This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json) Hash identifier: WPAwDAGf36tU1jhHaaskJeU5lyR5ecRc1Hrz3pb4Vxk= Subject key identifier: D8:5D:2A:AA:17:90:E7:54:01:AF:30:3B:F7:0A:05:E3:2C:18:FD:2A Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Certificate serial: 019AF5781A59E55B5852CACA616F7CB0D65F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft Manifest number: 07A6 Signing time: Sat 06 Dec 2025 21:01:20 +0000 Manifest this update: Sat 06 Dec 2025 21:01:20 +0000 Manifest next update: Sun 07 Dec 2025 21:01:20 +0000 Files and hashes: 1: 1-zGyc8-sNFoNd9jrRwy0ohv-lr8.roa (hash: X6damPmptp3XphV2HfGbEnZgUQ5Ok8UVDdDjwWdsAA0=) 2: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: B4UBR4B5n61/DhqcsOUeMWDFvezIwd4lJ14Zf0JKeM8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:1a:59:e5:5b:58:52:ca:ca:61:6f:7c:b0:d6:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Validity Not Before: Dec 6 21:01:20 2025 GMT Not After : Dec 7 21:01:20 2025 GMT Subject: CN=d85d2aaa1790e75401af303bf70a05e32c18fd2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ab:7e:7f:57:5e:83:73:38:ec:59:3d:5a:b2: a7:0e:98:b2:5b:b3:e2:2d:0a:c8:e4:3f:64:49:ec: 6e:3c:e9:b6:5b:5f:8f:9a:b4:7d:be:76:67:1f:2d: 04:aa:32:2e:b5:61:7d:7a:da:2f:13:63:b0:47:a6: e2:90:33:b3:ce:32:db:d8:fb:b6:48:f4:de:19:51: 74:11:f9:6c:74:97:cf:1d:ae:8e:dc:bd:a7:bf:76: 7b:b7:4a:3c:50:27:f2:67:51:a1:87:f8:6c:e8:8a: 13:d3:05:fe:4b:6f:f0:7a:fb:51:a5:3d:51:87:b1: b5:d2:ee:08:28:7d:17:56:b4:92:1c:d5:72:23:a6: db:82:9d:0b:c1:c0:3f:d0:a5:e7:0e:2b:99:b2:fe: 1b:bb:6e:c1:cd:2c:3e:9f:1f:3b:d2:b6:1c:fb:b8: fe:c7:66:f4:9f:c1:c7:89:da:4c:62:dc:4a:44:c9: b8:69:13:85:b0:f0:8f:33:c7:85:53:cf:57:24:6b: dd:04:cc:49:0f:2c:42:06:3d:43:25:01:0d:0a:04: 77:c9:dd:c9:f0:de:58:01:80:2c:c7:79:37:b6:ae: 13:55:e3:ea:1f:6d:f7:3f:fd:37:13:93:3d:ee:f4: c6:15:51:9e:39:61:8d:cf:8a:75:37:ef:2e:35:99: d3:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:5D:2A:AA:17:90:E7:54:01:AF:30:3B:F7:0A:05:E3:2C:18:FD:2A X509v3 Authority Key Identifier: keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:04:a4:91:07:90:5b:d4:bf:c4:8e:0c:87:15:50:1d:41:6f: 04:16:83:18:2d:2d:ba:01:3f:99:8a:ca:77:7c:09:0c:9c:78: fa:ae:b3:19:ce:0a:c5:6e:50:89:4d:b7:be:16:6a:d1:60:76: 19:67:e8:b7:9c:48:5f:ae:90:02:16:06:01:c1:d6:95:01:7c: 0a:e7:af:d5:1c:e3:d1:61:bd:48:fa:1b:08:a5:66:ec:e1:72: 25:7b:ab:6b:30:73:95:59:5c:82:72:10:62:f4:16:4e:86:d6: 79:b0:79:e5:79:9a:af:61:c5:c9:0b:9a:25:09:d3:41:59:8e: 1b:aa:57:fa:e3:5f:69:9b:fd:9a:dd:cd:ab:a7:a6:df:ee:5e: 84:80:2d:05:ab:eb:1f:5f:a5:03:c9:0b:04:c0:7b:4f:38:db: 32:9d:a0:08:12:dd:e4:63:4a:d5:0c:51:04:c4:df:08:0e:0d: fe:70:7a:1d:79:6c:eb:a2:d2:58:ec:95:3e:e3:37:6f:c3:a2: 69:21:d8:e7:08:de:35:be:94:1b:e0:f7:55:22:00:20:3d:74: 1d:d0:9a:a8:ce:60:93:19:6a:9a:ca:b9:44:4c:ab:0f:2e:fa: 31:72:0b:36:3c:95:25:20:70:97:f3:49:74:70:da:a9:4e:f8: a7:76:f8:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eBpZ5VtYUsrKYW98sNZfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk MmI5YWEwHhcNMjUxMjA2MjEwMTIwWhcNMjUxMjA3MjEwMTIwWjAzMTEwLwYDVQQD EyhkODVkMmFhYTE3OTBlNzU0MDFhZjMwM2JmNzBhMDVlMzJjMThmZDJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqt+f1deg3M47Fk9WrKnDpiyW7Pi LQrI5D9kSexuPOm2W1+PmrR9vnZnHy0EqjIutWF9etovE2OwR6bikDOzzjLb2Pu2 SPTeGVF0EflsdJfPHa6O3L2nv3Z7t0o8UCfyZ1Ghh/hs6IoT0wX+S2/wevtRpT1R h7G10u4IKH0XVrSSHNVyI6bbgp0LwcA/0KXnDiuZsv4bu27BzSw+nx870rYc+7j+ x2b0n8HHidpMYtxKRMm4aROFsPCPM8eFU89XJGvdBMxJDyxCBj1DJQENCgR3yd3J 8N5YAYAsx3k3tq4TVePqH233P/03E5M97vTGFVGeOWGNz4p1N+8uNZnTMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNhdKqoXkOdUAa8wO/cKBeMsGP0qMB8GA1UdIwQY MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4 LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEASkkQeQ W9S/xI4MhxVQHUFvBBaDGC0tugE/mYrKd3wJDJx4+q6zGc4KxW5QiU23vhZq0WB2 GWfot5xIX66QAhYGAcHWlQF8Cuev1Rzj0WG9SPobCKVm7OFyJXurazBzlVlcgnIQ YvQWTobWebB55Xmar2HFyQuaJQnTQVmOG6pX+uNfaZv9mt3Nq6em3+5ehIAtBavr H1+lA8kLBMB7TzjbMp2gCBLd5GNK1QxRBMTfCA4N/nB6HXls66LSWOyVPuM3b8Oi aSHY5wjeNb6UG+D3VSIAID10HdCaqM5gkxlqmsq5REyrDy76MXILNjyVJSBwl/NJ dHDaqU74p3b47A== -----END CERTIFICATE-----Generated at Sun Dec 7 04:52:42 2025 by rpki-client