This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json) Hash identifier: LRNBO3I7+fKN3d8p/1ZPpSIP/2MU+Bkpm5TM+yAnkFw= Subject key identifier: 32:9C:06:27:57:72:8E:27:BD:0E:33:7B:4B:86:AF:BC:53:0D:FD:16 Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f Certificate serial: 019B3BA2258490ADAB1613653200D2D489A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft Manifest number: 0411 Signing time: Sat 20 Dec 2025 12:00:40 +0000 Manifest this update: Sat 20 Dec 2025 12:00:40 +0000 Manifest next update: Sun 21 Dec 2025 12:00:40 +0000 Files and hashes: 1: 5jBhyCclhjBWCSh1O-0WT6aKzvs.roa (hash: MRjgNDdW46vQb+SgK5+muMmigtF72q9wmhV3HqxuIuc=) 2: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: 9tz02KcwAFKVdF8PP1c8/1cW+qNLJ+34M2yO4TxIoOE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:25:84:90:ad:ab:16:13:65:32:00:d2:d4:89:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f Validity Not Before: Dec 20 12:00:40 2025 GMT Not After : Dec 21 12:00:40 2025 GMT Subject: CN=329c062757728e27bd0e337b4b86afbc530dfd16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:47:8f:30:b3:11:d6:d5:4f:6a:ff:fb:44:5d: 3a:65:a1:cd:30:b8:4a:3c:2d:da:4e:0e:c5:53:4f: ce:9b:9c:63:a5:08:b1:69:1b:3b:37:b5:51:22:4e: 75:b7:88:5f:f4:37:28:68:38:97:c9:14:08:20:69: 2f:37:7a:4b:f7:b9:58:ac:1d:ea:c4:5c:11:5f:ef: 7a:1f:b8:e1:fb:81:22:f5:87:48:d6:82:13:e5:ac: bf:14:21:2f:00:9c:63:7c:47:26:ed:d0:a5:06:59: 9b:24:65:29:8f:cb:5f:2d:e0:d8:63:e2:8c:72:dc: c6:cb:eb:2b:94:eb:ef:51:b2:14:b0:85:32:52:4b: 0a:1e:05:19:41:73:d1:53:fc:aa:a2:4b:d7:b1:25: 3f:bb:cb:9f:4e:e7:a0:a7:c8:a8:29:a1:0e:4e:5b: 29:07:e1:44:d1:a1:df:6e:ec:d5:98:72:be:1a:58: d2:64:2f:2f:a1:56:08:b7:9d:58:68:fc:25:81:3a: c4:9b:84:de:70:58:c7:e5:d6:5a:3c:96:8f:e6:33: 52:a6:fa:e6:66:cb:f7:ec:dc:b9:5d:79:47:bd:03: ac:71:07:67:95:d5:1f:6f:a3:87:7c:9a:e5:90:78: 9d:1a:be:a3:4d:e2:07:ca:2d:c9:04:6d:5c:b3:d5: 88:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:9C:06:27:57:72:8E:27:BD:0E:33:7B:4B:86:AF:BC:53:0D:FD:16 X509v3 Authority Key Identifier: keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:4e:eb:e4:ea:b3:d5:2b:65:e7:a9:94:18:05:3f:38:be:36: f9:16:68:5b:bd:ab:10:30:71:04:8a:66:9e:cc:d7:1f:03:de: b7:cc:79:e6:9a:19:c2:90:a2:80:b1:a0:8e:28:8d:60:2b:39: 8e:b3:51:c6:7f:c9:67:48:5e:29:0e:42:ba:98:b0:b0:75:3a: c1:6e:b6:3e:6a:af:5c:25:13:ea:b5:53:62:e9:a9:d1:fe:58: e2:00:c1:77:80:f2:08:f6:99:19:0e:c7:41:6a:4f:8d:4f:04: 80:95:02:68:71:b8:ba:b5:2d:a9:0d:5b:89:ef:d1:88:f0:53: 30:fa:60:64:eb:6e:c3:2f:68:e8:e4:ef:10:6e:41:9f:cd:19: 98:b5:e8:36:e7:ef:d1:32:ea:8f:ec:fd:85:57:fa:58:8c:fc: 46:40:c0:5d:9a:08:3a:7f:1c:83:ed:aa:49:94:12:3c:60:de: 73:ff:d1:40:29:92:0d:5f:14:04:d5:c9:ac:ef:0c:8f:cd:19: b7:9e:cf:e7:34:37:f6:36:0e:cd:6c:4a:14:16:43:82:39:ca: 6f:90:38:9e:4f:ca:28:5c:2e:21:8e:44:f0:75:96:9f:36:67: c3:03:ae:8e:97:e3:7c:50:37:4a:2c:30:04:53:39:bd:b7:ba: 28:b1:5b:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7oiWEkK2rFhNlMgDS1ImoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll ODg2NGYwHhcNMjUxMjIwMTIwMDQwWhcNMjUxMjIxMTIwMDQwWjAzMTEwLwYDVQQD EygzMjljMDYyNzU3NzI4ZTI3YmQwZTMzN2I0Yjg2YWZiYzUzMGRmZDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kePMLMR1tVPav/7RF06ZaHNMLhK PC3aTg7FU0/Om5xjpQixaRs7N7VRIk51t4hf9DcoaDiXyRQIIGkvN3pL97lYrB3q xFwRX+96H7jh+4Ei9YdI1oIT5ay/FCEvAJxjfEcm7dClBlmbJGUpj8tfLeDYY+KM ctzGy+srlOvvUbIUsIUyUksKHgUZQXPRU/yqokvXsSU/u8ufTuegp8ioKaEOTlsp B+FE0aHfbuzVmHK+GljSZC8voVYIt51YaPwlgTrEm4TecFjH5dZaPJaP5jNSpvrm Zsv37Ny5XXlHvQOscQdnldUfb6OHfJrlkHidGr6jTeIHyi3JBG1cs9WItQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDKcBidXco4nvQ4ze0uGr7xTDf0WMB8GA1UdIwQY MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1 LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPk7r5Oqz 1Stl56mUGAU/OL42+RZoW72rEDBxBIpmnszXHwPet8x55poZwpCigLGgjiiNYCs5 jrNRxn/JZ0heKQ5CupiwsHU6wW62PmqvXCUT6rVTYump0f5Y4gDBd4DyCPaZGQ7H QWpPjU8EgJUCaHG4urUtqQ1bie/RiPBTMPpgZOtuwy9o6OTvEG5Bn80ZmLXoNufv 0TLqj+z9hVf6WIz8RkDAXZoIOn8cg+2qSZQSPGDec//RQCmSDV8UBNXJrO8Mj80Z t57P5zQ39jYOzWxKFBZDgjnKb5A4nk/KKFwuIY5E8HWWnzZnwwOujpfjfFA3Siww BFM5vbe6KLFbqg== -----END CERTIFICATE-----Generated at Sat Dec 20 18:15:17 2025 by rpki-client