This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json) Hash identifier: V+mnqk52FVizC4hP+G0RvTUKU5/AKiS/nvvCBL02slw= Subject key identifier: 82:E2:1B:59:72:2E:A8:F1:3B:16:D5:06:43:C5:E5:F5:EC:D6:9F:E2 Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79 Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79 Certificate serial: 019AF051143F92739F1AD72AE5DDE3CED477 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft Manifest number: 1760 Signing time: Fri 05 Dec 2025 21:00:36 +0000 Manifest this update: Fri 05 Dec 2025 21:00:36 +0000 Manifest next update: Sat 06 Dec 2025 21:00:36 +0000 Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=) 2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: 6eWQGU+j4UjbsbXv5foLVI60G1KdE7tFRZ+oCHbP2QM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 21:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:51:14:3f:92:73:9f:1a:d7:2a:e5:dd:e3:ce:d4:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79 Validity Not Before: Dec 5 21:00:36 2025 GMT Not After : Dec 6 21:00:36 2025 GMT Subject: CN=82e21b59722ea8f13b16d50643c5e5f5ecd69fe2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:37:b5:f8:d8:2f:bd:d4:84:62:95:65:2c:98: 52:ee:97:42:c6:5c:29:f3:78:fd:40:2b:d4:70:a5: 53:09:4b:47:f0:55:20:96:25:0f:74:9c:72:51:90: 81:a0:b4:1a:41:8c:50:09:6b:e3:46:1e:cc:a1:6b: ee:da:83:cc:c1:c1:a0:ca:13:02:24:58:48:de:cd: 95:e1:0f:12:1e:40:ac:cd:be:06:dc:fe:b4:93:aa: 25:9e:62:d1:93:7a:a7:ec:bc:0b:e6:42:a5:36:de: da:76:7c:b7:22:e0:9a:27:2f:92:d4:5e:64:ca:cf: 33:1e:25:ba:31:a9:6a:6c:38:3a:bd:8e:67:0b:25: f5:5e:89:51:30:62:a3:af:67:e2:99:5e:f6:7f:29: af:18:51:29:a2:bd:e7:80:c7:30:63:a3:45:29:89: 16:c2:cd:15:a9:88:37:9e:0f:a7:dc:73:8d:3c:23: 9f:c5:47:f5:d6:84:69:ed:da:d4:91:c9:94:08:ae: a7:55:91:a9:11:7b:b2:3b:ee:2f:b2:bf:ed:4b:5a: ae:82:39:d6:da:29:d3:f4:6c:ad:73:65:e8:f2:3a: 02:33:ef:03:89:85:de:97:2c:5e:e6:4c:4c:95:d6: fb:a3:f2:a4:2d:1b:02:c6:d8:8e:69:3b:fd:01:a0: 10:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:E2:1B:59:72:2E:A8:F1:3B:16:D5:06:43:C5:E5:F5:EC:D6:9F:E2 X509v3 Authority Key Identifier: keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:65:c2:dd:44:7e:8a:74:a8:c7:2e:a4:e1:c1:f8:ad:fa:c5: 0a:b9:15:f3:8f:28:41:8f:36:2d:cc:1f:49:51:3a:e8:25:06: 23:ce:c5:7d:5a:82:17:34:9b:25:2a:b7:86:ea:12:84:7e:37: 82:c5:3e:ad:95:f5:bb:30:ce:60:69:f2:37:20:9b:fc:5e:61: 48:0e:e6:e4:13:5e:e3:b1:d9:af:4d:63:ec:fd:de:40:8d:e3: 8c:f2:51:86:41:80:e2:71:10:e1:0d:c9:72:fc:d4:70:a8:41: 55:41:9a:8c:21:f7:f4:80:5b:01:dc:c2:eb:73:68:4b:fb:32: 07:42:52:8e:29:91:14:e9:b5:2f:bf:42:0a:2d:aa:54:58:fb: f7:a6:d6:f3:47:62:e0:aa:a8:66:77:63:26:b8:35:84:6a:cf: bd:52:c4:d4:03:65:ab:4c:03:93:94:73:85:3c:9f:49:bb:f8: 06:89:95:65:bf:88:5e:ae:e4:9d:71:61:dc:c2:b9:72:51:48: d4:54:eb:9a:1f:c6:82:7a:e5:ce:36:10:7c:b2:7d:2f:dd:58: 34:8b:ea:2b:4d:a2:ff:54:ca:8c:b3:48:fe:3c:f0:b7:83:09: 68:a2:2a:a6:26:91:2b:cf:77:46:2a:35:e8:ec:e6:31:68:6e: b1:c3:25:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwURQ/knOfGtcq5d3jztR3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh NWNiNzkwHhcNMjUxMjA1MjEwMDM2WhcNMjUxMjA2MjEwMDM2WjAzMTEwLwYDVQQD Eyg4MmUyMWI1OTcyMmVhOGYxM2IxNmQ1MDY0M2M1ZTVmNWVjZDY5ZmUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmje1+NgvvdSEYpVlLJhS7pdCxlwp 83j9QCvUcKVTCUtH8FUgliUPdJxyUZCBoLQaQYxQCWvjRh7MoWvu2oPMwcGgyhMC JFhI3s2V4Q8SHkCszb4G3P60k6olnmLRk3qn7LwL5kKlNt7adny3IuCaJy+S1F5k ys8zHiW6MalqbDg6vY5nCyX1XolRMGKjr2fimV72fymvGFEpor3ngMcwY6NFKYkW ws0VqYg3ng+n3HONPCOfxUf11oRp7drUkcmUCK6nVZGpEXuyO+4vsr/tS1qugjnW 2inT9Gytc2Xo8joCM+8DiYXelyxe5kxMldb7o/KkLRsCxtiOaTv9AaAQkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFILiG1lyLqjxOxbVBkPF5fXs1p/iMB8GA1UdIwQY MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAomXC3UR+ inSoxy6k4cH4rfrFCrkV848oQY82LcwfSVE66CUGI87FfVqCFzSbJSq3huoShH43 gsU+rZX1uzDOYGnyNyCb/F5hSA7m5BNe47HZr01j7P3eQI3jjPJRhkGA4nEQ4Q3J cvzUcKhBVUGajCH39IBbAdzC63NoS/syB0JSjimRFOm1L79CCi2qVFj796bW80di 4KqoZndjJrg1hGrPvVLE1ANlq0wDk5RzhTyfSbv4BomVZb+IXq7knXFh3MK5clFI 1FTrmh/GgnrlzjYQfLJ9L91YNIvqK02i/1TKjLNI/jzwt4MJaKIqpiaRK893Rio1 6OzmMWhuscMl5w== -----END CERTIFICATE-----Generated at Sat Dec 6 07:15:13 2025 by rpki-client