This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft File: ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft (raw, json) Hash identifier: HKUyaeVMg2C/QJjDnaLBNvaAGxhu67mVciCqj+EWFsw= Subject key identifier: 32:E1:F0:F2:AB:7C:A5:1B:98:C6:7D:9D:D2:A7:F1:31:FB:D4:3E:E0 Authority key identifier: 11:2A:6A:26:0D:1E:67:E0:A7:B4:E6:DC:F4:03:FD:39:F6:DE:97:54 Certificate issuer: /CN=112a6a260d1e67e0a7b4e6dcf403fd39f6de9754 Certificate serial: 019B5ABFB5C4ACB0DF805F323E8036614D7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESpqJg0eZ-CntObc9AP9Ofbel1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft Manifest number: 066F Signing time: Fri 26 Dec 2025 13:01:11 +0000 Manifest this update: Fri 26 Dec 2025 13:01:11 +0000 Manifest next update: Sat 27 Dec 2025 13:01:11 +0000 Files and hashes: 1: 1-WsRdLTfdTsVKrL2CIRMmrgbopM.roa (hash: /fbcJU0cKGryVcZvtSX4RD7kNCeOfa1xibBR/Nj3P7Q=) 2: ESpqJg0eZ-CntObc9AP9Ofbel1Q.crl (hash: xRzpT/bySQbRiW0p+xP8Wc8H95t4YMEFg9e9i19Trn4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/ESpqJg0eZ-CntObc9AP9Ofbel1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:b5:c4:ac:b0:df:80:5f:32:3e:80:36:61:4d:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=112a6a260d1e67e0a7b4e6dcf403fd39f6de9754 Validity Not Before: Dec 26 13:01:11 2025 GMT Not After : Dec 27 13:01:11 2025 GMT Subject: CN=32e1f0f2ab7ca51b98c67d9dd2a7f131fbd43ee0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:d7:54:aa:06:dd:24:f4:b0:b2:13:fa:9f:fb: 5f:b6:f0:13:e3:c7:72:4c:69:0e:65:76:a5:f9:f6: 60:7c:30:f1:42:76:f4:70:3e:a5:eb:d3:97:65:a7: 42:b4:c2:7e:c5:de:79:e9:5e:67:5b:b4:2d:f1:35: 92:87:56:df:6d:89:95:f4:ba:e2:19:70:a8:f2:74: 9c:81:55:5a:f1:bc:a9:dd:13:84:99:01:a1:85:ee: 2f:30:84:3b:d9:78:c5:83:1e:db:18:74:64:e6:f6: a9:40:e4:10:8c:23:25:30:91:6e:51:1f:c6:eb:2b: 93:2f:40:ac:2a:96:6b:e8:22:b1:a8:f3:3c:dd:b2: 41:52:89:c3:9b:8e:47:f1:02:a3:fb:b5:80:53:5c: 37:7e:3a:1c:ca:34:51:aa:c0:86:06:79:07:0c:1b: 91:2a:4e:23:b6:b2:b6:c0:a1:70:00:5c:39:34:ee: dc:1a:c8:55:1f:42:0e:9a:5a:44:ba:c5:54:6b:c1: 8a:25:a0:bb:8c:ff:f0:6d:75:d7:e1:6d:50:1c:cc: 63:7b:6e:33:24:61:ed:93:80:f6:29:14:c9:79:09: 3b:18:26:26:ca:28:8f:86:17:38:f0:8a:a0:5c:d2: 99:e8:35:ee:26:e7:31:74:9f:8b:96:49:65:1a:90: 97:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:E1:F0:F2:AB:7C:A5:1B:98:C6:7D:9D:D2:A7:F1:31:FB:D4:3E:E0 X509v3 Authority Key Identifier: keyid:11:2A:6A:26:0D:1E:67:E0:A7:B4:E6:DC:F4:03:FD:39:F6:DE:97:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESpqJg0eZ-CntObc9AP9Ofbel1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/84faed-0cb5-4799-9447-a3988fc90d60/1/ESpqJg0eZ-CntObc9AP9Ofbel1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:07:11:41:52:dd:21:55:80:92:2a:9a:e8:1e:b2:ae:51:97: 2c:b4:9e:52:75:cc:2a:af:7c:41:7f:e6:84:0a:71:0c:bc:e2: 8c:02:a6:38:65:c6:26:c4:38:ff:6e:42:8a:1f:a6:76:47:43: 48:c6:c2:31:11:d7:6c:a7:16:e2:a2:af:9d:c0:b1:75:d1:cc: 7f:08:71:d6:69:44:d4:b2:21:a7:e6:08:87:53:61:9b:46:8a: 3e:9c:b3:b3:bf:02:30:74:da:88:5d:22:2e:2d:33:7b:89:85: d1:40:ee:52:ca:d9:f8:87:a5:fd:e7:74:a6:59:3a:04:3c:29: e9:c3:ca:8d:97:a0:95:2a:26:c7:e5:b4:9e:8c:83:00:95:ab: 70:41:b0:e9:b5:a2:95:55:b1:cd:f6:6f:64:51:82:9c:8d:d0: b2:8d:b8:53:6d:e2:ae:f3:fb:ac:4e:f0:ce:ac:3b:6c:e2:29: a8:41:ba:f6:a3:70:67:a5:48:ea:59:da:d6:fd:2e:8c:28:81: 3f:c2:09:a8:85:f7:fe:51:17:39:2d:9d:92:6c:08:0d:13:aa: 87:5f:75:c1:32:f4:50:f7:22:25:66:31:4c:9e:79:f8:c6:05: c1:97:92:b1:10:c5:d9:79:a1:e5:3c:a0:f3:e4:4a:1b:8a:58: 07:1c:91:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav7XErLDfgF8yPoA2YU19MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMmE2YTI2MGQxZTY3ZTBhN2I0ZTZkY2Y0MDNmZDM5ZjZk ZTk3NTQwHhcNMjUxMjI2MTMwMTExWhcNMjUxMjI3MTMwMTExWjAzMTEwLwYDVQQD EygzMmUxZjBmMmFiN2NhNTFiOThjNjdkOWRkMmE3ZjEzMWZiZDQzZWUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NdUqgbdJPSwshP6n/tftvAT48dy TGkOZXal+fZgfDDxQnb0cD6l69OXZadCtMJ+xd556V5nW7Qt8TWSh1bfbYmV9Lri GXCo8nScgVVa8byp3ROEmQGhhe4vMIQ72XjFgx7bGHRk5vapQOQQjCMlMJFuUR/G 6yuTL0CsKpZr6CKxqPM83bJBUonDm45H8QKj+7WAU1w3fjocyjRRqsCGBnkHDBuR Kk4jtrK2wKFwAFw5NO7cGshVH0IOmlpEusVUa8GKJaC7jP/wbXXX4W1QHMxje24z JGHtk4D2KRTJeQk7GCYmyiiPhhc48IqgXNKZ6DXuJucxdJ+LlkllGpCXYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDLh8PKrfKUbmMZ9ndKn8TH71D7gMB8GA1UdIwQY MBaAFBEqaiYNHmfgp7Tm3PQD/Tn23pdUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVNwcUpnMGVaLUNudE9iYzlBUDlPZmJlbDFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NGZhZWQtMGNiNS00Nzk5LTk0NDct YTM5ODhmYzkwZDYwLzEvRVNwcUpnMGVaLUNudE9iYzlBUDlPZmJlbDFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi84NGZhZWQtMGNiNS00Nzk5LTk0NDctYTM5ODhmYzkwZDYw LzEvRVNwcUpnMGVaLUNudE9iYzlBUDlPZmJlbDFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALwcRQVLd IVWAkiqa6B6yrlGXLLSeUnXMKq98QX/mhApxDLzijAKmOGXGJsQ4/25Cih+mdkdD SMbCMRHXbKcW4qKvncCxddHMfwhx1mlE1LIhp+YIh1Nhm0aKPpyzs78CMHTaiF0i Li0ze4mF0UDuUsrZ+Iel/ed0plk6BDwp6cPKjZeglSomx+W0noyDAJWrcEGw6bWi lVWxzfZvZFGCnI3Qso24U23irvP7rE7wzqw7bOIpqEG69qNwZ6VI6lna1v0ujCiB P8IJqIX3/lEXOS2dkmwIDROqh191wTL0UPciJWYxTJ55+MYFwZeSsRDF2Xmh5Tyg 8+RKG4pYBxyRCw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:07 2025 by rpki-client