This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.mft File: ekMlOjaPxkdYU5cbqSNb4CM9i3w.mft (raw, json) Hash identifier: IbnlnxKNo6E9DQqZMkHS0QrsWt5CQTKhWyo30PwZonM= Subject key identifier: 33:CB:E6:84:40:2D:CF:BA:4E:01:C3:3E:5C:D5:A7:F2:97:4C:42:98 Authority key identifier: 7A:43:25:3A:36:8F:C6:47:58:53:97:1B:A9:23:5B:E0:23:3D:8B:7C Certificate issuer: /CN=7a43253a368fc6475853971ba9235be0233d8b7c Certificate serial: 019AF12EDCF89938F8FD878301D29761A8E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.mft Manifest number: 11D9 Signing time: Sat 06 Dec 2025 01:02:51 +0000 Manifest this update: Sat 06 Dec 2025 01:02:51 +0000 Manifest next update: Sun 07 Dec 2025 01:02:51 +0000 Files and hashes: 1: EyXyZh1NMVmQSwOvgsi_6X0fzdc.roa (hash: zdUTP+PrB9t/KpvAQvCmMyip6WSChLUYJHZuuaMU0rs=) 2: ekMlOjaPxkdYU5cbqSNb4CM9i3w.crl (hash: EDZH5XDquAIMYmGw0RuAKvzXPAzyKf4HWCB1Mf8Ehts=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.mft rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:dc:f8:99:38:f8:fd:87:83:01:d2:97:61:a8:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7a43253a368fc6475853971ba9235be0233d8b7c Validity Not Before: Dec 6 01:02:51 2025 GMT Not After : Dec 7 01:02:51 2025 GMT Subject: CN=33cbe684402dcfba4e01c33e5cd5a7f2974c4298 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:88:33:f0:0e:4f:51:8d:7f:41:54:86:50:c3: 24:2d:4c:9b:a5:5d:42:c9:f0:3e:05:9d:c7:df:b2: 90:83:70:86:f3:41:be:f7:65:87:dd:03:a5:60:8a: 2d:82:94:37:2d:87:0f:36:96:aa:4d:75:bc:fb:c7: 46:51:c6:85:2b:4c:83:23:f0:ee:c7:ac:3b:ca:3a: 33:35:c7:9e:37:fc:07:7d:b3:b0:ff:35:43:32:b6: a5:43:26:a9:16:37:9d:b7:21:2b:65:51:7c:04:23: 7a:71:e1:79:ab:51:7b:2f:d5:40:ce:f0:39:89:3e: db:9d:1c:c1:12:88:bf:9a:a3:e8:0b:27:cd:7c:8e: 41:64:66:c7:0a:50:6b:04:0f:46:2e:f9:f8:09:48: 96:97:15:e0:56:57:8a:36:6e:82:07:d6:08:ed:93: 63:43:29:99:38:23:42:c1:5e:72:f6:68:ef:3b:8f: 6d:0d:c8:9b:f2:27:29:b0:d6:9b:27:a0:9d:70:0e: bf:0b:85:da:59:bb:69:92:55:01:a1:00:76:e1:cd: 14:51:33:b6:0a:0b:88:6d:83:60:51:f2:a2:54:35: e7:05:87:29:ec:19:b2:57:f5:63:f8:3c:22:b9:29: c7:1d:ca:d8:94:fe:6d:b9:1d:e7:53:da:c4:87:f7: aa:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:CB:E6:84:40:2D:CF:BA:4E:01:C3:3E:5C:D5:A7:F2:97:4C:42:98 X509v3 Authority Key Identifier: keyid:7A:43:25:3A:36:8F:C6:47:58:53:97:1B:A9:23:5B:E0:23:3D:8B:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekMlOjaPxkdYU5cbqSNb4CM9i3w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/bcae7d-9daa-4fc1-807b-7f6dea38e7aa/1/ekMlOjaPxkdYU5cbqSNb4CM9i3w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:02:e0:e3:e4:e2:84:68:d2:f9:02:3b:43:db:ae:3f:5e:09: 21:04:9d:af:73:39:81:bb:40:ad:17:5a:a8:8f:ef:53:a6:41: c7:86:36:7f:8f:9c:cf:f6:47:50:f5:03:00:87:75:26:50:c0: ee:f6:81:36:fa:4a:8d:89:99:db:dd:95:f2:ea:a3:24:1b:cc: 83:6c:fd:10:fd:c8:37:3b:b4:38:40:db:e8:88:88:82:5c:53: 62:fd:46:42:de:57:d8:df:e2:2f:c0:2a:c2:58:cf:69:20:04: 4f:41:de:70:ee:ae:ae:c2:68:f0:0b:2e:30:94:80:99:ba:eb: 0e:7e:89:ac:6f:5e:e0:a7:a2:e5:3a:94:e2:fb:cf:47:f6:a7: cc:dd:12:7e:a8:63:e3:16:1e:18:0b:75:71:fd:7a:44:63:f8: bf:1a:e0:77:9f:da:f5:67:56:76:11:fd:88:97:0e:90:6c:ec: f7:01:da:e0:57:58:02:78:f5:4b:98:dc:95:4f:59:2f:d5:13: bd:a6:46:e2:01:30:c0:ed:af:25:e3:e0:2b:3a:56:d5:35:79: ef:c9:4e:50:c6:b6:8f:c0:4e:64:12:d5:43:15:dd:f6:a8:15: 63:bb:a1:f3:55:31:18:ef:96:56:3e:3c:60:a6:63:32:59:a6: 81:c3:a1:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLtz4mTj4/YeDAdKXYajmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhNDMyNTNhMzY4ZmM2NDc1ODUzOTcxYmE5MjM1YmUwMjMz ZDhiN2MwHhcNMjUxMjA2MDEwMjUxWhcNMjUxMjA3MDEwMjUxWjAzMTEwLwYDVQQD EygzM2NiZTY4NDQwMmRjZmJhNGUwMWMzM2U1Y2Q1YTdmMjk3NGM0Mjk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ygz8A5PUY1/QVSGUMMkLUybpV1C yfA+BZ3H37KQg3CG80G+92WH3QOlYIotgpQ3LYcPNpaqTXW8+8dGUcaFK0yDI/Du x6w7yjozNceeN/wHfbOw/zVDMralQyapFjedtyErZVF8BCN6ceF5q1F7L9VAzvA5 iT7bnRzBEoi/mqPoCyfNfI5BZGbHClBrBA9GLvn4CUiWlxXgVleKNm6CB9YI7ZNj QymZOCNCwV5y9mjvO49tDcib8icpsNabJ6CdcA6/C4XaWbtpklUBoQB24c0UUTO2 CguIbYNgUfKiVDXnBYcp7BmyV/Vj+DwiuSnHHcrYlP5tuR3nU9rEh/eqeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDPL5oRALc+6TgHDPlzVp/KXTEKYMB8GA1UdIwQY MBaAFHpDJTo2j8ZHWFOXG6kjW+AjPYt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZWtNbE9qYVB4a2RZVTVjYnFTTmI0Q005aTN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iY2FlN2QtOWRhYS00ZmMxLTgwN2It N2Y2ZGVhMzhlN2FhLzEvZWtNbE9qYVB4a2RZVTVjYnFTTmI0Q005aTN3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9iY2FlN2QtOWRhYS00ZmMxLTgwN2ItN2Y2ZGVhMzhlN2Fh LzEvZWtNbE9qYVB4a2RZVTVjYnFTTmI0Q005aTN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFwLg4+Ti hGjS+QI7Q9uuP14JIQSdr3M5gbtArRdaqI/vU6ZBx4Y2f4+cz/ZHUPUDAId1JlDA 7vaBNvpKjYmZ292V8uqjJBvMg2z9EP3INzu0OEDb6IiIglxTYv1GQt5X2N/iL8Aq wljPaSAET0HecO6ursJo8AsuMJSAmbrrDn6JrG9e4Kei5TqU4vvPR/anzN0Sfqhj 4xYeGAt1cf16RGP4vxrgd5/a9WdWdhH9iJcOkGzs9wHa4FdYAnj1S5jclU9ZL9UT vaZG4gEwwO2vJePgKzpW1TV578lOUMa2j8BOZBLVQxXd9qgVY7uh81UxGO+WVj48 YKZjMlmmgcOhaw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:00:05 2025 by rpki-client