This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft File: r433xPeRM3MP4-aJR3enlgSly3k.mft (raw, json) Hash identifier: JEeN6zC42Rrazt+MrWgVn14YYl0ZBmMbRL/ljGFrGd0= Subject key identifier: EB:8B:62:68:63:FC:6C:71:7E:03:2E:84:1C:FB:B1:67:6C:EC:66:64 Authority key identifier: AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79 Certificate issuer: /CN=af8df7c4f79133730fe3e6894777a79604a5cb79 Certificate serial: 019B435C46932028D7409121CCDEAC18050B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft Manifest number: 178B Signing time: Mon 22 Dec 2025 00:01:19 +0000 Manifest this update: Mon 22 Dec 2025 00:01:19 +0000 Manifest next update: Tue 23 Dec 2025 00:01:19 +0000 Files and hashes: 1: Sj0PB6C71UQWy93CM-Vpj4pjoBg.roa (hash: StQmSXi8WTjztpX70qdwwtDI4sB0dsxFMynA07YhLgY=) 2: r433xPeRM3MP4-aJR3enlgSly3k.crl (hash: 5ljIA3Hhz+NKdW1qSVkpQYdkPFKnaiS9WJLbQV26QcY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:5c:46:93:20:28:d7:40:91:21:cc:de:ac:18:05:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af8df7c4f79133730fe3e6894777a79604a5cb79 Validity Not Before: Dec 22 00:01:19 2025 GMT Not After : Dec 23 00:01:19 2025 GMT Subject: CN=eb8b626863fc6c717e032e841cfbb1676cec6664 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d5:3d:b9:27:e9:61:c4:25:cb:39:25:fe:04: 54:0b:c5:7f:ad:e4:3d:8b:63:8e:8f:07:72:59:41: 82:b0:42:78:b7:bc:0e:8d:b8:70:ac:05:b8:26:e8: 60:f6:ad:f4:fc:d2:15:8b:35:7a:61:2b:1d:3e:92: d4:54:51:e1:a9:25:f2:6d:d0:86:4c:bb:02:ad:3f: 0a:0c:98:e3:90:a8:54:57:ba:e8:98:e4:2c:04:e8: c1:9f:62:97:ab:23:37:ec:d3:07:0c:4e:fb:9d:16: 9f:84:c8:8a:b0:d7:a0:fd:a3:c4:0c:77:bc:72:db: 3f:d6:64:99:9a:cc:7c:28:e3:d5:17:b3:1c:e0:18: 22:51:10:b3:7a:20:38:40:15:8d:d3:98:71:79:00: d6:22:79:51:92:37:47:c4:56:36:5f:65:ab:49:3d: c7:d4:c5:dc:8a:79:84:cb:d6:a1:73:81:1d:d7:5b: b8:3c:ab:5b:69:10:b1:78:90:c0:df:5b:e6:da:50: 8f:a1:54:be:cb:a5:42:e2:42:6d:cc:c1:c7:3e:79: 97:40:92:43:2e:ac:84:bc:a1:34:78:59:f5:7f:78: b9:b1:4a:51:1a:97:ab:6e:1c:e9:5c:ab:40:ea:6b: 28:f6:f0:d9:37:74:5d:f2:2f:a6:23:f5:79:3b:2e: 0e:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:8B:62:68:63:FC:6C:71:7E:03:2E:84:1C:FB:B1:67:6C:EC:66:64 X509v3 Authority Key Identifier: keyid:AF:8D:F7:C4:F7:91:33:73:0F:E3:E6:89:47:77:A7:96:04:A5:CB:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r433xPeRM3MP4-aJR3enlgSly3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/50ff00-777a-411d-938b-f4d60ecdf2b2/1/r433xPeRM3MP4-aJR3enlgSly3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:c9:20:4d:53:7a:de:16:04:b0:64:09:20:4f:fa:48:1e:1d: 26:ba:de:b5:48:23:50:92:a9:d3:d3:c3:fb:c7:23:5c:9d:f0: f9:62:f1:28:0c:8d:d7:74:c3:ac:f5:e6:71:c4:38:0c:3b:37: 3f:74:ee:92:3a:11:d1:c4:a6:85:b1:fb:e3:1a:db:83:61:4e: 66:6b:02:6e:e2:ac:96:94:d2:77:f1:74:32:f0:32:65:cc:4a: 28:48:9a:fa:3e:73:11:72:80:72:0b:32:96:6a:e8:41:d1:ad: 4b:2c:07:d5:47:29:cd:16:1d:06:17:5d:02:ea:7c:9d:82:45: 8c:b3:6d:2a:99:e1:80:a6:dd:55:cd:98:d1:c0:99:de:20:ec: 2f:ca:a0:2d:5a:86:92:39:4b:b9:57:ab:6b:75:de:8e:db:fb: 3f:81:67:00:16:09:fd:ea:e5:3b:ed:a5:eb:e3:02:fd:f2:4b: 5a:57:19:98:3f:b8:f9:b5:11:93:ce:89:41:b7:00:f9:b4:64: 4a:96:b6:6a:aa:28:79:67:84:ec:16:33:cb:b6:a4:85:a1:9c: 2d:28:65:24:3f:6e:34:8c:c5:84:ee:d7:24:91:c9:f3:1f:4f: a3:fe:b2:27:05:6a:95:b9:89:06:82:c3:99:4e:cb:9c:49:25: 9a:c7:f4:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDXEaTICjXQJEhzN6sGAULMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmOGRmN2M0Zjc5MTMzNzMwZmUzZTY4OTQ3NzdhNzk2MDRh NWNiNzkwHhcNMjUxMjIyMDAwMTE5WhcNMjUxMjIzMDAwMTE5WjAzMTEwLwYDVQQD EyhlYjhiNjI2ODYzZmM2YzcxN2UwMzJlODQxY2ZiYjE2NzZjZWM2NjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdU9uSfpYcQlyzkl/gRUC8V/reQ9 i2OOjwdyWUGCsEJ4t7wOjbhwrAW4Juhg9q30/NIVizV6YSsdPpLUVFHhqSXybdCG TLsCrT8KDJjjkKhUV7romOQsBOjBn2KXqyM37NMHDE77nRafhMiKsNeg/aPEDHe8 cts/1mSZmsx8KOPVF7Mc4BgiURCzeiA4QBWN05hxeQDWInlRkjdHxFY2X2WrST3H 1MXcinmEy9ahc4Ed11u4PKtbaRCxeJDA31vm2lCPoVS+y6VC4kJtzMHHPnmXQJJD LqyEvKE0eFn1f3i5sUpRGperbhzpXKtA6mso9vDZN3Rd8i+mI/V5Oy4O3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOuLYmhj/GxxfgMuhBz7sWds7GZkMB8GA1UdIwQY MBaAFK+N98T3kTNzD+PmiUd3p5YEpct5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGIt ZjRkNjBlY2RmMmIyLzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC81MGZmMDAtNzc3YS00MTFkLTkzOGItZjRkNjBlY2RmMmIy LzEvcjQzM3hQZVJNM01QNC1hSlIzZW5sZ1NseTNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHckgTVN6 3hYEsGQJIE/6SB4dJrretUgjUJKp09PD+8cjXJ3w+WLxKAyN13TDrPXmccQ4DDs3 P3TukjoR0cSmhbH74xrbg2FOZmsCbuKslpTSd/F0MvAyZcxKKEia+j5zEXKAcgsy lmroQdGtSywH1UcpzRYdBhddAup8nYJFjLNtKpnhgKbdVc2Y0cCZ3iDsL8qgLVqG kjlLuVera3Xejtv7P4FnABYJ/erlO+2l6+MC/fJLWlcZmD+4+bURk86JQbcA+bRk Spa2aqooeWeE7BYzy7akhaGcLShlJD9uNIzFhO7XJJHJ8x9Po/6yJwVqlbmJBoLD mU7LnEklmsf0Bw== -----END CERTIFICATE-----Generated at Mon Dec 22 07:20:16 2025 by rpki-client