This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft File: czQP17PChWN63ADx5h4rjkAmWPM.mft (raw, json) Hash identifier: 5sWaaeXXOJxw7Hxcd2hemDaBVkEQSw4EJBIlxgVe1Ug= Subject key identifier: 19:AE:B8:AD:FD:14:61:40:03:93:58:FF:BD:FA:19:97:DA:FA:F8:D1 Authority key identifier: 73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3 Certificate issuer: /CN=73340fd7b3c285637adc00f1e61e2b8e402658f3 Certificate serial: 019AF12CDEE75347ED75DD25D4841138CE3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft Manifest number: 12DF Signing time: Sat 06 Dec 2025 01:00:40 +0000 Manifest this update: Sat 06 Dec 2025 01:00:40 +0000 Manifest next update: Sun 07 Dec 2025 01:00:40 +0000 Files and hashes: 1: HjTMoAYNnig_SLdG7cjgafMO6sM.roa (hash: vtEs32Udg21ECRrqFxXkvtH2fOMUI8ZhlpPEmcfn7YU=) 2: czQP17PChWN63ADx5h4rjkAmWPM.crl (hash: 3o1MU/TF3cCkB38XleR7krB8u6UZx9A1Zn85pc2dcOk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:de:e7:53:47:ed:75:dd:25:d4:84:11:38:ce:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73340fd7b3c285637adc00f1e61e2b8e402658f3 Validity Not Before: Dec 6 01:00:40 2025 GMT Not After : Dec 7 01:00:40 2025 GMT Subject: CN=19aeb8adfd146140039358ffbdfa1997dafaf8d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:b6:55:14:6a:4e:4a:00:05:e6:1c:13:46:cc: 00:5c:2f:de:c4:f1:47:7a:f6:d9:9e:f3:02:7c:36: 53:07:a0:64:bb:e8:6c:3c:bb:ca:5d:d5:c2:b8:d1: ca:c6:09:c8:45:cb:19:70:03:b9:56:a2:8e:37:4d: c0:3f:40:87:5c:fc:3c:4e:ab:8c:7a:12:f8:07:67: b9:05:7d:92:14:b8:36:25:d6:3e:5e:4c:86:70:1c: c0:b2:d8:51:75:0b:96:01:b3:81:fb:50:62:56:d2: 15:ac:c0:4b:72:35:75:36:b5:30:4b:40:89:52:c0: c2:15:54:7a:00:ba:5b:e3:b1:cc:dd:17:41:af:10: d1:b0:05:bf:28:c3:12:49:39:37:1e:c1:3a:31:6b: 9e:c2:8b:00:d2:ab:ea:c8:0c:f7:69:6d:a4:f7:1d: 91:94:e4:95:df:33:2f:b9:87:89:eb:b6:0b:5e:a8: cd:fa:90:ef:fb:c9:a5:1c:f2:73:52:06:90:13:bc: 89:8e:ad:17:83:b4:b9:bc:9b:7b:a0:2d:6e:a1:cf: c6:e6:3f:a5:9f:ec:3a:b1:eb:08:c7:d0:bb:5d:fd: 70:88:b8:6e:fb:a7:20:c6:24:3c:7d:3f:ff:fb:b3: eb:58:9a:e8:63:50:8d:50:05:99:0c:bb:77:86:b9: 7f:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:AE:B8:AD:FD:14:61:40:03:93:58:FF:BD:FA:19:97:DA:FA:F8:D1 X509v3 Authority Key Identifier: keyid:73:34:0F:D7:B3:C2:85:63:7A:DC:00:F1:E6:1E:2B:8E:40:26:58:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czQP17PChWN63ADx5h4rjkAmWPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/0b4dba-0747-4e0f-8036-f2223606c538/1/czQP17PChWN63ADx5h4rjkAmWPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:11:ae:3d:83:c5:e7:37:39:41:8e:86:a4:67:e5:43:c7:74: 6d:ca:d4:55:cf:a8:d3:08:12:29:e5:84:b5:e5:3a:3c:d8:96: 6b:58:4e:80:d6:96:ea:9a:dc:eb:4e:8f:c7:df:44:b6:42:56: 79:9c:95:58:64:ba:7b:b3:e6:de:9e:10:6b:1f:61:8e:bc:e2: d1:79:47:09:82:59:3c:19:ea:7e:fc:8c:3f:4d:f1:1b:0e:9d: 08:f2:80:92:82:12:c1:e2:d8:3b:af:8a:a5:22:06:f7:1b:03: 16:f1:2b:aa:a0:3e:d1:4c:25:b9:a7:5f:b1:fc:b5:dd:ba:6a: 7a:7e:15:47:21:e7:c5:bd:87:0a:ba:a4:e6:2a:e7:0a:ca:c3: 01:21:fa:cf:7c:ab:ab:85:cb:68:64:ef:39:82:2b:24:93:c0: 92:91:05:2f:f3:cf:34:06:8a:9a:1b:29:1c:d9:6f:19:83:c4: 15:0e:29:19:45:26:db:b0:60:16:f1:5b:a7:49:75:05:04:f8: 12:72:75:8d:ab:01:01:a0:b3:d5:11:fd:56:b3:25:6c:ef:81: 6c:cc:04:a5:01:99:84:df:c2:b7:f8:09:22:3c:ff:ab:00:13: 99:b5:6f:45:b0:74:e6:87:32:22:9e:d5:1d:69:6f:6e:4c:14: 6e:84:27:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLN7nU0ftdd0l1IQROM46MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczMzQwZmQ3YjNjMjg1NjM3YWRjMDBmMWU2MWUyYjhlNDAy NjU4ZjMwHhcNMjUxMjA2MDEwMDQwWhcNMjUxMjA3MDEwMDQwWjAzMTEwLwYDVQQD EygxOWFlYjhhZGZkMTQ2MTQwMDM5MzU4ZmZiZGZhMTk5N2RhZmFmOGQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrZVFGpOSgAF5hwTRswAXC/exPFH evbZnvMCfDZTB6Bku+hsPLvKXdXCuNHKxgnIRcsZcAO5VqKON03AP0CHXPw8TquM ehL4B2e5BX2SFLg2JdY+XkyGcBzAsthRdQuWAbOB+1BiVtIVrMBLcjV1NrUwS0CJ UsDCFVR6ALpb47HM3RdBrxDRsAW/KMMSSTk3HsE6MWuewosA0qvqyAz3aW2k9x2R lOSV3zMvuYeJ67YLXqjN+pDv+8mlHPJzUgaQE7yJjq0Xg7S5vJt7oC1uoc/G5j+l n+w6sesIx9C7Xf1wiLhu+6cgxiQ8fT//+7PrWJroY1CNUAWZDLt3hrl/DQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBmuuK39FGFAA5NY/736GZfa+vjRMB8GA1UdIwQY MBaAFHM0D9ezwoVjetwA8eYeK45AJljzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYt ZjIyMjM2MDZjNTM4LzEvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC8wYjRkYmEtMDc0Ny00ZTBmLTgwMzYtZjIyMjM2MDZjNTM4 LzEvY3pRUDE3UENoV042M0FEeDVoNHJqa0FtV1BNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqhGuPYPF 5zc5QY6GpGflQ8d0bcrUVc+o0wgSKeWEteU6PNiWa1hOgNaW6prc606Px99EtkJW eZyVWGS6e7Pm3p4Qax9hjrzi0XlHCYJZPBnqfvyMP03xGw6dCPKAkoISweLYO6+K pSIG9xsDFvErqqA+0Uwluadfsfy13bpqen4VRyHnxb2HCrqk5irnCsrDASH6z3yr q4XLaGTvOYIrJJPAkpEFL/PPNAaKmhspHNlvGYPEFQ4pGUUm27BgFvFbp0l1BQT4 EnJ1jasBAaCz1RH9VrMlbO+BbMwEpQGZhN/Ct/gJIjz/qwATmbVvRbB05ocyIp7V HWlvbkwUboQnaw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:02:41 2025 by rpki-client