This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json) Hash identifier: aqwp457WdQ4zkuPRQG1QCeKKvJwpe0F9mNRaNZrCulo= Subject key identifier: 7C:5C:6C:73:1F:66:63:60:33:FE:2F:E3:B5:76:F3:45:83:08:A3:DD Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd Certificate serial: 019AF2AD81C20D10706129F500401379019B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft Manifest number: 1766 Signing time: Sat 06 Dec 2025 08:00:48 +0000 Manifest this update: Sat 06 Dec 2025 08:00:48 +0000 Manifest next update: Sun 07 Dec 2025 08:00:48 +0000 Files and hashes: 1: aSlfyLBw9tgMgXUQzZob6GMDMuM.roa (hash: DQ6riuAx/+y5wvPOEmkDzdZnToFJiPSBUt3sxo+9O3s=) 2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: ttDFDbRCR/L9KTwoTTKuxAxdWEMG7wZv9oC+cwq+w3o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:81:c2:0d:10:70:61:29:f5:00:40:13:79:01:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd Validity Not Before: Dec 6 08:00:48 2025 GMT Not After : Dec 7 08:00:48 2025 GMT Subject: CN=7c5c6c731f66636033fe2fe3b576f3458308a3dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:dd:dc:36:0c:2a:d1:06:e5:b1:b8:76:67:7b: fd:5d:26:49:76:8a:08:84:7f:5f:cb:79:95:0c:db: d7:aa:c0:3f:35:0c:1d:91:91:55:ff:fd:19:24:76: d3:53:38:5f:cd:bd:76:8e:03:ef:8d:e2:db:08:fc: 11:90:61:c1:27:3d:bc:f7:89:fc:7f:8c:58:4c:9d: f6:56:0a:35:b8:e4:7c:45:24:67:32:e0:4e:d7:25: 04:db:23:9f:64:ac:4a:8d:a7:03:0e:03:52:f6:6f: d5:86:c7:6f:c5:12:b5:af:4f:fc:29:54:53:f9:c1: 4e:38:1c:20:76:71:79:be:fb:a2:97:20:06:45:4f: 59:0c:31:56:9e:22:d9:69:9a:80:81:e0:91:5d:1a: 67:c3:8a:9b:b5:e6:b6:ec:5d:bd:e9:d7:46:34:ee: 44:08:00:8e:48:90:19:3c:41:13:98:f3:73:9f:9f: 80:a8:a2:43:9f:77:72:94:e9:a7:0f:5e:4c:6d:56: fa:15:85:f5:3a:89:57:bb:b9:eb:13:5d:38:fa:d7: 22:a1:c1:f9:0d:46:c0:55:f4:6c:58:8e:c7:9b:94: 76:fa:b7:84:19:ae:25:4e:3e:33:ec:eb:6d:ce:57: 7f:53:41:64:17:16:ab:62:5a:8e:36:cb:aa:b8:11: 08:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:5C:6C:73:1F:66:63:60:33:FE:2F:E3:B5:76:F3:45:83:08:A3:DD X509v3 Authority Key Identifier: keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:6d:77:7c:1f:2f:b4:14:ec:20:d7:0b:52:c2:dd:d7:9f:ad: dc:b5:66:7c:c2:ca:0a:ad:7e:fe:71:d8:6d:9c:a1:15:e8:ca: b6:bb:ee:dc:b6:d9:6b:e9:a2:05:04:7a:c8:e9:49:fb:1c:1d: 82:73:96:ec:15:5a:0a:fb:3d:fb:80:4c:b1:2f:8f:93:54:8e: 63:8e:2b:de:53:db:f6:99:67:cf:1d:dd:99:f9:a3:54:80:fc: ba:42:03:15:e4:91:de:ff:aa:6f:58:49:ea:05:3b:55:40:1b: f0:bd:d8:bb:9d:b0:f9:e9:6a:74:f6:ff:fc:1c:09:2d:d3:c6: b0:f5:ed:37:87:a6:98:52:fd:32:c8:e6:3e:5a:54:d3:39:03: 0d:06:db:bd:24:e4:da:db:3d:5e:03:a1:67:e1:38:53:eb:18: 16:7a:50:93:b4:0a:43:2e:c5:0a:dd:5d:90:ca:68:b9:c9:96: e4:7a:fe:1d:4a:4f:d6:95:6d:87:c7:14:fa:59:4a:ff:62:b8: 86:74:7c:12:e7:b6:1b:ab:3b:60:f9:ce:f0:f7:5a:92:cb:2e: 8f:d3:25:cc:be:62:67:c3:88:3d:3d:b8:0c:25:e2:74:f2:38: ac:8a:be:a0:f5:6e:a8:8d:f1:44:23:6c:b4:a3:97:40:1d:8c: 64:fa:57:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrYHCDRBwYSn1AEATeQGbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw OGYyY2QwHhcNMjUxMjA2MDgwMDQ4WhcNMjUxMjA3MDgwMDQ4WjAzMTEwLwYDVQQD Eyg3YzVjNmM3MzFmNjY2MzYwMzNmZTJmZTNiNTc2ZjM0NTgzMDhhM2RkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN3cNgwq0Qblsbh2Z3v9XSZJdooI hH9fy3mVDNvXqsA/NQwdkZFV//0ZJHbTUzhfzb12jgPvjeLbCPwRkGHBJz2894n8 f4xYTJ32Vgo1uOR8RSRnMuBO1yUE2yOfZKxKjacDDgNS9m/VhsdvxRK1r0/8KVRT +cFOOBwgdnF5vvuilyAGRU9ZDDFWniLZaZqAgeCRXRpnw4qbtea27F296ddGNO5E CACOSJAZPEETmPNzn5+AqKJDn3dylOmnD15MbVb6FYX1OolXu7nrE104+tciocH5 DUbAVfRsWI7Hm5R2+reEGa4lTj4z7Ottzld/U0FkFxarYlqONsuquBEIwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHxcbHMfZmNgM/4v47V280WDCKPdMB8GA1UdIwQY MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP213fB8v tBTsINcLUsLd15+t3LVmfMLKCq1+/nHYbZyhFejKtrvu3LbZa+miBQR6yOlJ+xwd gnOW7BVaCvs9+4BMsS+Pk1SOY44r3lPb9plnzx3dmfmjVID8ukIDFeSR3v+qb1hJ 6gU7VUAb8L3Yu52w+elqdPb//BwJLdPGsPXtN4emmFL9MsjmPlpU0zkDDQbbvSTk 2ts9XgOhZ+E4U+sYFnpQk7QKQy7FCt1dkMpoucmW5Hr+HUpP1pVth8cU+llK/2K4 hnR8Eue2G6s7YPnO8Pdakssuj9MlzL5iZ8OIPT24DCXidPI4rIq+oPVuqI3xRCNs tKOXQB2MZPpXKQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:00:08 2025 by rpki-client