This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft File: I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json) Hash identifier: Ml0tvVLlwpFqoVN1rK0nVM3FtJjpktkQE/xzq9Zim1g= Subject key identifier: 0F:7C:71:79:3A:87:6D:FD:57:CD:B9:41:1E:50:55:B6:8B:F8:66:44 Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 Certificate issuer: /CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Certificate serial: 019AF19BBD343AEC4D7048075E914EF101EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft Manifest number: 05ED Signing time: Sat 06 Dec 2025 03:01:46 +0000 Manifest this update: Sat 06 Dec 2025 03:01:46 +0000 Manifest next update: Sun 07 Dec 2025 03:01:46 +0000 Files and hashes: 1: AgvVH_Z5ZikBFIUyEGB_f4ftLfg.roa (hash: Ii6l1o1UjR6zsFk/Ik5xPFxEIQrzvV/YcOC6UeUTh7g=) 2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: jVk1lgfoLpWWhJPPjJbQFuFSMAtxI6np6KmDGhHTPaU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:bd:34:3a:ec:4d:70:48:07:5e:91:4e:f1:01:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Validity Not Before: Dec 6 03:01:46 2025 GMT Not After : Dec 7 03:01:46 2025 GMT Subject: CN=0f7c71793a876dfd57cdb9411e5055b68bf86644 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e9:32:75:13:7f:ca:e6:ac:a2:33:c0:dc:92: 7f:26:71:36:83:48:39:7f:64:20:9d:43:35:9d:91: 58:af:2a:c4:24:4e:d3:13:17:18:88:bf:c7:08:30: e6:15:91:83:bb:64:66:f8:05:e0:74:7b:d4:96:b9: 2b:d2:2c:78:25:17:42:b4:c5:9e:4a:31:1e:c3:8e: ea:c5:84:03:64:6a:bc:f3:1c:c3:b9:1e:a7:b3:0f: ca:c2:1c:2e:bd:3e:51:14:2a:9c:71:0c:a6:0b:69: b9:3b:4e:54:95:49:f4:54:81:5a:17:99:58:2c:3c: 34:0e:47:3e:35:76:37:93:4d:d9:98:bc:b6:65:4d: c7:79:a1:d5:b3:81:a0:92:03:0f:81:ea:b4:71:8a: 63:5b:96:af:c9:36:5e:07:27:17:70:1a:0e:2d:66: 22:46:4b:5a:21:09:0f:da:b4:dd:61:cc:1a:ed:48: fb:70:9b:69:90:16:c5:4b:64:e7:1e:68:64:44:ed: f2:06:95:1f:c3:85:43:d8:26:91:06:5e:55:96:f1: 9a:a5:7d:44:d4:2e:80:85:f8:8d:68:6f:ce:eb:af: a4:8d:f1:ac:4e:67:df:89:f8:cc:db:fb:40:02:e9: 55:d9:9d:05:49:d4:59:29:1f:ff:81:e0:ad:b1:32: b1:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:7C:71:79:3A:87:6D:FD:57:CD:B9:41:1E:50:55:B6:8B:F8:66:44 X509v3 Authority Key Identifier: keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:cb:8f:1a:3d:f9:30:05:72:0e:eb:aa:82:6f:10:68:24:e2: 69:9a:4b:ac:0d:84:ba:74:9e:ed:6e:47:c9:80:3b:f7:36:0f: c3:95:4d:ae:08:f3:8c:89:3c:b0:7a:50:0c:f3:b9:a3:ed:2c: 15:a9:33:c4:b8:66:bf:d2:32:bb:d1:0a:fd:f9:30:c8:86:aa: 0b:90:05:ee:fd:b5:8a:72:92:6c:b9:0d:62:52:65:6e:c9:59: a7:ca:a4:52:7a:22:c0:c6:5e:1f:e3:73:76:95:75:9e:43:1b: 63:5a:f3:1e:43:46:d8:8e:b5:bf:20:10:65:61:e8:3e:f1:eb: e9:83:29:2a:d1:25:06:55:88:6c:fd:b8:ee:51:ff:f4:6a:53: 1f:a0:f7:b7:f4:58:48:fd:21:64:63:d6:e2:49:0c:f7:de:79: 49:b6:a9:a2:0a:06:88:77:e9:0d:6b:32:13:63:a9:b7:f0:1e: 65:e5:b4:c2:7c:66:cf:33:46:78:5c:c5:68:0e:97:92:b3:7a: 9e:73:63:70:68:7a:e8:81:f8:be:3a:54:80:a2:55:0b:b7:84: 1f:fc:77:d8:4e:97:b5:fd:f9:33:9a:07:b1:e6:3f:a4:92:6b: 75:bd:03:51:8d:4f:a1:ef:68:01:8b:c7:ee:1b:28:ef:b4:78: 81:2d:48:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm700OuxNcEgHXpFO8QHrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx ZWY1MTAwHhcNMjUxMjA2MDMwMTQ2WhcNMjUxMjA3MDMwMTQ2WjAzMTEwLwYDVQQD EygwZjdjNzE3OTNhODc2ZGZkNTdjZGI5NDExZTUwNTViNjhiZjg2NjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+kydRN/yuasojPA3JJ/JnE2g0g5 f2QgnUM1nZFYryrEJE7TExcYiL/HCDDmFZGDu2Rm+AXgdHvUlrkr0ix4JRdCtMWe SjEew47qxYQDZGq88xzDuR6nsw/KwhwuvT5RFCqccQymC2m5O05UlUn0VIFaF5lY LDw0Dkc+NXY3k03ZmLy2ZU3HeaHVs4GgkgMPgeq0cYpjW5avyTZeBycXcBoOLWYi RktaIQkP2rTdYcwa7Uj7cJtpkBbFS2TnHmhkRO3yBpUfw4VD2CaRBl5VlvGapX1E 1C6AhfiNaG/O66+kjfGsTmffifjM2/tAAulV2Z0FSdRZKR//geCtsTKx4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA98cXk6h239V825QR5QVbaL+GZEMB8GA1UdIwQY MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8uPGj35 MAVyDuuqgm8QaCTiaZpLrA2EunSe7W5HyYA79zYPw5VNrgjzjIk8sHpQDPO5o+0s FakzxLhmv9Iyu9EK/fkwyIaqC5AF7v21inKSbLkNYlJlbslZp8qkUnoiwMZeH+Nz dpV1nkMbY1rzHkNG2I61vyAQZWHoPvHr6YMpKtElBlWIbP247lH/9GpTH6D3t/RY SP0hZGPW4kkM9955SbapogoGiHfpDWsyE2Opt/AeZeW0wnxmzzNGeFzFaA6XkrN6 nnNjcGh66IH4vjpUgKJVC7eEH/x32E6Xtf35M5oHseY/pJJrdb0DUY1Poe9oAYvH 7hso77R4gS1IMQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:36:17 2025 by rpki-client