This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.mft File: U1vkU3bViYdFK9Bka5p0z562yy0.mft (raw, json) Hash identifier: 2IHB3sjEeBU5TxCE5itChEzNiveHkOl5IIJ/s+GadF8= Subject key identifier: 4E:07:B7:5A:3E:8A:16:6D:D8:2C:F2:E5:8F:67:67:82:F3:73:A1:97 Authority key identifier: 53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D Certificate issuer: /CN=535be45376d58987452bd0646b9a74cf9eb6cb2d Certificate serial: 019AF23F603D5A9A043DF8660871F058477F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 06:00:30 +0000 Manifest this update: Sat 06 Dec 2025 06:00:30 +0000 Manifest next update: Sun 07 Dec 2025 06:00:30 +0000 Files and hashes: 1: U1vkU3bViYdFK9Bka5p0z562yy0.crl (hash: gErn1OiBrPZTTC/psV9RyE+1C/geHnK3CdMjZIrhukE=) 2: bldtfvyuIcb6nqjUAl8Ak0zMF30.roa (hash: dx6ZT1WJQ+QEzva9Bd5tv/adJVLszcwVSLKhJy+UO24=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.crl rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.mft rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:60:3d:5a:9a:04:3d:f8:66:08:71:f0:58:47:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=535be45376d58987452bd0646b9a74cf9eb6cb2d Validity Not Before: Dec 6 06:00:30 2025 GMT Not After : Dec 7 06:00:30 2025 GMT Subject: CN=4e07b75a3e8a166dd82cf2e58f676782f373a197 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:20:7f:ca:46:3d:32:a5:50:09:82:d3:6a:c3: fe:8d:e8:7b:ab:2e:57:a5:46:4c:7d:1d:13:e9:89: 23:49:8f:93:52:25:50:86:fd:60:04:b8:bf:c4:e1: 31:12:35:35:d2:38:f5:96:36:51:dc:02:6f:f3:fd: f8:ca:51:49:d6:f8:d9:6e:92:c9:7f:fc:b1:79:70: 35:6c:e6:5f:8e:07:3d:f0:07:26:74:92:9e:64:0e: a4:c9:3c:f5:e4:95:81:04:a7:48:01:4f:f3:ce:6d: 08:07:5c:35:f2:af:25:e9:16:e5:28:cf:6e:f0:8d: c7:e1:23:c5:43:14:0d:68:37:e2:7e:f5:59:59:e1: 3b:2e:a4:0b:88:32:44:16:18:b1:40:2b:3c:f1:38: 5c:bc:25:f9:ab:0f:f1:53:2b:19:33:cb:e9:07:bf: e6:71:4f:d3:73:98:2e:b7:73:9e:50:f6:bd:f5:67: c7:59:ce:86:ec:a4:93:9a:8b:af:3c:19:c4:73:ad: ec:6f:e6:d4:09:63:e2:91:82:77:a8:5d:84:04:7e: 3d:9f:31:7e:e5:35:a2:9e:19:9d:e1:74:d5:bf:f7: 9d:aa:dd:77:e9:9d:10:3e:6e:c8:e9:30:08:2e:1c: 58:16:08:a9:81:c7:5e:31:b3:86:71:3d:64:52:19: 41:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:07:B7:5A:3E:8A:16:6D:D8:2C:F2:E5:8F:67:67:82:F3:73:A1:97 X509v3 Authority Key Identifier: keyid:53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:24:10:c9:f7:38:77:14:bb:2d:23:92:b5:97:c1:9e:04:ce: a0:02:0a:14:e3:1c:d8:10:9b:2d:ff:f2:bf:06:be:b7:75:a2: f4:0d:e8:42:cf:cc:4c:6e:59:42:e0:69:c1:cb:71:33:f6:bd: 73:4f:41:e1:f6:d6:cf:ff:1e:6f:1a:5e:42:4a:47:ad:f3:77: 43:f4:66:7d:8c:ba:d6:07:f9:0c:06:1e:55:8c:9f:8c:4b:9c: 12:b4:18:9f:99:0a:95:98:d1:8a:bc:eb:e2:11:09:fd:6c:5b: d2:e2:94:74:12:8e:df:e5:10:ff:5e:c2:05:9c:9c:b5:18:9f: d5:8b:19:a1:d3:1d:e0:55:1b:2f:79:96:69:83:88:59:ea:9d: 39:aa:ba:f2:0a:3f:dd:e1:bd:36:26:b5:a4:40:52:59:83:6e: 80:03:b0:a8:e6:23:43:bd:1d:d8:4d:91:ed:d5:fd:1f:61:41: b8:e6:20:5e:2b:8d:ac:3d:bb:1b:ba:3a:99:64:a3:ca:47:be: eb:92:93:8c:8a:0e:bf:3d:eb:96:8e:74:3f:6e:e6:32:5d:de: 52:47:c5:87:31:2a:bd:42:90:52:4e:75:ce:91:77:54:5f:5a: 3e:fe:4a:6c:fb:4e:a6:64:a3:46:80:e0:c5:e3:66:2a:9a:84: ab:fb:7b:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP2A9WpoEPfhmCHHwWEd/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzNWJlNDUzNzZkNTg5ODc0NTJiZDA2NDZiOWE3NGNmOWVi NmNiMmQwHhcNMjUxMjA2MDYwMDMwWhcNMjUxMjA3MDYwMDMwWjAzMTEwLwYDVQQD Eyg0ZTA3Yjc1YTNlOGExNjZkZDgyY2YyZTU4ZjY3Njc4MmYzNzNhMTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiB/ykY9MqVQCYLTasP+jeh7qy5X pUZMfR0T6YkjSY+TUiVQhv1gBLi/xOExEjU10jj1ljZR3AJv8/34ylFJ1vjZbpLJ f/yxeXA1bOZfjgc98AcmdJKeZA6kyTz15JWBBKdIAU/zzm0IB1w18q8l6RblKM9u 8I3H4SPFQxQNaDfifvVZWeE7LqQLiDJEFhixQCs88ThcvCX5qw/xUysZM8vpB7/m cU/Tc5gut3OeUPa99WfHWc6G7KSTmouvPBnEc63sb+bUCWPikYJ3qF2EBH49nzF+ 5TWinhmd4XTVv/edqt136Z0QPm7I6TAILhxYFgipgcdeMbOGcT1kUhlBUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE4Ht1o+ihZt2Czy5Y9nZ4Lzc6GXMB8GA1UdIwQY MBaAFFNb5FN21YmHRSvQZGuadM+etsstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUt Y2VjOTJiNTc4MDA2LzEvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUtY2VjOTJiNTc4MDA2 LzEvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoiQQyfc4 dxS7LSOStZfBngTOoAIKFOMc2BCbLf/yvwa+t3Wi9A3oQs/MTG5ZQuBpwctxM/a9 c09B4fbWz/8ebxpeQkpHrfN3Q/RmfYy61gf5DAYeVYyfjEucErQYn5kKlZjRirzr 4hEJ/Wxb0uKUdBKO3+UQ/17CBZyctRif1YsZodMd4FUbL3mWaYOIWeqdOaq68go/ 3eG9Nia1pEBSWYNugAOwqOYjQ70d2E2R7dX9H2FBuOYgXiuNrD27G7o6mWSjyke+ 65KTjIoOvz3rlo50P27mMl3eUkfFhzEqvUKQUk51zpF3VF9aPv5KbPtOpmSjRoDg xeNmKpqEq/t7HA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:29:13 2025 by rpki-client