1UdIwQY MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe+IDRQZq L6GA7GnrldbdGbUaPRu5wWZPFyum0Y/tCBFpirVZ/J77UpO4qKajRiVSTiPbkw+N 5S2CEPQ0y/FFrGA8VbMhVaRLaTxFEbGLTfbX8dUkWoZZk0q3dx++XBMmBbi9usuW bV8qXiRTnRt0R4++sJ+aLjecxtEr82EKxWhaaTart4A4vslsSyat3HqFnMXQKTYs oakTLeqTFsCwtXF3K3mP1JXNNCd0yqEWL9excUjNJ7d4t3+aXlvH21Dkg5DL0M+d TH5fTPupTXzhrgTexNV9Pr0qFhw6FruUP2eI2GmGyrleSKB1n9IzMdDncQ7BvcvY dxJDDKwfDy4lKQ== -----END CERTIFICATE-----Generated at Sun Dec 7 13:11:35 2025 by rpki-client