This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft File: ePKehzghWcpegTh9fud-US-tFjY.mft (raw, json) Hash identifier: Dp4NvV7xSzgsvAzTskN7gmnt+RAbqMkpd/cR2jzCEZ4= Subject key identifier: 48:68:30:3C:A8:25:DE:68:68:37:77:7C:68:9F:B6:D6:98:D2:F6:AF Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36 Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636 Certificate serial: 019AF12CFC489CA5A072CDCAD6017FB8C77C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft Manifest number: 07B5 Signing time: Sat 06 Dec 2025 01:00:48 +0000 Manifest this update: Sat 06 Dec 2025 01:00:48 +0000 Manifest next update: Sun 07 Dec 2025 01:00:48 +0000 Files and hashes: 1: 4QzNEDyRlis-_JGlrISCfbsPszU.roa (hash: Y9K09YKp80O/JCR9exHbB8w/On++FMzgdee4rnQPOdU=) 2: ePKehzghWcpegTh9fud-US-tFjY.crl (hash: mPQnbi/Zb6Lxpm7Wa5ooPiLFRyRS00XrU5yuPe3CiLU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:fc:48:9c:a5:a0:72:cd:ca:d6:01:7f:b8:c7:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636 Validity Not Before: Dec 6 01:00:48 2025 GMT Not After : Dec 7 01:00:48 2025 GMT Subject: CN=4868303ca825de686837777c689fb6d698d2f6af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:33:27:b8:ba:95:8f:a3:22:5b:95:77:c6:ba: 14:a7:a5:0c:dd:62:85:d4:d2:1b:89:dd:15:6c:2a: fe:89:a0:4f:df:79:55:bf:b8:81:81:b8:c3:a5:59: 3f:2a:01:79:ec:25:3d:85:2b:64:72:97:c5:7e:a6: 73:71:77:42:7b:b4:0e:cc:49:6d:18:19:a8:f7:71: 8a:1a:f5:f9:72:b4:e3:a2:5a:b0:02:4a:48:24:81: 3c:8c:29:c4:65:a9:f0:39:68:d5:34:17:b6:d4:d7: 6e:44:f1:f4:3d:d3:bb:7a:62:96:b0:d4:a7:81:f4: 8e:c4:f8:cf:fd:19:4f:86:34:58:c7:74:f3:fd:cb: 4e:16:94:d5:3f:d4:7a:32:c1:27:f1:cf:96:96:10: f7:84:86:e2:5c:32:d9:bf:37:f0:71:cd:04:6a:56: b2:b0:af:7f:c5:9a:c7:98:ed:9d:e7:db:9b:b5:91: 63:45:0b:5c:b1:80:c0:50:90:55:00:37:cf:90:dd: b7:c8:67:a0:6a:21:95:6a:b0:7e:e4:7b:50:82:12: 00:ea:01:59:b8:e8:3b:81:81:92:9f:f1:a6:f1:4e: 62:8c:65:16:dd:32:ad:84:21:72:b5:1f:e3:e4:38: 58:72:20:0f:f7:56:a8:4f:2c:d0:16:01:db:4d:8d: fb:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:68:30:3C:A8:25:DE:68:68:37:77:7C:68:9F:B6:D6:98:D2:F6:AF X509v3 Authority Key Identifier: keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:8f:8f:44:16:32:53:6d:fc:a7:c4:4c:87:ec:79:f9:df:22: 0e:41:15:2f:d7:32:92:21:37:ad:a0:f2:db:3b:54:b5:94:d8: d0:40:e1:b1:ac:3e:10:0c:ad:aa:79:dd:e3:64:4b:30:f0:54: 1a:f3:eb:18:c3:08:29:b2:1d:e3:ff:93:c6:ae:ff:fd:a5:47: 21:eb:34:81:ba:b5:95:73:73:52:0e:13:35:72:d1:1b:81:96: 91:5c:f0:ca:56:d9:22:a2:e8:3b:ad:7b:a2:ac:1b:06:e2:ce: 07:50:4d:21:8b:22:30:98:8a:c7:c4:ae:cb:05:3f:9b:9d:14: 97:8c:da:a9:8c:73:fd:48:e5:20:a3:c4:0c:a0:0d:fb:2d:16: 2f:f9:2d:34:11:e4:63:7c:e9:55:8b:15:95:32:b6:7e:4b:e3: 58:7c:e6:b0:2b:bd:e1:c6:85:da:52:e7:0f:9e:8f:12:db:0f: f3:2c:d7:fd:2a:19:96:3f:73:7e:e9:09:b2:49:80:7f:b9:9e: 9b:c8:04:84:f9:64:d4:a2:a2:73:7e:07:41:c8:97:64:f9:2f: d3:c2:0a:96:84:13:3c:49:e0:33:29:00:26:9b:17:53:42:8b: 60:38:31:86:3d:82:d2:68:98:77:bc:15:e4:96:4c:1b:d1:bd: 5a:f7:39:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLPxInKWgcs3K1gF/uMd8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh ZDE2MzYwHhcNMjUxMjA2MDEwMDQ4WhcNMjUxMjA3MDEwMDQ4WjAzMTEwLwYDVQQD Eyg0ODY4MzAzY2E4MjVkZTY4NjgzNzc3N2M2ODlmYjZkNjk4ZDJmNmFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDMnuLqVj6MiW5V3xroUp6UM3WKF 1NIbid0VbCr+iaBP33lVv7iBgbjDpVk/KgF57CU9hStkcpfFfqZzcXdCe7QOzElt GBmo93GKGvX5crTjolqwAkpIJIE8jCnEZanwOWjVNBe21NduRPH0PdO7emKWsNSn gfSOxPjP/RlPhjRYx3Tz/ctOFpTVP9R6MsEn8c+WlhD3hIbiXDLZvzfwcc0Ealay sK9/xZrHmO2d59ubtZFjRQtcsYDAUJBVADfPkN23yGegaiGVarB+5HtQghIA6gFZ uOg7gYGSn/Gm8U5ijGUW3TKthCFytR/j5DhYciAP91aoTyzQFgHbTY37vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEhoMDyoJd5oaDd3fGifttaY0vavMB8GA1UdIwQY MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt ODJmODljYmEyNmQ4LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4 LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADI+PRBYy U238p8RMh+x5+d8iDkEVL9cykiE3raDy2ztUtZTY0EDhsaw+EAytqnnd42RLMPBU GvPrGMMIKbId4/+Txq7//aVHIes0gbq1lXNzUg4TNXLRG4GWkVzwylbZIqLoO617 oqwbBuLOB1BNIYsiMJiKx8SuywU/m50Ul4zaqYxz/UjlIKPEDKAN+y0WL/ktNBHk Y3zpVYsVlTK2fkvjWHzmsCu94caF2lLnD56PEtsP8yzX/SoZlj9zfukJskmAf7me m8gEhPlk1KKic34HQciXZPkv08IKloQTPEngMykAJpsXU0KLYDgxhj2C0miYd7wV 5JZMG9G9Wvc55w== -----END CERTIFICATE-----Generated at Sat Dec 6 10:17:06 2025 by rpki-client