This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft File: 70AaUuP95plIbplnjb9Ih1Mpwz0.mft (raw, json) Hash identifier: eRgH0Y/8EOcri7/Bceywi1y815F0ghgNZZwmHOSdhZc= Subject key identifier: 36:FA:28:6B:21:99:04:07:94:5A:07:D8:D7:33:9F:19:BC:2C:9B:2A Authority key identifier: EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D Certificate issuer: /CN=ef401a52e3fde699486e99678dbf48875329c33d Certificate serial: 019B38A1884B26E82E983FA075487A7C7866 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft Manifest number: 0EF1 Signing time: Fri 19 Dec 2025 22:01:08 +0000 Manifest this update: Fri 19 Dec 2025 22:01:08 +0000 Manifest next update: Sat 20 Dec 2025 22:01:08 +0000 Files and hashes: 1: 70AaUuP95plIbplnjb9Ih1Mpwz0.crl (hash: EUy7dXDZZko30YyjHknx72ZxPXAcDQcezSxltgj3rC4=) 2: S4KhO_-8xzMvt1B6k_-GK_XNTGs.roa (hash: 298ot3rN9ux+k96S6A3kz+LkCwnTR/d/qtOX4jSeeqQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:88:4b:26:e8:2e:98:3f:a0:75:48:7a:7c:78:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ef401a52e3fde699486e99678dbf48875329c33d Validity Not Before: Dec 19 22:01:08 2025 GMT Not After : Dec 20 22:01:08 2025 GMT Subject: CN=36fa286b21990407945a07d8d7339f19bc2c9b2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:77:af:bf:e7:79:93:bf:2b:2b:93:59:77:52: bb:03:36:97:08:92:75:57:74:f0:bb:15:b9:22:ed: d6:8d:bf:30:92:2a:bc:d8:f8:cc:77:02:00:21:6b: fa:65:df:72:2b:bc:5a:40:b3:f2:63:d7:fd:3a:f0: 4a:f6:e5:27:e0:4c:56:08:2c:dc:8d:52:8f:39:a8: 40:08:3a:78:3a:10:74:19:15:58:a6:93:95:ba:f7: 43:f6:32:db:ae:a2:86:5d:1f:ec:20:ed:8f:bd:ee: 01:9e:cc:a8:84:65:22:64:b4:03:c8:3c:c0:37:f1: 58:4d:5e:0c:35:b5:2b:0b:d4:c0:6c:d0:78:3b:9a: 03:74:3e:b9:0a:0a:b0:37:0c:bc:a1:a0:dd:e8:61: b5:1d:4e:45:6b:33:c5:e8:4d:06:5d:d2:5f:71:75: c9:4a:96:2f:4f:21:57:ce:7d:dc:99:24:24:f6:9e: 79:52:70:b2:ef:0f:a1:e5:4a:56:0c:b1:31:09:16: 14:9a:c9:a6:2d:9c:60:48:b0:b4:42:ff:7a:0d:05: c6:ef:de:c3:95:0b:9f:cb:e0:e2:da:67:92:f3:13: 8a:59:5b:c4:c6:a0:2d:54:20:9b:82:76:9e:d0:52: c8:0c:46:f0:e8:b8:da:e1:6f:3b:48:7e:f3:71:5a: de:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:FA:28:6B:21:99:04:07:94:5A:07:D8:D7:33:9F:19:BC:2C:9B:2A X509v3 Authority Key Identifier: keyid:EF:40:1A:52:E3:FD:E6:99:48:6E:99:67:8D:BF:48:87:53:29:C3:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70AaUuP95plIbplnjb9Ih1Mpwz0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/25238c-8eee-4403-9104-9ca947aa665a/1/70AaUuP95plIbplnjb9Ih1Mpwz0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:8b:cc:12:5c:79:cc:78:bf:f2:34:85:91:bd:bb:76:42:d3: b5:ab:45:5e:2f:cb:3d:2e:0c:f9:0d:2f:db:31:a0:82:f9:5c: 81:9e:71:a0:98:71:40:07:ae:ef:17:18:ab:82:2d:c4:c7:14: ff:f6:88:ea:b2:c1:0b:7d:64:4e:7a:5b:4a:85:cc:99:75:5f: 81:e5:4b:82:02:85:b8:58:a4:64:88:cd:59:29:a5:36:de:39: 6d:13:3d:17:11:b2:51:0b:34:0a:e6:28:78:fc:5e:71:71:57: 18:7b:bc:10:43:be:83:37:d3:4c:be:81:59:4f:31:ce:07:05: 59:c1:05:5c:4d:e2:27:01:ed:8f:21:d6:fd:c8:a6:bb:10:ec: 83:93:9e:5d:59:7b:3f:e7:2c:1e:a8:73:a7:01:56:41:01:62: c2:b9:00:17:6d:e0:d7:00:95:0b:47:68:93:e9:ff:4b:e9:3b: a6:f5:a0:64:40:f2:25:1a:5d:93:ab:72:5e:91:d9:7b:63:9a: d2:de:18:84:3e:fe:a3:fd:6a:b2:06:6c:48:93:0b:dc:49:19: 4c:0d:0a:60:0d:0e:a7:d9:41:03:37:32:de:c5:7a:57:0d:e8: 84:6b:51:26:16:9f:2d:30:33:8e:1e:ae:94:34:d5:d3:88:7b: 85:ef:59:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oYhLJugumD+gdUh6fHhmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVmNDAxYTUyZTNmZGU2OTk0ODZlOTk2NzhkYmY0ODg3NTMy OWMzM2QwHhcNMjUxMjE5MjIwMTA4WhcNMjUxMjIwMjIwMTA4WjAzMTEwLwYDVQQD EygzNmZhMjg2YjIxOTkwNDA3OTQ1YTA3ZDhkNzMzOWYxOWJjMmM5YjJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnevv+d5k78rK5NZd1K7AzaXCJJ1 V3TwuxW5Iu3Wjb8wkiq82PjMdwIAIWv6Zd9yK7xaQLPyY9f9OvBK9uUn4ExWCCzc jVKPOahACDp4OhB0GRVYppOVuvdD9jLbrqKGXR/sIO2Pve4BnsyohGUiZLQDyDzA N/FYTV4MNbUrC9TAbNB4O5oDdD65CgqwNwy8oaDd6GG1HU5FazPF6E0GXdJfcXXJ SpYvTyFXzn3cmSQk9p55UnCy7w+h5UpWDLExCRYUmsmmLZxgSLC0Qv96DQXG797D lQufy+Di2meS8xOKWVvExqAtVCCbgnae0FLIDEbw6Lja4W87SH7zcVrebwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDb6KGshmQQHlFoH2Ncznxm8LJsqMB8GA1UdIwQY MBaAFO9AGlLj/eaZSG6ZZ42/SIdTKcM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQt OWNhOTQ3YWE2NjVhLzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8yNTIzOGMtOGVlZS00NDAzLTkxMDQtOWNhOTQ3YWE2NjVh LzEvNzBBYVV1UDk1cGxJYnBsbmpiOUloMU1wd3owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4vMElx5 zHi/8jSFkb27dkLTtatFXi/LPS4M+Q0v2zGggvlcgZ5xoJhxQAeu7xcYq4ItxMcU //aI6rLBC31kTnpbSoXMmXVfgeVLggKFuFikZIjNWSmlNt45bRM9FxGyUQs0CuYo ePxecXFXGHu8EEO+gzfTTL6BWU8xzgcFWcEFXE3iJwHtjyHW/cimuxDsg5OeXVl7 P+csHqhzpwFWQQFiwrkAF23g1wCVC0dok+n/S+k7pvWgZEDyJRpdk6tyXpHZe2Oa 0t4YhD7+o/1qsgZsSJML3EkZTA0KYA0Op9lBAzcy3sV6Vw3ohGtRJhafLTAzjh6u lDTV04h7he9Zow== -----END CERTIFICATE-----Generated at Fri Dec 19 23:50:20 2025 by rpki-client