This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft File: sFcIRcI56ZkcibxcUEMekIeGDE0.mft (raw, json) Hash identifier: 3mAN4CfcO+G4wpAuL7zEqfITsfu21i4CfIA5ycoMEmA= Subject key identifier: BD:C3:08:A4:32:76:4A:D4:29:BF:01:61:89:27:57:B6:3B:88:C2:3F Authority key identifier: B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D Certificate issuer: /CN=b0570845c239e9991c89bc5c50431e9087860c4d Certificate serial: 019AF0BF39266BE731995FEB7926E5289533 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft Manifest number: 01DB Signing time: Fri 05 Dec 2025 23:00:54 +0000 Manifest this update: Fri 05 Dec 2025 23:00:54 +0000 Manifest next update: Sat 06 Dec 2025 23:00:54 +0000 Files and hashes: 1: n2C0sjvTrbF7unBNdsXDONkHwzQ.roa (hash: jLl0pdc61DzddqyTuR7Io8Gkj/xajAEL7bTJB3EuzC8=) 2: sFcIRcI56ZkcibxcUEMekIeGDE0.crl (hash: 4bKwOk6kp7lq5vZekxKYDGrlOiFDhcfUCbbZCS4LiBU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:39:26:6b:e7:31:99:5f:eb:79:26:e5:28:95:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b0570845c239e9991c89bc5c50431e9087860c4d Validity Not Before: Dec 5 23:00:54 2025 GMT Not After : Dec 6 23:00:54 2025 GMT Subject: CN=bdc308a432764ad429bf0161892757b63b88c23f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:47:34:41:e7:e6:7d:ac:9a:3e:91:37:ba:62: dd:eb:b3:5c:f5:a2:4f:80:f1:26:d5:ff:68:07:74: 15:16:b9:f1:b3:80:0a:b2:41:7f:e7:c4:a8:a8:1b: d4:fb:6f:93:38:28:89:ba:18:e5:16:4a:74:f3:5a: 37:36:37:52:ec:59:8f:23:53:31:f2:14:21:e5:e0: 4d:6a:1b:1a:42:16:60:a7:75:a8:3d:86:59:06:36: bf:ee:26:03:ec:db:86:dd:72:6c:a7:a6:63:76:a1: 53:7f:89:14:4c:7f:78:bc:e0:6d:a3:f3:fa:d4:d7: a9:a4:55:97:8e:b8:74:97:a0:bb:db:04:e5:3c:80: a8:52:10:ba:6f:ef:b2:d2:c5:e6:90:29:51:7f:7a: 52:92:29:53:15:13:d6:de:b8:c3:8b:e3:49:75:6a: 31:70:84:94:82:46:f8:20:1a:98:66:1d:48:df:6d: 07:a5:32:8c:1d:30:40:4a:3e:a8:5f:52:ed:41:ee: 1f:db:27:57:cc:d3:af:74:37:fc:70:a1:87:46:ca: ce:8a:6a:78:8d:93:40:20:14:db:6c:26:78:00:de: 21:bc:e2:e2:e3:53:ad:b1:98:6c:38:26:0f:1e:f4: a8:e0:38:e2:bc:82:86:01:56:c4:79:95:63:0b:87: b8:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:C3:08:A4:32:76:4A:D4:29:BF:01:61:89:27:57:B6:3B:88:C2:3F X509v3 Authority Key Identifier: keyid:B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:bc:7d:2b:b0:60:b7:74:48:c8:36:6c:27:08:1d:ce:71:81: ed:c6:c9:de:ca:66:10:36:06:cd:45:f8:d0:49:6d:07:7f:5b: 61:23:ef:ae:4f:f0:3c:d9:27:76:2e:a0:45:ab:23:7b:a5:c7: 3b:47:aa:98:68:fe:60:f4:26:2c:0a:2f:1a:5e:eb:9f:ba:0e: 3b:cb:9b:d5:4f:d0:a3:b3:10:85:c5:2e:9e:64:83:25:5b:c8: 7f:22:8b:40:de:69:41:4f:9f:dc:13:e6:f4:61:64:45:6e:c7: e7:12:9b:40:38:50:e0:b9:15:c1:ef:28:3d:1b:3c:b3:7f:45: 60:c9:06:ce:6d:d0:66:a4:88:4d:ab:b1:fa:f9:97:80:28:2c: 47:b1:27:06:b7:d7:4d:bf:45:b6:88:91:77:40:10:e5:c4:e2: d6:0d:ae:b7:18:48:cc:7f:c9:87:31:17:49:f6:93:85:78:75: 3c:3c:ff:44:89:d0:3b:4b:fc:49:73:af:c9:b9:61:9c:00:b0: 3e:07:bd:d1:92:89:e6:5a:a4:2a:df:1b:7f:d4:7c:fd:e1:b7: 9c:4f:4c:a6:d5:95:e1:dc:7b:da:ca:83:d8:a6:62:8b:a4:2e: 87:d5:a5:37:8b:b0:31:3b:86:6b:b8:62:16:58:40:74:7e:4b: d2:15:23:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvzkma+cxmV/reSblKJUzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwNTcwODQ1YzIzOWU5OTkxYzg5YmM1YzUwNDMxZTkwODc4 NjBjNGQwHhcNMjUxMjA1MjMwMDU0WhcNMjUxMjA2MjMwMDU0WjAzMTEwLwYDVQQD EyhiZGMzMDhhNDMyNzY0YWQ0MjliZjAxNjE4OTI3NTdiNjNiODhjMjNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEc0QefmfayaPpE3umLd67Nc9aJP gPEm1f9oB3QVFrnxs4AKskF/58SoqBvU+2+TOCiJuhjlFkp081o3NjdS7FmPI1Mx 8hQh5eBNahsaQhZgp3WoPYZZBja/7iYD7NuG3XJsp6ZjdqFTf4kUTH94vOBto/P6 1NeppFWXjrh0l6C72wTlPICoUhC6b++y0sXmkClRf3pSkilTFRPW3rjDi+NJdWox cISUgkb4IBqYZh1I320HpTKMHTBASj6oX1LtQe4f2ydXzNOvdDf8cKGHRsrOimp4 jZNAIBTbbCZ4AN4hvOLi41OtsZhsOCYPHvSo4DjivIKGAVbEeZVjC4e49QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL3DCKQydkrUKb8BYYknV7Y7iMI/MB8GA1UdIwQY MBaAFLBXCEXCOemZHIm8XFBDHpCHhgxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEt NDZjYTI2YWZmNTQ1LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEtNDZjYTI2YWZmNTQ1 LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnbx9K7Bg t3RIyDZsJwgdznGB7cbJ3spmEDYGzUX40EltB39bYSPvrk/wPNkndi6gRasje6XH O0eqmGj+YPQmLAovGl7rn7oOO8ub1U/Qo7MQhcUunmSDJVvIfyKLQN5pQU+f3BPm 9GFkRW7H5xKbQDhQ4LkVwe8oPRs8s39FYMkGzm3QZqSITaux+vmXgCgsR7EnBrfX Tb9FtoiRd0AQ5cTi1g2utxhIzH/JhzEXSfaThXh1PDz/RInQO0v8SXOvyblhnACw Pge90ZKJ5lqkKt8bf9R8/eG3nE9MptWV4dx72sqD2KZii6Quh9WlN4uwMTuGa7hi FlhAdH5L0hUjRQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:40 2025 by rpki-client