This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.mft File: nEswhmFPR4OKPoCj5uBR09imkvk.mft (raw, json) Hash identifier: zyX3uyjrv7xWJrS0i/GC1HMSexzytYXY/+kLRNUwQRM= Subject key identifier: F8:60:C9:58:5D:C8:7D:10:0E:3F:EC:A8:B2:26:75:9A:E4:B2:70:EC Authority key identifier: 9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9 Certificate issuer: /CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9 Certificate serial: 019AF12DEA78383DFF9FEB7AD1B2CE586469 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.mft Manifest number: 07AD Signing time: Sat 06 Dec 2025 01:01:49 +0000 Manifest this update: Sat 06 Dec 2025 01:01:49 +0000 Manifest next update: Sun 07 Dec 2025 01:01:49 +0000 Files and hashes: 1: a_Q0Oj2hhJ8gyCrgqERD5VjhULo.roa (hash: ix5ZmIac7PSSZ8cbH+U6PyHdhcxmOIX450xPjZ8S6o0=) 2: nEswhmFPR4OKPoCj5uBR09imkvk.crl (hash: UgIbMgFra9T0yMDq11zL+CJmECVfRxfnBr2wZbHXLDI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.crl rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.mft rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:ea:78:38:3d:ff:9f:eb:7a:d1:b2:ce:58:64:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c4b3086614f47838a3e80a3e6e051d3d8a692f9 Validity Not Before: Dec 6 01:01:49 2025 GMT Not After : Dec 7 01:01:49 2025 GMT Subject: CN=f860c9585dc87d100e3feca8b226759ae4b270ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:96:2b:e3:a9:59:9c:21:2c:fe:5e:70:14:a6: 3d:1e:af:fb:2a:d6:5d:3b:74:a9:1c:6b:c5:5e:94: 1c:93:01:58:e1:23:86:57:c0:c9:ac:1a:27:e8:6b: f7:ae:d2:d2:f4:fe:0c:98:71:da:bd:a7:2f:90:1a: de:5a:8c:e1:c4:55:6f:7c:b7:a9:4f:50:a5:e3:99: 42:df:bd:c7:1c:d8:09:bd:b7:af:41:75:f3:29:ab: 44:87:34:45:a3:2b:de:ff:f9:55:55:ff:58:d4:02: ed:c9:fb:7e:8e:a6:d2:83:8a:25:85:75:9a:66:45: 38:fc:d9:6a:ae:db:e2:1b:8b:b8:e8:75:c4:d0:8e: 76:d0:e1:51:25:f0:43:55:29:a7:94:d6:f8:84:38: 15:a7:f7:c4:9c:4d:5d:97:25:21:96:73:04:3f:30: 32:b9:5f:81:a2:ae:f7:2d:8e:fb:d2:c3:33:7d:b9: 92:a3:36:df:6c:c0:3f:74:e1:95:59:0d:d5:ba:a9: 18:1b:17:f8:09:ed:9b:ba:1c:19:ff:80:e1:54:9d: 5d:04:53:56:ee:95:02:1e:b0:da:d4:4a:44:db:37: e3:7d:10:fe:61:76:28:d0:cd:1f:d3:53:aa:bf:13: a0:f4:b0:8a:5c:05:9d:aa:af:b2:34:60:d5:c8:a2: be:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:60:C9:58:5D:C8:7D:10:0E:3F:EC:A8:B2:26:75:9A:E4:B2:70:EC X509v3 Authority Key Identifier: keyid:9C:4B:30:86:61:4F:47:83:8A:3E:80:A3:E6:E0:51:D3:D8:A6:92:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nEswhmFPR4OKPoCj5uBR09imkvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6296d7-c008-4c31-ae7a-84ef9cabb9b6/1/nEswhmFPR4OKPoCj5uBR09imkvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:1e:5a:af:20:a2:4d:aa:b5:c4:c5:e9:4f:88:95:22:5f:69: 85:7d:b9:a4:5b:05:b2:9f:b4:0b:62:b7:29:10:34:f8:95:be: 17:89:6e:3a:0f:4d:8d:98:61:8d:91:e4:f0:e4:14:4b:de:d2: ab:af:b4:c1:e0:68:f0:f1:e6:d8:de:5a:9d:5c:ee:03:c4:3f: 50:da:5e:3e:50:30:09:33:d4:cc:ea:03:25:6f:d8:b0:e3:9f: b1:02:15:1a:85:8a:70:80:fd:84:d8:8b:23:e5:57:d9:1c:a7: f4:27:f0:b3:71:3e:60:80:fc:22:ff:77:37:dc:23:9e:89:00: b1:61:13:67:6d:3e:11:a4:c4:3f:ab:3b:71:90:d9:84:56:06: 75:81:71:5d:39:4c:d3:97:fb:2e:dd:54:25:82:d8:e1:4f:52: 78:45:31:67:31:12:df:fb:a4:a2:30:cc:d2:df:bd:44:79:21: 8d:e5:b9:09:27:b8:61:98:00:bd:fb:00:67:38:38:75:78:d1: d1:8a:1f:e9:ec:aa:f2:d3:23:92:8f:73:3e:74:07:ec:9a:28: 1f:a0:1f:30:22:b9:8c:6d:99:de:91:6b:b4:ee:15:50:96:da: 45:19:11:5a:18:3f:d3:56:58:f4:10:c8:75:35:b4:05:d5:31: 82:e5:22:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLep4OD3/n+t60bLOWGRpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljNGIzMDg2NjE0ZjQ3ODM4YTNlODBhM2U2ZTA1MWQzZDhh NjkyZjkwHhcNMjUxMjA2MDEwMTQ5WhcNMjUxMjA3MDEwMTQ5WjAzMTEwLwYDVQQD EyhmODYwYzk1ODVkYzg3ZDEwMGUzZmVjYThiMjI2NzU5YWU0YjI3MGVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZYr46lZnCEs/l5wFKY9Hq/7KtZd O3SpHGvFXpQckwFY4SOGV8DJrBon6Gv3rtLS9P4MmHHavacvkBreWozhxFVvfLep T1Cl45lC373HHNgJvbevQXXzKatEhzRFoyve//lVVf9Y1ALtyft+jqbSg4olhXWa ZkU4/NlqrtviG4u46HXE0I520OFRJfBDVSmnlNb4hDgVp/fEnE1dlyUhlnMEPzAy uV+Boq73LY770sMzfbmSozbfbMA/dOGVWQ3VuqkYGxf4Ce2buhwZ/4DhVJ1dBFNW 7pUCHrDa1EpE2zfjfRD+YXYo0M0f01OqvxOg9LCKXAWdqq+yNGDVyKK+JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPhgyVhdyH0QDj/sqLImdZrksnDsMB8GA1UdIwQY MBaAFJxLMIZhT0eDij6Ao+bgUdPYppL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2Et ODRlZjljYWJiOWI2LzEvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC82Mjk2ZDctYzAwOC00YzMxLWFlN2EtODRlZjljYWJiOWI2 LzEvbkVzd2htRlBSNE9LUG9DajV1QlIwOWlta3ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaB5aryCi Taq1xMXpT4iVIl9phX25pFsFsp+0C2K3KRA0+JW+F4luOg9NjZhhjZHk8OQUS97S q6+0weBo8PHm2N5anVzuA8Q/UNpePlAwCTPUzOoDJW/YsOOfsQIVGoWKcID9hNiL I+VX2Ryn9Cfws3E+YID8Iv93N9wjnokAsWETZ20+EaTEP6s7cZDZhFYGdYFxXTlM 05f7Lt1UJYLY4U9SeEUxZzES3/ukojDM0t+9RHkhjeW5CSe4YZgAvfsAZzg4dXjR 0Yof6eyq8tMjko9zPnQH7JooH6AfMCK5jG2Z3pFrtO4VUJbaRRkRWhg/01ZY9BDI dTW0BdUxguUing== -----END CERTIFICATE-----Generated at Sat Dec 6 11:31:46 2025 by rpki-client