This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b0ef59-1842-4ca3-9865-067cc4426c28/1/rONjRGSGG9S_jFvH48m_09JGpN0.mft File: rONjRGSGG9S_jFvH48m_09JGpN0.mft (raw, json) Hash identifier: t0a1+SxdrzWGiRofy5Yr0ETeodq6BOCxto13UY3i0SY= Subject key identifier: 0D:1F:16:3D:F6:6E:42:F0:A9:97:65:9D:8F:68:FE:81:63:7D:04:5C Authority key identifier: AC:E3:63:44:64:86:1B:D4:BF:8C:5B:C7:E3:C9:BF:D3:D2:46:A4:DD Certificate issuer: /CN=ace3634464861bd4bf8c5bc7e3c9bfd3d246a4dd Certificate serial: 019B0F37AC0CCB9DE5A413D33F0CD6DD6A37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rONjRGSGG9S_jFvH48m_09JGpN0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b0ef59-1842-4ca3-9865-067cc4426c28/1/rONjRGSGG9S_jFvH48m_09JGpN0.mft Manifest number: 1771 Signing time: Thu 11 Dec 2025 21:01:05 +0000 Manifest this update: Thu 11 Dec 2025 21:01:05 +0000 Manifest next update: Fri 12 Dec 2025 21:01:05 +0000 Files and hashes: 1: Obsiy3NGEoUjL-DLQo0yhLx4KAI.roa (hash: p9j2sVfI93AXLXtc3YNcT/Xcs3W13x3825+kRDw3Ko8=) 2: rONjRGSGG9S_jFvH48m_09JGpN0.crl (hash: ljvmBvHBYI1YZa3s0TsMG966S8TDVR9iMExJW9SIBLg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/b0ef59-1842-4ca3-9865-067cc4426c28/1/rONjRGSGG9S_jFvH48m_09JGpN0.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/b0ef59-1842-4ca3-9865-067cc4426c28/1/rONjRGSGG9S_jFvH48m_09JGpN0.mft rsync://rpki.ripe.net/repository/DEFAULT/rONjRGSGG9S_jFvH48m_09JGpN0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:37:ac:0c:cb:9d:e5:a4:13:d3:3f:0c:d6:dd:6a:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ace3634464861bd4bf8c5bc7e3c9bfd3d246a4dd Validity Not Before: Dec 11 21:01:05 2025 GMT Not After : Dec 12 21:01:05 2025 GMT Subject: CN=0d1f163df66e42f0a997659d8f68fe81637d045c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:20:ab:1e:50:64:27:c1:c1:b9:cd:27:97:ca: ee:a8:04:b2:aa:ad:51:e4:a5:bb:68:48:1f:9f:07: fc:e0:9c:2e:71:19:5b:8a:c0:c1:26:65:d1:f1:0c: 6a:54:c5:7f:98:2a:43:97:bd:0d:ea:5e:7e:9d:e4: d5:18:50:60:31:d3:3f:1b:e5:d1:f8:26:95:fc:d1: 9f:d8:e3:c7:59:a4:d0:f7:42:18:6e:41:17:2f:c0: ed:25:fc:02:f9:ee:d6:02:c1:99:7e:d1:21:14:49: c7:74:1c:f1:bc:08:8b:62:8c:22:29:c8:fc:7c:8f: cc:8e:44:8b:6b:4d:0d:d4:84:97:7c:48:2b:23:c3: 5d:23:fb:46:b0:66:b8:b8:21:41:a9:ce:4e:e2:79: 89:75:c7:b6:f0:ec:dd:93:ce:1f:9f:45:67:87:0b: 58:87:b1:c1:89:64:10:9b:62:cd:e0:6c:e2:07:c1: 77:d9:08:b6:77:98:96:e6:0d:70:0a:ee:94:9b:b3: d3:73:2c:d8:97:50:39:2a:af:fd:15:fb:b5:59:ec: c8:ab:11:75:1f:8d:3b:0e:1f:32:55:4e:d7:bf:57: 65:16:12:ca:59:c2:d9:1b:c0:62:78:c3:92:cf:e3: 5b:64:43:48:e1:85:08:cd:fe:76:38:49:85:fc:2c: 0e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:1F:16:3D:F6:6E:42:F0:A9:97:65:9D:8F:68:FE:81:63:7D:04:5C X509v3 Authority Key Identifier: keyid:AC:E3:63:44:64:86:1B:D4:BF:8C:5B:C7:E3:C9:BF:D3:D2:46:A4:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rONjRGSGG9S_jFvH48m_09JGpN0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b0ef59-1842-4ca3-9865-067cc4426c28/1/rONjRGSGG9S_jFvH48m_09JGpN0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b0ef59-1842-4ca3-9865-067cc4426c28/1/rONjRGSGG9S_jFvH48m_09JGpN0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:21:f7:d6:58:0a:8b:7c:a4:f3:76:04:fc:e3:e6:24:ba:84: 46:d3:af:16:11:17:b3:4f:71:2f:41:ab:7b:45:17:35:38:f0: a8:d1:f2:5f:87:ed:88:b3:be:1e:d9:9e:58:54:8e:68:5c:0b: fe:10:ce:58:cb:97:9d:62:e9:c6:5f:f0:d4:08:5a:ec:54:34: de:64:a7:4c:92:d4:58:72:0d:9a:0a:f9:f1:99:b6:38:35:44: 69:81:32:04:cb:b0:fe:46:d2:48:83:b1:de:05:60:d5:bf:1f: d1:63:0a:25:da:2b:64:22:1f:da:9e:40:d7:2a:8c:81:11:5f: ba:80:fe:30:21:e2:05:3d:b4:ca:64:e0:fb:36:8f:19:a0:2d: 2e:bf:d3:38:10:61:36:c2:f0:2d:e6:27:3d:10:a5:c1:ed:3a: e0:87:20:e8:e2:4c:93:53:86:97:0a:c9:59:3b:c6:ff:05:32: e4:1e:81:e8:ae:fb:5c:95:9f:36:ad:52:2e:63:41:4f:66:b2: 04:91:55:99:12:4b:e6:20:c5:c7:96:f8:10:19:d1:97:da:68: 60:7c:f2:d7:66:a3:2a:df:65:a8:ea:b1:2e:5f:d0:e2:11:1b: ff:b3:fc:38:2c:b9:e7:f2:ec:3e:93:ec:6f:14:66:eb:36:96: ee:0d:5f:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPN6wMy53lpBPTPwzW3Wo3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjZTM2MzQ0NjQ4NjFiZDRiZjhjNWJjN2UzYzliZmQzZDI0 NmE0ZGQwHhcNMjUxMjExMjEwMTA1WhcNMjUxMjEyMjEwMTA1WjAzMTEwLwYDVQQD EygwZDFmMTYzZGY2NmU0MmYwYTk5NzY1OWQ4ZjY4ZmU4MTYzN2QwNDVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CCrHlBkJ8HBuc0nl8ruqASyqq1R 5KW7aEgfnwf84JwucRlbisDBJmXR8QxqVMV/mCpDl70N6l5+neTVGFBgMdM/G+XR +CaV/NGf2OPHWaTQ90IYbkEXL8DtJfwC+e7WAsGZftEhFEnHdBzxvAiLYowiKcj8 fI/MjkSLa00N1ISXfEgrI8NdI/tGsGa4uCFBqc5O4nmJdce28Ozdk84fn0VnhwtY h7HBiWQQm2LN4GziB8F32Qi2d5iW5g1wCu6Um7PTcyzYl1A5Kq/9Ffu1WezIqxF1 H407Dh8yVU7Xv1dlFhLKWcLZG8BieMOSz+NbZENI4YUIzf52OEmF/CwOdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA0fFj32bkLwqZdlnY9o/oFjfQRcMB8GA1UdIwQY MBaAFKzjY0RkhhvUv4xbx+PJv9PSRqTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvck9OalJHU0dHOVNfakZ2SDQ4bV8wOUpHcE4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMGVmNTktMTg0Mi00Y2EzLTk4NjUt MDY3Y2M0NDI2YzI4LzEvck9OalJHU0dHOVNfakZ2SDQ4bV8wOUpHcE4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9iMGVmNTktMTg0Mi00Y2EzLTk4NjUtMDY3Y2M0NDI2YzI4 LzEvck9OalJHU0dHOVNfakZ2SDQ4bV8wOUpHcE4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOSH31lgK i3yk83YE/OPmJLqERtOvFhEXs09xL0Gre0UXNTjwqNHyX4ftiLO+HtmeWFSOaFwL /hDOWMuXnWLpxl/w1Aha7FQ03mSnTJLUWHINmgr58Zm2ODVEaYEyBMuw/kbSSIOx 3gVg1b8f0WMKJdorZCIf2p5A1yqMgRFfuoD+MCHiBT20ymTg+zaPGaAtLr/TOBBh NsLwLeYnPRClwe064Icg6OJMk1OGlwrJWTvG/wUy5B6B6K77XJWfNq1SLmNBT2ay BJFVmRJL5iDFx5b4EBnRl9poYHzy12ajKt9lqOqxLl/Q4hEb/7P8OCy55/LsPpPs bxRm6zaW7g1fsQ== -----END CERTIFICATE-----Generated at Fri Dec 12 02:45:25 2025 by rpki-client