This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft File: toF3Ytn8jxGwHPUjS25DHPvsG80.mft (raw, json) Hash identifier: b2tpEF6Agh2WOvR1xVVcLbSiTVFHjJwRwFbQfad9Teg= Subject key identifier: B3:CE:11:27:D4:4D:8E:DD:31:1C:53:33:2F:EB:88:A0:8C:A2:B1:79 Authority key identifier: B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD Certificate issuer: /CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd Certificate serial: 019AF164042B096851D288F43624D5548298 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft Manifest number: 0AC1 Signing time: Sat 06 Dec 2025 02:00:54 +0000 Manifest this update: Sat 06 Dec 2025 02:00:54 +0000 Manifest next update: Sun 07 Dec 2025 02:00:54 +0000 Files and hashes: 1: iFeMzfeEdL5eLiPhJVZH9fOR9os.roa (hash: Hluf44L3umjh9a1sEhuox24mM0+jKftFeuevrlqeW6M=) 2: toF3Ytn8jxGwHPUjS25DHPvsG80.crl (hash: GE06tZRTzh9OlTzrL6Tfk8Lvj8STMZxsuG1On4aHflE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:04:2b:09:68:51:d2:88:f4:36:24:d5:54:82:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd Validity Not Before: Dec 6 02:00:54 2025 GMT Not After : Dec 7 02:00:54 2025 GMT Subject: CN=b3ce1127d44d8edd311c53332feb88a08ca2b179 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6c:3b:ab:e7:cb:4a:d3:52:be:c7:41:da:32: 4b:1e:1a:a6:c1:e6:dc:53:e3:9a:45:2d:f1:94:81: a7:73:dc:d7:6f:f8:77:b5:01:66:5c:90:f8:6a:8f: de:eb:e6:a2:19:fa:7d:ab:a0:a9:55:30:df:44:52: 41:cc:0d:a5:05:3c:35:76:b8:42:38:d0:bb:e7:0d: 6d:8f:3e:51:bb:c7:bd:e6:02:f5:2b:22:89:5a:e1: 44:f2:f0:b2:07:25:b2:72:b7:5e:b0:1a:00:31:da: 4d:71:d6:93:a5:25:5c:24:07:4e:be:b4:26:19:51: 52:73:5f:06:b7:00:49:41:53:62:0c:b5:6a:9b:ed: d1:0e:f3:3a:27:2b:42:da:89:e8:86:c3:c0:3e:51: 4c:1d:2b:46:00:19:fb:ab:53:98:c1:ea:dd:21:db: f4:ee:14:dd:d3:d8:db:34:c4:ac:ed:84:15:09:ad: a4:29:fb:f3:db:30:4e:7d:7f:e3:ec:92:80:66:56: 74:4d:bc:71:0a:f3:eb:b3:b0:e9:c1:23:9e:c1:90: cd:c2:1a:a3:4b:36:69:dc:62:8a:f8:bf:16:2a:df: c2:55:8d:83:e1:73:dc:19:a7:15:73:d1:d3:26:2b: d1:a6:0a:c8:a6:a7:19:1d:d9:19:81:3e:17:81:33: 54:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:CE:11:27:D4:4D:8E:DD:31:1C:53:33:2F:EB:88:A0:8C:A2:B1:79 X509v3 Authority Key Identifier: keyid:B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:a3:0e:e5:0d:d4:93:7b:79:5a:ba:d3:02:48:46:29:19:bb: c1:c7:bd:9e:6f:73:5c:a8:e1:d7:59:45:b7:e1:2d:ac:93:36: 34:45:45:3a:e3:4a:ec:37:0e:cf:58:c2:9c:b5:1d:89:13:d1: 7f:ea:72:d1:25:ff:ca:e3:e1:0b:50:3e:cf:a1:44:5a:33:6d: 17:22:05:5e:51:a2:df:dd:21:20:fe:96:83:3b:cc:de:35:d4: 03:b4:af:e8:52:42:bd:9e:26:dc:d3:75:a5:1d:b5:6c:04:e2: de:20:bc:c9:42:36:1b:04:eb:df:76:e4:74:41:ff:20:05:f5: 26:1f:0a:77:03:cf:3c:3f:c1:9e:d6:ea:ef:e9:80:fb:64:86: f5:5c:30:51:ca:49:be:fd:d3:de:43:d9:02:c6:89:54:85:bf: e6:ed:b2:d3:1d:b4:e2:d7:c0:3d:b3:8e:95:24:8f:20:67:28: 1f:ca:5d:06:3f:48:b6:2c:bf:36:03:ff:09:73:8d:89:7d:6c: 90:f3:18:5d:63:e9:c0:0d:e7:c5:44:8d:9e:84:29:54:85:0b: 09:e6:a7:04:38:4a:f7:9e:22:61:59:ba:23:c0:70:bb:ab:5e: 96:84:46:44:f4:1b:68:cb:fa:85:c9:6e:29:9d:02:f3:40:9f: a2:86:05:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZAQrCWhR0oj0NiTVVIKYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ODE3NzYyZDlmYzhmMTFiMDFjZjUyMzRiNmU0MzFjZmJl YzFiY2QwHhcNMjUxMjA2MDIwMDU0WhcNMjUxMjA3MDIwMDU0WjAzMTEwLwYDVQQD EyhiM2NlMTEyN2Q0NGQ4ZWRkMzExYzUzMzMyZmViODhhMDhjYTJiMTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2w7q+fLStNSvsdB2jJLHhqmwebc U+OaRS3xlIGnc9zXb/h3tQFmXJD4ao/e6+aiGfp9q6CpVTDfRFJBzA2lBTw1drhC ONC75w1tjz5Ru8e95gL1KyKJWuFE8vCyByWycrdesBoAMdpNcdaTpSVcJAdOvrQm GVFSc18GtwBJQVNiDLVqm+3RDvM6JytC2onohsPAPlFMHStGABn7q1OYwerdIdv0 7hTd09jbNMSs7YQVCa2kKfvz2zBOfX/j7JKAZlZ0TbxxCvPrs7DpwSOewZDNwhqj SzZp3GKK+L8WKt/CVY2D4XPcGacVc9HTJivRpgrIpqcZHdkZgT4XgTNUCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLPOESfUTY7dMRxTMy/riKCMorF5MB8GA1UdIwQY MBaAFLaBd2LZ/I8RsBz1I0tuQxz77BvNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQt ZDNmMjY1YWQ1MTRmLzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQtZDNmMjY1YWQ1MTRm LzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXaMO5Q3U k3t5WrrTAkhGKRm7wce9nm9zXKjh11lFt+EtrJM2NEVFOuNK7DcOz1jCnLUdiRPR f+py0SX/yuPhC1A+z6FEWjNtFyIFXlGi390hIP6WgzvM3jXUA7Sv6FJCvZ4m3NN1 pR21bATi3iC8yUI2GwTr33bkdEH/IAX1Jh8KdwPPPD/Bntbq7+mA+2SG9VwwUcpJ vv3T3kPZAsaJVIW/5u2y0x204tfAPbOOlSSPIGcoH8pdBj9Itiy/NgP/CXONiX1s kPMYXWPpwA3nxUSNnoQpVIULCeanBDhK954iYVm6I8Bwu6teloRGRPQbaMv6hclu KZ0C80CfooYFwg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:01:06 2025 by rpki-client