This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft File: 6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft (raw, json) Hash identifier: fEwU1+32+6iJAz9S5KG+0e6yMmPCzSlRFuruZhymc1c= Subject key identifier: 3E:73:1B:37:F2:72:80:07:A1:8B:D5:BC:6B:B0:8F:E7:1D:F2:FB:8D Authority key identifier: EA:1E:CF:AD:FA:FD:4F:E1:4C:BD:C2:21:B9:15:9E:E9:61:8E:FE:89 Certificate issuer: /CN=ea1ecfadfafd4fe14cbdc221b9159ee9618efe89 Certificate serial: 019B59E3A0D259022C380E731B9347206FFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6h7Prfr9T-FMvcIhuRWe6WGO_ok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft Manifest number: 011F Signing time: Fri 26 Dec 2025 09:00:48 +0000 Manifest this update: Fri 26 Dec 2025 09:00:48 +0000 Manifest next update: Sat 27 Dec 2025 09:00:48 +0000 Files and hashes: 1: 6h7Prfr9T-FMvcIhuRWe6WGO_ok.crl (hash: 0iTYbhk1DVlRlYptTGFV2jrDqRygPA20+eZwk2UWTMQ=) 2: pqo0TVIkWRzSNUY9ZM-DKBIuqHI.roa (hash: LE3ROsTHxCh32pw3rOkJiWiuchaEH2tULrKqdyCWHwI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.crl rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft rsync://rpki.ripe.net/repository/DEFAULT/6h7Prfr9T-FMvcIhuRWe6WGO_ok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:a0:d2:59:02:2c:38:0e:73:1b:93:47:20:6f:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ea1ecfadfafd4fe14cbdc221b9159ee9618efe89 Validity Not Before: Dec 26 09:00:48 2025 GMT Not After : Dec 27 09:00:48 2025 GMT Subject: CN=3e731b37f2728007a18bd5bc6bb08fe71df2fb8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6a:01:1b:9e:41:c5:d8:cc:ab:f9:1a:0e:58: 95:69:3e:f2:31:93:05:14:ba:ec:6f:0e:2f:88:cf: c3:ba:e6:83:9b:b4:33:76:a9:9d:3a:e4:bf:f5:8d: ac:4c:b7:46:56:a0:95:73:ae:17:9d:a7:e2:e1:71: e0:9e:86:f7:db:7b:45:cc:5f:78:c4:95:4e:8c:31: 5c:25:bd:de:0f:b4:05:18:b4:18:37:d7:69:ae:59: 9e:d1:0c:e1:dd:b5:94:57:cc:fd:a1:17:78:5b:9e: 8c:7a:54:30:fd:89:d7:9e:42:0f:8c:a2:20:5c:12: e3:08:65:a6:61:59:dc:c4:71:5b:6d:58:3c:1c:e9: ea:29:59:f2:06:0a:f4:22:cd:e1:c1:dc:d2:d7:5e: 37:94:94:0d:8d:8d:d0:e6:56:36:7e:67:be:c1:dc: f2:a6:6f:81:54:41:83:1b:e6:6a:ac:93:e9:86:b9: f2:80:e8:7d:ad:15:f6:31:78:de:37:27:74:d8:76: f2:00:a2:37:dc:99:92:2e:0e:0e:2d:33:46:9e:35: 08:8a:5b:53:08:94:73:25:45:9e:50:80:9c:c0:ac: 84:80:4c:9a:b5:07:a0:70:dc:ab:76:99:99:f9:c5: 1b:11:45:ae:ba:64:b0:85:c1:06:79:4c:24:9a:63: 73:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:73:1B:37:F2:72:80:07:A1:8B:D5:BC:6B:B0:8F:E7:1D:F2:FB:8D X509v3 Authority Key Identifier: keyid:EA:1E:CF:AD:FA:FD:4F:E1:4C:BD:C2:21:B9:15:9E:E9:61:8E:FE:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6h7Prfr9T-FMvcIhuRWe6WGO_ok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d4:93:5f:3e:f0:69:b7:d5:d6:0f:1a:88:a8:5e:9f:61:e0:d2: 9a:63:ce:78:db:2c:b7:c3:19:87:84:c0:4d:55:69:81:47:a4: 77:df:e6:fe:7e:a1:fd:f9:5e:91:50:c1:f9:76:a4:db:d9:dd: 0b:ee:54:a7:ce:3c:89:f0:df:e7:11:93:c2:6f:8d:fd:35:70: 2c:c5:fb:1e:cb:51:5a:00:4f:6d:38:79:d8:5e:29:cb:5e:1a: 76:ce:4a:fb:3d:3d:fe:4e:74:37:3f:50:fd:23:ae:03:7b:9c: a7:34:f3:73:7f:4b:03:70:f0:06:9b:a2:d1:5a:c6:90:44:4f: f8:f1:5c:44:29:b1:83:f5:a5:c1:96:58:94:b6:1a:ae:79:8c: 31:77:28:df:84:05:99:4b:79:b0:0a:dc:78:73:d8:64:23:23: f8:80:90:1b:fd:f5:4f:e1:75:c3:cc:57:96:1c:b6:f1:11:0c: c3:63:2b:13:13:1a:27:af:c0:d9:f2:4e:e2:67:44:1d:a3:c7: c1:5b:d7:2b:00:17:fa:d7:55:04:c1:01:9d:1a:72:2a:96:1b: 84:0d:83:eb:6b:81:7b:ad:96:90:1e:48:49:ce:0a:53:c7:57: 32:4b:e8:66:50:18:1f:ef:43:f6:6a:b5:de:0d:ce:f6:6d:b9: fe:c4:66:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ46DSWQIsOA5zG5NHIG/7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVhMWVjZmFkZmFmZDRmZTE0Y2JkYzIyMWI5MTU5ZWU5NjE4 ZWZlODkwHhcNMjUxMjI2MDkwMDQ4WhcNMjUxMjI3MDkwMDQ4WjAzMTEwLwYDVQQD EygzZTczMWIzN2YyNzI4MDA3YTE4YmQ1YmM2YmIwOGZlNzFkZjJmYjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2oBG55BxdjMq/kaDliVaT7yMZMF FLrsbw4viM/DuuaDm7QzdqmdOuS/9Y2sTLdGVqCVc64Xnafi4XHgnob323tFzF94 xJVOjDFcJb3eD7QFGLQYN9dprlme0Qzh3bWUV8z9oRd4W56MelQw/YnXnkIPjKIg XBLjCGWmYVncxHFbbVg8HOnqKVnyBgr0Is3hwdzS1143lJQNjY3Q5lY2fme+wdzy pm+BVEGDG+ZqrJPphrnygOh9rRX2MXjeNyd02HbyAKI33JmSLg4OLTNGnjUIiltT CJRzJUWeUICcwKyEgEyatQegcNyrdpmZ+cUbEUWuumSwhcEGeUwkmmNz9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD5zGzfycoAHoYvVvGuwj+cd8vuNMB8GA1UdIwQY MBaAFOoez636/U/hTL3CIbkVnulhjv6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNmg3UHJmcjlULUZNdmNJaHVSV2U2V0dPX29rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wMjFlYWEtMWNmMC00MWNiLWI5NWIt MTYyYTgyNzI5ZjczLzEvNmg3UHJmcjlULUZNdmNJaHVSV2U2V0dPX29rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8wMjFlYWEtMWNmMC00MWNiLWI5NWItMTYyYTgyNzI5Zjcz LzEvNmg3UHJmcjlULUZNdmNJaHVSV2U2V0dPX29rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1JNfPvBp t9XWDxqIqF6fYeDSmmPOeNsst8MZh4TATVVpgUekd9/m/n6h/flekVDB+Xak29nd C+5Up848ifDf5xGTwm+N/TVwLMX7HstRWgBPbTh52F4py14ads5K+z09/k50Nz9Q /SOuA3ucpzTzc39LA3DwBpui0VrGkERP+PFcRCmxg/WlwZZYlLYarnmMMXco34QF mUt5sArceHPYZCMj+ICQG/31T+F1w8xXlhy28REMw2MrExMaJ6/A2fJO4mdEHaPH wVvXKwAX+tdVBMEBnRpyKpYbhA2D62uBe62WkB5ISc4KU8dXMkvoZlAYH+9D9mq1 3g3O9m25/sRmkw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:24 2025 by rpki-client