This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft File: rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft (raw, json) Hash identifier: IEDtRe/KCiDIciwh4qo/lGE7CnoLxJAuqS/t6nxsqZ0= Subject key identifier: B8:BE:10:73:16:0B:99:A9:EC:2B:CB:E8:FE:C1:EF:30:35:1C:CF:82 Authority key identifier: AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C Certificate issuer: /CN=acebf396c9adf94f84dc901656e255ce6d50660c Certificate serial: 019AF2E45ACB5E18ADCD4EA347D72B48358F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft Manifest number: 03D8 Signing time: Sat 06 Dec 2025 09:00:42 +0000 Manifest this update: Sat 06 Dec 2025 09:00:42 +0000 Manifest next update: Sun 07 Dec 2025 09:00:42 +0000 Files and hashes: 1: C4fkDspID27_2W7uJ0bDWTiMbsI.roa (hash: IPmvbCiP1dYquC+xxAe/aHEwDNf0L9S57sM644oyMl8=) 2: rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl (hash: wT6o58Ug4RPkyH8KdjgWvCW/9AZd2HcG8Rlr1siy7h4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:e4:5a:cb:5e:18:ad:cd:4e:a3:47:d7:2b:48:35:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=acebf396c9adf94f84dc901656e255ce6d50660c Validity Not Before: Dec 6 09:00:42 2025 GMT Not After : Dec 7 09:00:42 2025 GMT Subject: CN=b8be1073160b99a9ec2bcbe8fec1ef30351ccf82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c8:82:b8:13:55:15:d4:e3:a1:b5:bb:eb:10: 2d:73:2d:5f:f6:55:94:63:cc:5b:5f:f1:5b:01:e6: 2b:3f:eb:ec:d5:3d:ea:18:48:86:be:90:cb:4b:e7: 25:f0:21:69:bf:87:c2:14:9a:a9:9a:70:1f:e6:84: 77:68:58:34:01:1d:d0:c5:b0:8b:cc:d8:34:07:51: a0:56:ea:b8:8e:73:45:69:3e:ce:99:8c:ce:45:2a: 8f:e4:5c:c6:1d:c7:a8:b7:99:35:f2:06:d7:de:b8: a7:de:a0:b5:f0:f7:11:37:89:b0:dc:88:b6:2e:23: 4e:d8:be:66:7f:72:4a:cb:34:54:eb:4e:f3:43:c0: c7:77:7d:1e:38:00:f8:a7:66:1d:a5:fd:f8:8d:0a: a7:a7:54:ed:44:4e:2c:66:af:33:4a:60:10:55:f7: 99:7c:b4:19:fb:6c:74:42:cf:c4:52:7a:cd:d7:36: 63:10:27:2f:fe:10:a3:57:53:a0:28:67:e7:04:78: 41:a6:89:cd:d1:40:cb:a1:d6:c9:97:7f:d9:35:d9: 1c:21:b2:55:c8:bc:a4:44:67:bf:7e:ca:6d:e5:75: 1e:0a:a9:88:22:df:7f:e5:1c:05:7d:41:44:37:20: ec:42:bb:2c:71:3c:a7:9c:21:7e:07:ba:cf:d2:dc: 54:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:BE:10:73:16:0B:99:A9:EC:2B:CB:E8:FE:C1:EF:30:35:1C:CF:82 X509v3 Authority Key Identifier: keyid:AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:12:2e:3f:cf:61:ac:cb:ff:f5:05:b0:cb:87:f0:f1:9f:b3: f4:c7:ea:5d:3d:b1:d3:23:ab:e4:1d:36:b7:1c:d9:c0:c6:f5: db:c6:8e:0b:be:99:04:3e:a4:b3:fe:13:22:59:11:9b:79:7f: c0:ab:01:92:e5:c9:a2:7f:8f:a8:70:61:12:f4:5e:3c:fe:fb: 8e:d2:3e:f6:25:b2:5f:1b:1f:cc:0f:18:a3:6d:ed:2f:d8:0d: 26:1d:00:b1:17:3d:2f:78:a3:1c:01:c0:ea:91:0d:94:36:62: cf:2b:f8:fb:91:02:d2:44:bc:c0:b6:c4:25:9d:56:8f:f8:9e: 46:16:8f:2a:e5:ef:02:b0:8a:d3:2d:27:3f:38:bf:e7:2b:64: 43:1d:1f:60:29:aa:9b:e1:89:a8:63:8a:64:5e:63:a1:69:36: aa:bf:16:c8:ae:b5:80:92:99:cf:f6:b2:ae:9e:d3:a1:f1:4d: b5:dd:3a:b0:cf:94:ee:2d:a2:39:04:f8:1c:c4:9f:1d:d0:d7: 0f:76:a4:21:ce:96:2e:b4:5e:c9:6f:86:2f:8b:29:e4:5c:8b: e0:ca:ac:fe:5f:1f:44:66:12:de:82:20:43:26:a6:17:a4:95: 76:d0:81:7d:9b:28:12:df:3e:0d:29:23:70:cc:7a:62:a4:a1: 67:21:64:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZry5FrLXhitzU6jR9crSDWPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjZWJmMzk2YzlhZGY5NGY4NGRjOTAxNjU2ZTI1NWNlNmQ1 MDY2MGMwHhcNMjUxMjA2MDkwMDQyWhcNMjUxMjA3MDkwMDQyWjAzMTEwLwYDVQQD EyhiOGJlMTA3MzE2MGI5OWE5ZWMyYmNiZThmZWMxZWYzMDM1MWNjZjgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MiCuBNVFdTjobW76xAtcy1f9lWU Y8xbX/FbAeYrP+vs1T3qGEiGvpDLS+cl8CFpv4fCFJqpmnAf5oR3aFg0AR3QxbCL zNg0B1GgVuq4jnNFaT7OmYzORSqP5FzGHceot5k18gbX3rin3qC18PcRN4mw3Ii2 LiNO2L5mf3JKyzRU607zQ8DHd30eOAD4p2Ydpf34jQqnp1TtRE4sZq8zSmAQVfeZ fLQZ+2x0Qs/EUnrN1zZjECcv/hCjV1OgKGfnBHhBponN0UDLodbJl3/ZNdkcIbJV yLykRGe/fspt5XUeCqmIIt9/5RwFfUFENyDsQrsscTynnCF+B7rP0txUJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLi+EHMWC5mp7CvL6P7B7zA1HM+CMB8GA1UdIwQY MBaAFKzr85bJrflPhNyQFlbiVc5tUGYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQt NDg0N2QzOTNhYjU1LzEvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQtNDg0N2QzOTNhYjU1 LzEvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRIuP89h rMv/9QWwy4fw8Z+z9MfqXT2x0yOr5B02txzZwMb128aOC76ZBD6ks/4TIlkRm3l/ wKsBkuXJon+PqHBhEvRePP77jtI+9iWyXxsfzA8Yo23tL9gNJh0AsRc9L3ijHAHA 6pENlDZizyv4+5EC0kS8wLbEJZ1Wj/ieRhaPKuXvArCK0y0nPzi/5ytkQx0fYCmq m+GJqGOKZF5joWk2qr8WyK61gJKZz/ayrp7TofFNtd06sM+U7i2iOQT4HMSfHdDX D3akIc6WLrReyW+GL4sp5FyL4Mqs/l8fRGYS3oIgQyamF6SVdtCBfZsoEt8+DSkj cMx6YqShZyFk+g== -----END CERTIFICATE-----Generated at Sat Dec 6 10:39:09 2025 by rpki-client