This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft File: tU3fbwMzHNdzx-ersVQpuo0gvXg.mft (raw, json) Hash identifier: 7S7gK84qQbLAjYyZ9EdTBwmlvz5QFzxTSmjbLj1Js0s= Subject key identifier: 72:40:A6:9A:07:7A:62:7B:8F:35:29:D2:E0:E1:D8:4E:25:BB:7F:32 Authority key identifier: B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78 Certificate issuer: /CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78 Certificate serial: 019AF50A4B7035477BC630CDC00A8B07C449 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft Manifest number: 08A6 Signing time: Sat 06 Dec 2025 19:01:23 +0000 Manifest this update: Sat 06 Dec 2025 19:01:23 +0000 Manifest next update: Sun 07 Dec 2025 19:01:23 +0000 Files and hashes: 1: 1SqAG3Japdqs2uBvGFHguJLvhqE.roa (hash: tRLIPOPh9GLi7wL54w2K0S63l5p5YYde2YPqeJx3wD8=) 2: tU3fbwMzHNdzx-ersVQpuo0gvXg.crl (hash: qGBOK/gjUpTrBpKaOytF37AtE/D29VY7UtqxPMx9xRs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:4b:70:35:47:7b:c6:30:cd:c0:0a:8b:07:c4:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78 Validity Not Before: Dec 6 19:01:23 2025 GMT Not After : Dec 7 19:01:23 2025 GMT Subject: CN=7240a69a077a627b8f3529d2e0e1d84e25bb7f32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:21:bf:7a:8a:f9:d6:1c:ee:3d:8b:14:56:a1: a6:e0:df:39:0a:55:95:68:a6:32:14:b2:f4:da:7f: c5:24:cd:64:89:cc:f7:30:12:90:3a:7e:8d:43:fd: cb:68:c8:e8:b2:38:f9:07:ae:53:fb:d7:6c:74:94: a5:ca:f9:54:1f:fa:ed:0d:eb:4a:00:2d:b0:df:8b: 14:24:e0:b2:bc:6f:3c:26:24:ba:54:2b:af:8e:c6: bd:de:63:6e:6f:31:9d:5a:77:65:a7:e8:81:0f:cc: 93:ea:cf:f9:f1:96:da:55:c9:4d:fd:85:c5:6a:15: fe:78:48:b0:5a:2c:b9:72:66:5a:e7:cb:26:0f:f9: 38:4c:5a:9e:5d:60:54:16:f4:d3:5c:32:4b:7e:3c: 65:1a:0e:78:2b:f8:84:ed:6b:f8:17:4f:98:66:73: b7:20:7a:4d:db:c4:97:4b:14:de:2c:cf:79:73:39: 35:25:cb:46:75:d4:fc:22:9c:84:d7:cc:26:36:33: 1b:1d:7b:dd:22:1e:cf:db:a7:2d:6b:4d:1e:4a:aa: 73:76:47:4a:32:ea:ce:c1:39:58:8c:31:45:d8:3d: ee:3a:9e:41:05:bc:09:47:e9:d0:ff:98:03:27:59: e8:f2:6c:a0:2c:7c:a2:a2:5b:21:2d:53:33:9c:77: 0d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:40:A6:9A:07:7A:62:7B:8F:35:29:D2:E0:E1:D8:4E:25:BB:7F:32 X509v3 Authority Key Identifier: keyid:B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:8e:f5:44:96:14:c2:7e:54:77:d3:83:85:1c:ff:0d:2c:3a: ba:6f:7b:9d:8b:03:93:be:35:73:e5:e5:4d:61:0c:0e:23:9e: b4:58:16:14:51:cf:cc:c8:2b:ab:b4:70:76:92:62:bd:73:23: 5a:c7:c4:8b:84:f0:ae:29:4b:ee:43:e1:23:f1:cf:3b:f4:9c: 8b:7e:1c:5d:ae:1e:75:f4:e2:a9:1f:06:0b:64:13:1a:b1:35: e3:3f:f5:b5:9f:7c:f3:cb:75:38:fd:d2:bf:8a:1e:55:b1:3e: 90:dc:6b:6c:ae:4b:ee:dc:08:8d:39:47:a9:33:80:44:45:5e: d9:58:e8:dc:b7:8f:85:d7:b2:9d:46:a6:fd:dc:45:03:c1:2b: 6d:d9:a8:1c:ed:0b:81:a6:c7:cc:3b:64:03:62:ba:38:a5:c5: 64:c1:a5:ab:87:57:63:c9:08:bb:33:03:1a:34:04:35:e8:76: d4:f8:82:84:08:0c:14:0a:f7:7d:44:80:2f:ed:b3:df:98:4c: e0:f5:f9:2b:4a:0b:2d:92:21:a2:a6:7c:7a:ab:7d:90:b2:52: 30:0e:bc:68:38:6e:34:2b:e0:84:47:e9:91:3e:55:fb:55:11: 1c:dd:93:e5:87:68:54:f2:a8:55:d5:d8:32:88:ff:66:57:fc: d7:46:55:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CktwNUd7xjDNwAqLB8RJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1NGRkZjZmMDMzMzFjZDc3M2M3ZTdhYmIxNTQyOWJhOGQy MGJkNzgwHhcNMjUxMjA2MTkwMTIzWhcNMjUxMjA3MTkwMTIzWjAzMTEwLwYDVQQD Eyg3MjQwYTY5YTA3N2E2MjdiOGYzNTI5ZDJlMGUxZDg0ZTI1YmI3ZjMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCG/eor51hzuPYsUVqGm4N85ClWV aKYyFLL02n/FJM1kicz3MBKQOn6NQ/3LaMjosjj5B65T+9dsdJSlyvlUH/rtDetK AC2w34sUJOCyvG88JiS6VCuvjsa93mNubzGdWndlp+iBD8yT6s/58ZbaVclN/YXF ahX+eEiwWiy5cmZa58smD/k4TFqeXWBUFvTTXDJLfjxlGg54K/iE7Wv4F0+YZnO3 IHpN28SXSxTeLM95czk1JctGddT8IpyE18wmNjMbHXvdIh7P26cta00eSqpzdkdK MurOwTlYjDFF2D3uOp5BBbwJR+nQ/5gDJ1no8mygLHyiolshLVMznHcNDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHJAppoHemJ7jzUp0uDh2E4lu38yMB8GA1UdIwQY MBaAFLVN328DMxzXc8fnq7FUKbqNIL14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQt ODQwMjZiYzg1MmYwLzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQtODQwMjZiYzg1MmYw LzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVY71RJYU wn5Ud9ODhRz/DSw6um97nYsDk741c+XlTWEMDiOetFgWFFHPzMgrq7RwdpJivXMj WsfEi4TwrilL7kPhI/HPO/Sci34cXa4edfTiqR8GC2QTGrE14z/1tZ9888t1OP3S v4oeVbE+kNxrbK5L7twIjTlHqTOAREVe2Vjo3LePhdeynUam/dxFA8ErbdmoHO0L gabHzDtkA2K6OKXFZMGlq4dXY8kIuzMDGjQENeh21PiChAgMFAr3fUSAL+2z35hM 4PX5K0oLLZIhoqZ8eqt9kLJSMA68aDhuNCvghEfpkT5V+1URHN2T5YdoVPKoVdXY Moj/Zlf810ZVxw== -----END CERTIFICATE-----Generated at Sun Dec 7 03:18:06 2025 by rpki-client