This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.mft File: t72OrhZp3rOj-kGGSR4FyzLOCSo.mft (raw, json) Hash identifier: LbmPV1rOcBFOyqVRkuuuLPXp8LP2RF9WTaMYxlJ9Jzs= Subject key identifier: 3C:15:3F:2F:3C:E5:AB:4B:D3:FE:C4:73:90:F7:C4:E7:B8:91:5E:47 Authority key identifier: B7:BD:8E:AE:16:69:DE:B3:A3:FA:41:86:49:1E:05:CB:32:CE:09:2A Certificate issuer: /CN=b7bd8eae1669deb3a3fa4186491e05cb32ce092a Certificate serial: 019B462704441B2D61C09F9EDC622FB7890C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t72OrhZp3rOj-kGGSR4FyzLOCSo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.mft Manifest number: 124B Signing time: Mon 22 Dec 2025 13:02:00 +0000 Manifest this update: Mon 22 Dec 2025 13:02:00 +0000 Manifest next update: Tue 23 Dec 2025 13:02:00 +0000 Files and hashes: 1: 0CceuujOUN7fI6SJWiU4I3JvZeo.roa (hash: ReNIag9nA9bjr82rfcj5JjzPGdjpj3RK7GRwiAamY6Q=) 2: t72OrhZp3rOj-kGGSR4FyzLOCSo.crl (hash: NOEzC7x2E/0omp3dUAs/P1+LpF++LPbMQPIjjsMGhj0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.mft rsync://rpki.ripe.net/repository/DEFAULT/t72OrhZp3rOj-kGGSR4FyzLOCSo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:27:04:44:1b:2d:61:c0:9f:9e:dc:62:2f:b7:89:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b7bd8eae1669deb3a3fa4186491e05cb32ce092a Validity Not Before: Dec 22 13:02:00 2025 GMT Not After : Dec 23 13:02:00 2025 GMT Subject: CN=3c153f2f3ce5ab4bd3fec47390f7c4e7b8915e47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:82:d4:bc:cf:cf:d2:e8:2e:c4:a7:59:8d:cb: 18:91:7f:bb:4c:4b:19:1c:a7:1f:af:3e:f4:7a:10: db:60:d1:81:47:9f:04:64:f9:9a:d5:90:02:8c:e5: 38:4c:90:6c:10:74:3a:70:6f:2b:17:ea:1b:e7:ad: 8e:04:13:75:f3:1d:f7:76:08:e1:10:6b:3d:c7:21: e0:ed:7e:fa:22:80:ee:16:c0:b1:c9:79:77:ce:3a: e3:ce:a1:96:d0:73:df:14:fb:ef:c3:a1:06:c9:5c: b7:ca:fc:54:00:25:34:ea:d8:41:9f:ab:51:ac:b9: 7c:1a:c1:dd:f0:8f:20:13:d7:8d:8b:e2:c7:10:e2: 16:a3:c8:88:d5:1e:ad:cc:87:cf:b9:d3:e5:13:e0: e1:79:ed:54:ee:fa:9a:c9:c2:99:cd:63:69:55:4f: 58:3b:35:ab:b5:04:c9:95:1d:28:18:03:ba:34:d8: 9c:d2:24:e6:1d:a2:ac:d9:df:b0:99:0b:dd:7c:3c: f0:cb:bc:11:e4:12:56:ad:26:86:11:a2:05:70:45: 0b:22:89:ed:31:ca:15:97:de:ac:bd:01:41:31:0d: a2:32:ab:4c:e2:90:a7:30:cc:2e:c8:53:2c:90:90: 61:06:74:8d:b7:7d:90:a2:fd:77:24:cc:45:0e:43: 37:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:15:3F:2F:3C:E5:AB:4B:D3:FE:C4:73:90:F7:C4:E7:B8:91:5E:47 X509v3 Authority Key Identifier: keyid:B7:BD:8E:AE:16:69:DE:B3:A3:FA:41:86:49:1E:05:CB:32:CE:09:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t72OrhZp3rOj-kGGSR4FyzLOCSo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:df:98:36:5e:e2:2d:e0:db:6d:a2:54:c0:e9:48:96:c0:f1: 61:ef:bf:fe:9a:9e:f6:04:24:fd:56:04:86:13:a9:71:a7:33: 87:ef:f4:d1:60:eb:af:e4:f9:26:4e:7d:26:d1:3f:fb:ee:f9: 4d:30:2a:6b:d9:f2:90:cb:16:89:dd:2c:a9:c2:db:61:47:1b: e7:7f:03:bf:7b:22:e7:ca:83:6f:78:de:04:cb:f8:8e:71:43: 5e:24:34:90:4c:e7:82:42:2b:e7:be:01:82:fd:3d:b8:c6:1a: 39:71:1d:ca:0d:11:3c:04:50:cd:ca:25:c7:f2:85:c8:ec:35: 14:e8:8b:01:42:e0:40:f9:43:16:f7:64:ca:7d:82:b3:79:20: 93:89:8e:45:b2:14:35:8d:23:77:f1:8d:e1:87:44:47:a9:a9: 1c:a0:4b:0b:82:28:5d:ff:ce:12:40:da:ad:23:52:d8:a9:4a: 22:77:f8:33:28:4c:fb:f9:15:ba:ea:8a:f4:c0:90:65:d5:bb: e5:09:89:73:a9:9e:f4:1a:78:3c:62:1d:76:5c:27:81:29:9b: 3d:3d:28:e6:eb:cd:28:97:0d:c7:cb:dd:e1:11:e9:32:c5:60: 17:7d:23:8e:bd:7f:9b:62:ab:b2:8f:34:fd:2d:ac:eb:cf:19: 2f:4a:3a:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJwREGy1hwJ+e3GIvt4kMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3YmQ4ZWFlMTY2OWRlYjNhM2ZhNDE4NjQ5MWUwNWNiMzJj ZTA5MmEwHhcNMjUxMjIyMTMwMjAwWhcNMjUxMjIzMTMwMjAwWjAzMTEwLwYDVQQD EygzYzE1M2YyZjNjZTVhYjRiZDNmZWM0NzM5MGY3YzRlN2I4OTE1ZTQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYLUvM/P0uguxKdZjcsYkX+7TEsZ HKcfrz70ehDbYNGBR58EZPma1ZACjOU4TJBsEHQ6cG8rF+ob562OBBN18x33dgjh EGs9xyHg7X76IoDuFsCxyXl3zjrjzqGW0HPfFPvvw6EGyVy3yvxUACU06thBn6tR rLl8GsHd8I8gE9eNi+LHEOIWo8iI1R6tzIfPudPlE+Dhee1U7vqaycKZzWNpVU9Y OzWrtQTJlR0oGAO6NNic0iTmHaKs2d+wmQvdfDzwy7wR5BJWrSaGEaIFcEULIont McoVl96svQFBMQ2iMqtM4pCnMMwuyFMskJBhBnSNt32Qov13JMxFDkM35wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDwVPy885atL0/7Ec5D3xOe4kV5HMB8GA1UdIwQY MBaAFLe9jq4Wad6zo/pBhkkeBcsyzgkqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdDcyT3JoWnAzck9qLWtHR1NSNEZ5ekxPQ1NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iMGJkYmQtODAxYy00YjBiLTlmYmUt YWUxNWQ1MDc1OTBlLzEvdDcyT3JoWnAzck9qLWtHR1NSNEZ5ekxPQ1NvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9iMGJkYmQtODAxYy00YjBiLTlmYmUtYWUxNWQ1MDc1OTBl LzEvdDcyT3JoWnAzck9qLWtHR1NSNEZ5ekxPQ1NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVd+YNl7i LeDbbaJUwOlIlsDxYe+//pqe9gQk/VYEhhOpcaczh+/00WDrr+T5Jk59JtE/++75 TTAqa9nykMsWid0sqcLbYUcb538Dv3si58qDb3jeBMv4jnFDXiQ0kEzngkIr574B gv09uMYaOXEdyg0RPARQzcolx/KFyOw1FOiLAULgQPlDFvdkyn2Cs3kgk4mORbIU NY0jd/GN4YdER6mpHKBLC4IoXf/OEkDarSNS2KlKInf4MyhM+/kVuuqK9MCQZdW7 5QmJc6me9Bp4PGIddlwngSmbPT0o5uvNKJcNx8vd4RHpMsVgF30jjr1/m2Krso80 /S2s688ZL0o6zg== -----END CERTIFICATE-----Generated at Mon Dec 22 16:08:09 2025 by rpki-client