This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/59aKnrhqgmTp3cMSKEm4DMNC9dw.mft File: 59aKnrhqgmTp3cMSKEm4DMNC9dw.mft (raw, json) Hash identifier: JUhhZql+589mz2JIu3GejqAgd2pbS3MrsnbgW9he8U4= Subject key identifier: 36:03:DF:22:EE:EA:A4:15:1F:8E:68:6F:73:EA:DE:83:7F:59:0E:40 Authority key identifier: E7:D6:8A:9E:B8:6A:82:64:E9:DD:C3:12:28:49:B8:0C:C3:42:F5:DC Certificate issuer: /CN=e7d68a9eb86a8264e9ddc3122849b80cc342f5dc Certificate serial: 019AF61C99869139E2B54D09606B6E9936C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59aKnrhqgmTp3cMSKEm4DMNC9dw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/59aKnrhqgmTp3cMSKEm4DMNC9dw.mft Manifest number: 147D Signing time: Sun 07 Dec 2025 00:01:00 +0000 Manifest this update: Sun 07 Dec 2025 00:01:00 +0000 Manifest next update: Mon 08 Dec 2025 00:01:00 +0000 Files and hashes: 1: 59aKnrhqgmTp3cMSKEm4DMNC9dw.crl (hash: t8QHPOG3iBx7yCRb5nFoBoyL6VBV44uFGmoA2S+rVHA=) 2: qetS73-OE2CSttiMvug0TDfkr54.roa (hash: f7CQ5AXCS66V7YOxpVoih8o6XmqrwIeswAWr26eRNls=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/59aKnrhqgmTp3cMSKEm4DMNC9dw.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/59aKnrhqgmTp3cMSKEm4DMNC9dw.mft rsync://rpki.ripe.net/repository/DEFAULT/59aKnrhqgmTp3cMSKEm4DMNC9dw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:1c:99:86:91:39:e2:b5:4d:09:60:6b:6e:99:36:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e7d68a9eb86a8264e9ddc3122849b80cc342f5dc Validity Not Before: Dec 7 00:01:00 2025 GMT Not After : Dec 8 00:01:00 2025 GMT Subject: CN=3603df22eeeaa4151f8e686f73eade837f590e40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:31:9d:cf:8b:e1:28:69:40:4e:f5:6d:69:8d: 80:f4:90:b1:a7:fb:ad:10:10:f1:5f:0a:28:a9:bf: 7f:64:eb:0d:e8:93:df:58:d4:e7:a5:6e:ff:8b:e7: 07:7f:58:3c:f0:43:42:44:97:af:76:95:86:07:e4: b5:a4:a8:ff:f0:1f:fc:26:bd:e3:7c:ba:80:dc:26: bc:ad:69:55:7a:13:46:aa:ff:d5:a7:db:7c:4c:c6: 6a:94:fd:f0:ce:18:a5:22:29:ef:ae:63:38:4e:d7: 18:10:74:08:08:86:f3:b9:1d:6c:07:ae:a2:7b:4f: 98:84:f7:1d:6a:42:05:a8:d4:6d:b4:19:e0:f8:41: 27:35:9a:c4:2f:22:c6:51:b6:54:7e:81:be:8a:a0: 23:70:9c:be:23:ac:37:e4:8b:6e:74:9f:c5:aa:d4: 5b:a9:83:14:f8:2f:62:11:fc:61:9b:ea:6b:8a:e0: d4:95:d7:59:69:81:6d:f9:d4:11:ed:88:e7:11:51: 0c:39:31:ad:9f:2a:72:7c:dc:60:be:21:06:76:53: de:2c:57:ae:1f:7b:73:80:64:84:8f:f1:67:6a:d2: 62:1d:0c:ce:ab:fd:5a:b8:89:a9:32:50:4c:a4:1d: 30:b9:6c:bc:53:6c:15:76:22:48:57:59:57:68:0e: ac:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:03:DF:22:EE:EA:A4:15:1F:8E:68:6F:73:EA:DE:83:7F:59:0E:40 X509v3 Authority Key Identifier: keyid:E7:D6:8A:9E:B8:6A:82:64:E9:DD:C3:12:28:49:B8:0C:C3:42:F5:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59aKnrhqgmTp3cMSKEm4DMNC9dw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/59aKnrhqgmTp3cMSKEm4DMNC9dw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/565ea1-2a36-4403-941e-f0d40f029673/1/59aKnrhqgmTp3cMSKEm4DMNC9dw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:fc:0b:92:ee:86:98:a3:dc:fe:8b:48:27:31:df:f0:43:6b: b7:75:79:d5:c7:eb:3a:fc:79:25:5d:4c:98:8f:63:8a:10:ea: 5e:5e:ec:a9:a4:35:35:7c:17:ce:0e:e4:b8:42:a1:33:e4:de: c1:95:e1:5f:92:b3:26:43:6c:0a:d7:fb:21:a9:26:a4:4a:b3: da:a0:e8:5e:3b:2d:98:49:9e:3d:19:9a:e8:da:e7:30:1e:1e: b6:5a:94:47:7b:ea:5c:85:7b:39:cc:68:73:8f:28:fb:df:02: 39:38:8f:cb:14:fb:7e:e7:98:1a:9d:bc:32:25:d8:16:d8:0d: d0:e9:96:34:96:23:fb:b1:47:41:45:5b:b5:5d:43:3f:dc:8a: 41:a1:a6:17:5a:81:d9:8a:10:8b:ab:c5:2e:ea:98:63:5e:ea: ce:bf:60:3b:1d:fb:cc:71:78:f3:09:21:4a:e0:1c:21:c4:19: 6b:73:8f:d0:db:77:2f:ba:01:e0:34:fd:4b:64:c4:c4:29:cc: ad:5a:f7:49:15:7c:a2:03:20:61:a7:8f:f4:c7:bd:26:bd:cc: 78:d3:41:19:8b:3e:26:86:fb:2e:96:34:6e:36:35:5b:8c:fb: 54:0d:64:b6:91:01:b8:23:01:85:fe:15:30:88:e2:18:77:4e: 91:1b:1a:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2HJmGkTnitU0JYGtumTbCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3ZDY4YTllYjg2YTgyNjRlOWRkYzMxMjI4NDliODBjYzM0 MmY1ZGMwHhcNMjUxMjA3MDAwMTAwWhcNMjUxMjA4MDAwMTAwWjAzMTEwLwYDVQQD EygzNjAzZGYyMmVlZWFhNDE1MWY4ZTY4NmY3M2VhZGU4MzdmNTkwZTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTGdz4vhKGlATvVtaY2A9JCxp/ut EBDxXwooqb9/ZOsN6JPfWNTnpW7/i+cHf1g88ENCRJevdpWGB+S1pKj/8B/8Jr3j fLqA3Ca8rWlVehNGqv/Vp9t8TMZqlP3wzhilIinvrmM4TtcYEHQICIbzuR1sB66i e0+YhPcdakIFqNRttBng+EEnNZrELyLGUbZUfoG+iqAjcJy+I6w35ItudJ/FqtRb qYMU+C9iEfxhm+priuDUlddZaYFt+dQR7YjnEVEMOTGtnypyfNxgviEGdlPeLFeu H3tzgGSEj/FnatJiHQzOq/1auImpMlBMpB0wuWy8U2wVdiJIV1lXaA6sEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDYD3yLu6qQVH45ob3Pq3oN/WQ5AMB8GA1UdIwQY MBaAFOfWip64aoJk6d3DEihJuAzDQvXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTlhS25yaHFnbVRwM2NNU0tFbTRETU5DOWR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NjVlYTEtMmEzNi00NDAzLTk0MWUt ZjBkNDBmMDI5NjczLzEvNTlhS25yaHFnbVRwM2NNU0tFbTRETU5DOWR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy81NjVlYTEtMmEzNi00NDAzLTk0MWUtZjBkNDBmMDI5Njcz LzEvNTlhS25yaHFnbVRwM2NNU0tFbTRETU5DOWR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADvwLku6G mKPc/otIJzHf8ENrt3V51cfrOvx5JV1MmI9jihDqXl7sqaQ1NXwXzg7kuEKhM+Te wZXhX5KzJkNsCtf7IakmpEqz2qDoXjstmEmePRma6NrnMB4etlqUR3vqXIV7Ocxo c48o+98COTiPyxT7fueYGp28MiXYFtgN0OmWNJYj+7FHQUVbtV1DP9yKQaGmF1qB 2YoQi6vFLuqYY17qzr9gOx37zHF48wkhSuAcIcQZa3OP0Nt3L7oB4DT9S2TExCnM rVr3SRV8ogMgYaeP9Me9Jr3MeNNBGYs+Job7LpY0bjY1W4z7VA1ktpEBuCMBhf4V MIjiGHdOkRsaQQ== -----END CERTIFICATE-----Generated at Sun Dec 7 02:13:13 2025 by rpki-client