This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.mft File: esYj77_BJHEhYiQMugKk2h1NzqM.mft (raw, json) Hash identifier: 8hvcV++5fl/n/mLUU85xBwyV5/L5z0v/WSc8ZCPUhi0= Subject key identifier: 03:D8:C8:4E:70:2A:15:E2:3A:30:98:C2:13:FF:0F:43:B3:51:3F:09 Authority key identifier: 7A:C6:23:EF:BF:C1:24:71:21:62:24:0C:BA:02:A4:DA:1D:4D:CE:A3 Certificate issuer: /CN=7ac623efbfc124712162240cba02a4da1d4dcea3 Certificate serial: 019AF389715E523A948AB46F992A82F42B09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/esYj77_BJHEhYiQMugKk2h1NzqM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.mft Manifest number: 0F5F Signing time: Sat 06 Dec 2025 12:01:01 +0000 Manifest this update: Sat 06 Dec 2025 12:01:01 +0000 Manifest next update: Sun 07 Dec 2025 12:01:01 +0000 Files and hashes: 1: LCQo2NCbeYZ3q2w5uO1x82UrAS0.roa (hash: /H5HChGZH77x2xCBhcZV4r2K/3suV56lFnfxUuSNtn0=) 2: esYj77_BJHEhYiQMugKk2h1NzqM.crl (hash: GrWznK4EmDjZO8aK7+p8X5ehZ0tVkSfIG84z2RGiKiE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.crl rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.mft rsync://rpki.ripe.net/repository/DEFAULT/esYj77_BJHEhYiQMugKk2h1NzqM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:71:5e:52:3a:94:8a:b4:6f:99:2a:82:f4:2b:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ac623efbfc124712162240cba02a4da1d4dcea3 Validity Not Before: Dec 6 12:01:01 2025 GMT Not After : Dec 7 12:01:01 2025 GMT Subject: CN=03d8c84e702a15e23a3098c213ff0f43b3513f09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:db:c0:f5:cb:eb:fe:25:da:81:af:5c:a7:ef: 30:7f:26:73:a7:79:d4:21:84:8e:0f:56:73:0c:6b: 2f:5b:11:3d:c2:01:2f:53:6a:01:ee:e1:c3:56:50: e1:ef:26:47:7b:1a:8b:fe:35:ec:0f:8d:2a:fa:28: 21:b4:9c:a7:ad:22:ef:a6:5c:ce:ac:df:f7:73:5d: f1:30:8c:84:ab:3f:f5:f4:a6:83:05:cb:af:2d:54: 45:fe:bd:f2:2a:c8:ca:ce:66:5f:ef:03:9b:2d:e9: 26:f0:cc:58:4a:82:66:8f:8e:9c:7b:2b:12:57:58: 6d:ac:fd:99:4b:21:80:46:e7:ad:52:98:6c:cc:9b: 78:79:b1:84:c5:c8:b6:22:79:db:ea:49:73:48:ed: 71:a7:6a:97:04:ac:ee:e0:53:f5:8b:85:1b:91:4d: b7:a7:63:14:1f:79:af:37:a0:fc:1b:13:b5:89:ba: 92:ad:8e:30:01:e7:9d:fe:35:78:17:22:bc:c5:6a: c8:3a:8f:cd:c0:26:97:19:a9:08:fe:c2:4f:61:c7: da:e8:55:ba:3e:a4:df:0a:03:7b:52:e9:76:1c:a4: 1c:81:45:31:4c:13:82:7a:01:66:94:3c:b1:85:e2: 4e:a5:d6:09:d2:13:a9:4c:3b:61:74:3e:70:bb:c3: 8c:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:D8:C8:4E:70:2A:15:E2:3A:30:98:C2:13:FF:0F:43:B3:51:3F:09 X509v3 Authority Key Identifier: keyid:7A:C6:23:EF:BF:C1:24:71:21:62:24:0C:BA:02:A4:DA:1D:4D:CE:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/esYj77_BJHEhYiQMugKk2h1NzqM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/c74a4f-4052-4c9b-a7f8-43aa4cce3f48/1/esYj77_BJHEhYiQMugKk2h1NzqM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:e4:a6:1f:30:d8:bf:43:dd:d3:4b:4c:b5:cc:b6:49:d8:0c: aa:cb:6a:e1:81:a9:81:ba:08:9f:4d:27:19:28:f3:79:3c:e5: 2a:06:e5:8e:df:07:b5:60:44:25:39:16:39:50:c1:ac:54:44: c3:32:02:33:10:60:e0:77:cf:a4:74:b0:79:ed:96:99:43:34: e2:82:5f:58:17:5d:6d:27:17:50:72:aa:04:93:04:18:30:bb: cb:ba:c6:48:2a:49:e8:0f:0e:15:45:41:ee:38:7f:a0:05:22: be:d2:a8:eb:bf:a0:06:b5:53:26:60:fa:be:53:22:d1:c2:6e: 1c:1b:b9:aa:4e:d9:2c:55:63:de:92:b8:b4:02:e6:79:48:bd: ce:5e:74:7d:0f:d1:9c:ac:58:68:8c:b2:28:ed:14:ab:77:b5: 55:25:5e:23:07:9c:8c:7f:62:cb:c2:d6:89:01:f3:0b:ca:ed: 86:fb:26:96:0f:02:ce:f1:3e:d1:c8:63:a3:d9:40:7f:60:85: 4c:83:0c:53:73:76:c1:c2:fc:20:4c:9a:f3:2d:21:1f:38:02: 86:cc:a0:d9:a5:f9:26:62:34:b7:7a:48:3a:fa:47:67:a1:2d: 94:e6:96:ac:6b:fe:53:4e:2a:6d:01:96:bd:64:56:06:8d:cd: 65:c6:02:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziXFeUjqUirRvmSqC9CsJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhYzYyM2VmYmZjMTI0NzEyMTYyMjQwY2JhMDJhNGRhMWQ0 ZGNlYTMwHhcNMjUxMjA2MTIwMTAxWhcNMjUxMjA3MTIwMTAxWjAzMTEwLwYDVQQD EygwM2Q4Yzg0ZTcwMmExNWUyM2EzMDk4YzIxM2ZmMGY0M2IzNTEzZjA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9vA9cvr/iXaga9cp+8wfyZzp3nU IYSOD1ZzDGsvWxE9wgEvU2oB7uHDVlDh7yZHexqL/jXsD40q+ightJynrSLvplzO rN/3c13xMIyEqz/19KaDBcuvLVRF/r3yKsjKzmZf7wObLekm8MxYSoJmj46ceysS V1htrP2ZSyGARuetUphszJt4ebGExci2Innb6klzSO1xp2qXBKzu4FP1i4UbkU23 p2MUH3mvN6D8GxO1ibqSrY4wAeed/jV4FyK8xWrIOo/NwCaXGakI/sJPYcfa6FW6 PqTfCgN7Uul2HKQcgUUxTBOCegFmlDyxheJOpdYJ0hOpTDthdD5wu8OMkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAPYyE5wKhXiOjCYwhP/D0OzUT8JMB8GA1UdIwQY MBaAFHrGI++/wSRxIWIkDLoCpNodTc6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZXNZajc3X0JKSEVoWWlRTXVnS2syaDFOenFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jNzRhNGYtNDA1Mi00YzliLWE3Zjgt NDNhYTRjY2UzZjQ4LzEvZXNZajc3X0JKSEVoWWlRTXVnS2syaDFOenFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9jNzRhNGYtNDA1Mi00YzliLWE3ZjgtNDNhYTRjY2UzZjQ4 LzEvZXNZajc3X0JKSEVoWWlRTXVnS2syaDFOenFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl+SmHzDY v0Pd00tMtcy2SdgMqstq4YGpgboIn00nGSjzeTzlKgbljt8HtWBEJTkWOVDBrFRE wzICMxBg4HfPpHSwee2WmUM04oJfWBddbScXUHKqBJMEGDC7y7rGSCpJ6A8OFUVB 7jh/oAUivtKo67+gBrVTJmD6vlMi0cJuHBu5qk7ZLFVj3pK4tALmeUi9zl50fQ/R nKxYaIyyKO0Uq3e1VSVeIwecjH9iy8LWiQHzC8rthvsmlg8CzvE+0chjo9lAf2CF TIMMU3N2wcL8IEya8y0hHzgChsyg2aX5JmI0t3pIOvpHZ6EtlOaWrGv+U04qbQGW vWRWBo3NZcYC9Q== -----END CERTIFICATE-----Generated at Sat Dec 6 22:25:46 2025 by rpki-client