This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft File: do0jVpP2hnxbOBPaHzb-EHvR14I.mft (raw, json) Hash identifier: hHkqM/mbouoR7baDgqTX14hRCilK0HAmzxnuDFeGzok= Subject key identifier: CF:5A:5D:3C:E1:E8:8A:A5:E3:7F:7A:9E:0F:22:BA:5E:82:52:3A:0C Authority key identifier: 76:8D:23:56:93:F6:86:7C:5B:38:13:DA:1F:36:FE:10:7B:D1:D7:82 Certificate issuer: /CN=768d235693f6867c5b3813da1f36fe107bd1d782 Certificate serial: 019AF164445BCC9E39C878F4B2BAA605CE6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft Manifest number: 0E38 Signing time: Sat 06 Dec 2025 02:01:11 +0000 Manifest this update: Sat 06 Dec 2025 02:01:11 +0000 Manifest next update: Sun 07 Dec 2025 02:01:11 +0000 Files and hashes: 1: KH_j-0tZP7kZGa_RGAqb8KjeOKE.roa (hash: nJQFit94GD/cIbI8GNPP+c6lmHYIPdofJMVeQt5hkQ4=) 2: do0jVpP2hnxbOBPaHzb-EHvR14I.crl (hash: uSJYTtpF7mq1lxTD8+bcWc60XYXaX1L18gCAzLBqtFE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:44:5b:cc:9e:39:c8:78:f4:b2:ba:a6:05:ce:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=768d235693f6867c5b3813da1f36fe107bd1d782 Validity Not Before: Dec 6 02:01:11 2025 GMT Not After : Dec 7 02:01:11 2025 GMT Subject: CN=cf5a5d3ce1e88aa5e37f7a9e0f22ba5e82523a0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9b:27:8f:67:9d:9a:6a:67:0a:59:4b:d8:e7: 84:26:dd:6f:20:cb:8f:54:e3:cd:0e:53:9f:04:ea: f5:60:2d:9e:98:5c:2b:6e:2a:49:80:c0:2c:7e:cb: 0b:29:86:03:ce:b5:c7:d5:bb:ec:75:ad:4a:2b:2b: 03:2b:d2:dd:c7:e8:51:03:47:61:45:f2:42:3e:3e: 19:d9:68:92:bd:cd:09:7c:1a:d2:b6:a3:b4:f8:92: dc:5f:26:02:7b:eb:3b:08:03:fe:db:ed:8e:99:15: 60:0f:67:88:48:09:e3:ff:6d:f5:95:f8:94:82:eb: b0:1c:23:0b:c0:e3:6e:63:a7:60:0c:67:81:61:e1: e0:e4:c7:62:6f:98:ca:24:11:87:3f:39:8e:f2:90: c8:d9:8d:14:80:53:16:c8:d3:57:5a:05:28:7b:9a: eb:06:48:6a:82:a8:55:f2:51:86:91:4b:a1:33:08: c3:1e:6d:ac:e5:0c:3a:b3:da:59:71:d2:9c:94:1a: 85:44:9e:90:9c:67:fe:f2:22:3f:29:bf:1b:f2:79: ef:ae:c3:7f:65:2d:7b:0a:79:b1:44:ff:f5:5e:33: aa:19:54:f6:50:37:b2:c6:c7:9a:2c:c9:7e:f4:0d: f5:06:8b:36:e2:7d:0d:d2:d6:45:1e:51:0b:02:70: 27:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:5A:5D:3C:E1:E8:8A:A5:E3:7F:7A:9E:0F:22:BA:5E:82:52:3A:0C X509v3 Authority Key Identifier: keyid:76:8D:23:56:93:F6:86:7C:5B:38:13:DA:1F:36:FE:10:7B:D1:D7:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do0jVpP2hnxbOBPaHzb-EHvR14I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e120ef-1430-45ea-b77f-e376b9242ea7/1/do0jVpP2hnxbOBPaHzb-EHvR14I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:b9:b0:42:88:5d:7f:1f:45:9c:fc:b3:e2:9a:9c:6a:92:92: 58:96:2e:02:07:4b:fd:eb:18:8a:e7:81:75:b2:19:ea:ca:da: 16:3e:f0:db:10:7a:9c:53:0f:92:2a:2d:0e:4e:85:5a:d6:2f: c7:ec:8e:5d:9a:dc:8c:93:8f:07:4c:5c:7d:c2:43:d1:96:b7: 73:ee:a3:b9:d2:59:85:61:c6:e2:9e:e4:6c:3a:e4:07:e2:30: f1:4a:2a:d9:72:b3:9e:41:13:5a:ae:d7:48:f5:cc:a3:66:69: 3c:8c:85:f1:e2:82:d4:95:1c:e8:f3:fe:e6:20:b2:4f:41:38: 47:d8:5d:b7:36:a6:a5:92:39:26:37:26:f2:8e:66:69:20:23: 81:7e:ca:17:cd:aa:86:fa:f1:58:16:20:d5:4f:3f:f0:c2:2d: 0a:b5:ce:b6:1e:80:7b:60:fa:b8:74:31:59:d6:88:99:b4:42: 1c:2f:63:ae:ad:4c:e8:f3:74:7f:a7:d2:df:f1:7a:cf:89:44: 68:92:af:53:a1:2b:fe:f3:ed:c5:20:18:82:87:97:cd:ea:4f: c2:a5:d9:7b:96:36:d9:11:0f:38:f7:de:c3:26:ef:25:ac:e6: 50:a1:5a:f4:d5:38:46:9a:8e:e5:38:73:2e:53:a4:9f:ca:c5: 81:49:84:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZERbzJ45yHj0srqmBc5uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2OGQyMzU2OTNmNjg2N2M1YjM4MTNkYTFmMzZmZTEwN2Jk MWQ3ODIwHhcNMjUxMjA2MDIwMTExWhcNMjUxMjA3MDIwMTExWjAzMTEwLwYDVQQD EyhjZjVhNWQzY2UxZTg4YWE1ZTM3ZjdhOWUwZjIyYmE1ZTgyNTIzYTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5snj2edmmpnCllL2OeEJt1vIMuP VOPNDlOfBOr1YC2emFwrbipJgMAsfssLKYYDzrXH1bvsda1KKysDK9Ldx+hRA0dh RfJCPj4Z2WiSvc0JfBrStqO0+JLcXyYCe+s7CAP+2+2OmRVgD2eISAnj/231lfiU guuwHCMLwONuY6dgDGeBYeHg5Mdib5jKJBGHPzmO8pDI2Y0UgFMWyNNXWgUoe5rr BkhqgqhV8lGGkUuhMwjDHm2s5Qw6s9pZcdKclBqFRJ6QnGf+8iI/Kb8b8nnvrsN/ ZS17CnmxRP/1XjOqGVT2UDeyxseaLMl+9A31Bos24n0N0tZFHlELAnAnKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM9aXTzh6Iql4396ng8iul6CUjoMMB8GA1UdIwQY MBaAFHaNI1aT9oZ8WzgT2h82/hB70deCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lMTIwZWYtMTQzMC00NWVhLWI3N2Yt ZTM3NmI5MjQyZWE3LzEvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS9lMTIwZWYtMTQzMC00NWVhLWI3N2YtZTM3NmI5MjQyZWE3 LzEvZG8walZwUDJobnhiT0JQYUh6Yi1FSHZSMTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAormwQohd fx9FnPyz4pqcapKSWJYuAgdL/esYiueBdbIZ6sraFj7w2xB6nFMPkiotDk6FWtYv x+yOXZrcjJOPB0xcfcJD0Za3c+6judJZhWHG4p7kbDrkB+Iw8Uoq2XKznkETWq7X SPXMo2ZpPIyF8eKC1JUc6PP+5iCyT0E4R9hdtzampZI5Jjcm8o5maSAjgX7KF82q hvrxWBYg1U8/8MItCrXOth6Ae2D6uHQxWdaImbRCHC9jrq1M6PN0f6fS3/F6z4lE aJKvU6Er/vPtxSAYgoeXzepPwqXZe5Y22REPOPfewybvJazmUKFa9NU4RpqO5Thz LlOkn8rFgUmE+Q== -----END CERTIFICATE-----Generated at Sat Dec 6 08:01:11 2025 by rpki-client