This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.mft File: cHr0U0bwa2IqDru0_5ujO-b0Lx4.mft (raw, json) Hash identifier: VW771fsuznGO/VLdUw5bAFj2iGVPE8zGkGPUP4lU634= Subject key identifier: E6:83:4F:CB:83:6A:CE:29:7A:FC:F9:2D:9C:27:17:3D:3A:89:FD:86 Authority key identifier: 70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E Certificate issuer: /CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e Certificate serial: 019AF12DF2BC6F52BA199337085535564A70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.mft Manifest number: 1569 Signing time: Sat 06 Dec 2025 01:01:51 +0000 Manifest this update: Sat 06 Dec 2025 01:01:51 +0000 Manifest next update: Sun 07 Dec 2025 01:01:51 +0000 Files and hashes: 1: Dg3_0N_QJLl_z9oMjas8amvsSl4.roa (hash: i//fT7WOmOH7LBZUXbS89Zg6KyN/Hg+cEJQRzh4C3DQ=) 2: cHr0U0bwa2IqDru0_5ujO-b0Lx4.crl (hash: lbb9MYGTVWfWufD4HuGGEF+SLGkyqZlPPSs+8oSJJ1c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.crl rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.mft rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:f2:bc:6f:52:ba:19:93:37:08:55:35:56:4a:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e Validity Not Before: Dec 6 01:01:51 2025 GMT Not After : Dec 7 01:01:51 2025 GMT Subject: CN=e6834fcb836ace297afcf92d9c27173d3a89fd86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:43:5f:4d:ae:ef:7e:ac:10:44:11:f6:63:33: fa:91:7c:5a:42:5d:8d:cf:31:29:1e:69:45:8f:0c: 65:1f:6a:9e:85:9f:4b:42:13:9d:9b:7d:5d:a1:3a: 90:3a:94:3b:47:7f:e9:cb:32:2d:29:37:db:cd:06: ee:0f:2d:ef:0a:d8:a6:f5:96:8d:cc:62:2a:59:0a: 4e:e1:cd:1c:37:f9:3b:04:cc:af:1a:97:d3:d2:48: e5:61:e0:e9:66:5d:31:64:fd:6e:79:04:f4:b6:62: 5a:c0:0a:c4:e2:30:c0:0c:81:76:20:bd:ad:2b:25: 1f:e0:b4:f1:bd:82:cc:a8:91:e6:63:76:74:5f:c9: 93:ae:66:f3:fb:92:70:2a:a0:5a:dc:cc:7d:b6:5c: 96:9e:f4:d6:43:71:05:d8:bb:78:63:73:92:04:a0: a8:7a:62:4f:78:29:c2:a1:73:a1:bf:24:a5:3a:b7: 59:1c:2e:c2:90:46:4b:cc:86:df:1f:46:b4:4f:33: 0f:53:42:4d:99:0a:ed:b0:bf:74:21:e4:79:7d:89: 5a:d3:74:2d:da:55:da:b7:e9:6a:ac:10:d4:c1:6d: b9:7f:84:70:e6:88:9a:1a:c1:e0:46:98:c5:24:57: cd:87:10:08:91:9e:45:92:42:d9:18:8a:d6:76:fa: 87:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:83:4F:CB:83:6A:CE:29:7A:FC:F9:2D:9C:27:17:3D:3A:89:FD:86 X509v3 Authority Key Identifier: keyid:70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:b0:c6:b6:68:34:29:a1:65:f2:48:fe:fc:5a:6d:93:0c:e4: 2f:1e:63:6a:ba:f0:5c:94:ea:22:7f:49:1b:05:55:45:bb:b4: cc:2f:58:84:76:02:9e:80:aa:a1:27:d9:e1:48:c5:96:a2:5e: c0:f0:a8:c0:f2:78:36:c8:ef:b5:d7:d0:2e:0d:db:53:66:8e: a3:3d:f2:cc:73:51:15:d7:4d:c3:d9:ab:6b:44:ec:53:2c:60: cb:33:e3:f5:30:30:29:ff:64:ea:39:93:d5:7e:6b:9c:17:d9: 98:fc:32:70:af:0b:33:a7:76:9d:a0:52:20:a8:a0:c0:88:8e: d0:ba:be:cc:dd:7f:cc:2a:dc:8f:b1:1b:e4:a4:62:5c:b2:77: 34:f1:4f:a6:cc:3d:32:49:20:be:f3:08:4f:da:84:5c:7c:d7: f4:b4:55:0f:4f:b1:24:a2:2c:58:5e:60:d2:98:da:d7:22:7c: 00:0d:d6:6a:a7:4b:6e:a2:a5:73:2d:55:03:23:ce:ab:9c:73: 99:c3:2c:61:ea:d7:f3:c6:9a:e1:4e:7c:03:fc:9f:2e:25:9e: bf:a3:2b:77:2e:c3:df:65:ae:78:3d:a4:04:a4:32:fd:8f:fe: b5:81:b0:0b:ff:bd:8e:f2:da:3c:df:67:22:74:0a:f4:87:0c: a2:a4:be:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLfK8b1K6GZM3CFU1VkpwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwN2FmNDUzNDZmMDZiNjIyYTBlYmJiNGZmOWJhMzNiZTZm NDJmMWUwHhcNMjUxMjA2MDEwMTUxWhcNMjUxMjA3MDEwMTUxWjAzMTEwLwYDVQQD EyhlNjgzNGZjYjgzNmFjZTI5N2FmY2Y5MmQ5YzI3MTczZDNhODlmZDg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkNfTa7vfqwQRBH2YzP6kXxaQl2N zzEpHmlFjwxlH2qehZ9LQhOdm31doTqQOpQ7R3/pyzItKTfbzQbuDy3vCtim9ZaN zGIqWQpO4c0cN/k7BMyvGpfT0kjlYeDpZl0xZP1ueQT0tmJawArE4jDADIF2IL2t KyUf4LTxvYLMqJHmY3Z0X8mTrmbz+5JwKqBa3Mx9tlyWnvTWQ3EF2Lt4Y3OSBKCo emJPeCnCoXOhvySlOrdZHC7CkEZLzIbfH0a0TzMPU0JNmQrtsL90IeR5fYla03Qt 2lXat+lqrBDUwW25f4Rw5oiaGsHgRpjFJFfNhxAIkZ5FkkLZGIrWdvqH7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOaDT8uDas4pevz5LZwnFz06if2GMB8GA1UdIwQY MBaAFHB69FNG8GtiKg67tP+bozvm9C8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDIt NGI3ODA4ZDk4NjY0LzEvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDItNGI3ODA4ZDk4NjY0 LzEvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLDGtmg0 KaFl8kj+/FptkwzkLx5jarrwXJTqIn9JGwVVRbu0zC9YhHYCnoCqoSfZ4UjFlqJe wPCowPJ4NsjvtdfQLg3bU2aOoz3yzHNRFddNw9mra0TsUyxgyzPj9TAwKf9k6jmT 1X5rnBfZmPwycK8LM6d2naBSIKigwIiO0Lq+zN1/zCrcj7Eb5KRiXLJ3NPFPpsw9 MkkgvvMIT9qEXHzX9LRVD0+xJKIsWF5g0pja1yJ8AA3WaqdLbqKlcy1VAyPOq5xz mcMsYerX88aa4U58A/yfLiWev6Mrdy7D32WueD2kBKQy/Y/+tYGwC/+9jvLaPN9n InQK9IcMoqS+oA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:07:35 2025 by rpki-client