This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/8332cb-fd4b-49d9-b0a1-89def0082e2a/1/cDbgTlO505Z8-dQY54tgu60HWDE.mft File: cDbgTlO505Z8-dQY54tgu60HWDE.mft (raw, json) Hash identifier: vyY52qDFAUUQJsLgYqvtfWmlqGR3H/6DuDHKSnzTWyo= Subject key identifier: 0F:7E:BC:24:07:49:5A:43:BB:9D:E6:7A:E1:BA:DF:04:F6:3B:22:BF Authority key identifier: 70:36:E0:4E:53:B9:D3:96:7C:F9:D4:18:E7:8B:60:BB:AD:07:58:31 Certificate issuer: /CN=7036e04e53b9d3967cf9d418e78b60bbad075831 Certificate serial: 019B59E4538BAFFDE838B877CDE67D78CB69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cDbgTlO505Z8-dQY54tgu60HWDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/8332cb-fd4b-49d9-b0a1-89def0082e2a/1/cDbgTlO505Z8-dQY54tgu60HWDE.mft Manifest number: 033A Signing time: Fri 26 Dec 2025 09:01:34 +0000 Manifest this update: Fri 26 Dec 2025 09:01:34 +0000 Manifest next update: Sat 27 Dec 2025 09:01:34 +0000 Files and hashes: 1: 79VsR-5nub7DUrhryJn99r0sSJE.roa (hash: PKoaa5fww3RYvMlarfjIhYGHHPB9uxMDQ5a1vOFmd9k=) 2: cDbgTlO505Z8-dQY54tgu60HWDE.crl (hash: vbXbZZsHBhP44uf0+tpiTFWcR4/U3TmBvduAL6X2Zjc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/8332cb-fd4b-49d9-b0a1-89def0082e2a/1/cDbgTlO505Z8-dQY54tgu60HWDE.crl rsync://rpki.ripe.net/repository/DEFAULT/38/8332cb-fd4b-49d9-b0a1-89def0082e2a/1/cDbgTlO505Z8-dQY54tgu60HWDE.mft rsync://rpki.ripe.net/repository/DEFAULT/cDbgTlO505Z8-dQY54tgu60HWDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:53:8b:af:fd:e8:38:b8:77:cd:e6:7d:78:cb:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7036e04e53b9d3967cf9d418e78b60bbad075831 Validity Not Before: Dec 26 09:01:34 2025 GMT Not After : Dec 27 09:01:34 2025 GMT Subject: CN=0f7ebc2407495a43bb9de67ae1badf04f63b22bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:19:c8:66:b8:36:f1:ab:07:e7:5d:69:e0:5a: b5:1b:21:30:58:1c:de:4f:0e:ad:b4:9d:b6:12:cf: 8a:85:68:ed:87:cc:63:98:d4:bf:10:2a:e6:f4:91: 98:0c:7a:56:6a:47:8c:52:7f:53:b3:f7:a5:76:26: 9b:58:53:ad:14:2f:ce:c5:7d:51:c2:6a:eb:58:fe: 98:ab:44:11:f2:76:29:f9:16:43:52:d9:84:56:da: 6b:3a:a9:75:03:9b:b1:61:06:1a:f1:20:92:03:a9: 99:c8:fb:b6:38:3e:f8:99:2f:ca:04:e9:41:05:92: 5e:47:d2:8f:5b:a8:18:ea:5d:e7:7f:a8:ef:c3:25: ff:3c:8c:f9:b8:93:65:ae:e7:f6:d9:22:4c:15:8f: 8e:b5:a1:ca:1c:68:54:3e:5a:64:97:b0:ab:16:57: 08:63:5d:01:f8:0b:72:57:35:f8:84:b1:48:42:75: 48:f2:29:55:9d:43:4e:f7:ee:3c:7c:71:91:1d:88: 9b:d5:91:b5:8f:be:15:5f:91:b1:cd:c4:34:69:05: 0b:ba:9f:a5:8c:82:82:e3:78:1a:86:1c:a6:ee:ed: f6:62:65:8a:a2:da:20:e1:7f:2d:84:82:06:9d:ab: ab:12:12:a5:6a:16:70:b9:74:f5:a7:c5:5d:a3:74: 38:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:7E:BC:24:07:49:5A:43:BB:9D:E6:7A:E1:BA:DF:04:F6:3B:22:BF X509v3 Authority Key Identifier: keyid:70:36:E0:4E:53:B9:D3:96:7C:F9:D4:18:E7:8B:60:BB:AD:07:58:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cDbgTlO505Z8-dQY54tgu60HWDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/8332cb-fd4b-49d9-b0a1-89def0082e2a/1/cDbgTlO505Z8-dQY54tgu60HWDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/8332cb-fd4b-49d9-b0a1-89def0082e2a/1/cDbgTlO505Z8-dQY54tgu60HWDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:72:c1:f9:0e:99:42:f5:55:65:70:6a:97:bd:87:03:a5:89: 5d:fd:c3:7f:e5:02:42:0a:24:7e:15:d1:8e:2c:9c:c8:67:0a: a9:b8:b7:51:8d:77:eb:f3:46:80:ce:5f:ef:b3:6b:67:fd:dc: ed:69:18:db:40:9d:ee:56:50:4e:e6:22:03:f8:a4:b0:e4:ca: 2b:2a:c2:bc:08:48:54:92:d7:d4:a5:a4:08:4c:cf:35:5e:05: 3f:4c:49:68:9c:df:f6:56:2d:64:c0:81:8e:1b:c9:5a:d1:f3: 72:04:ee:d8:dc:c2:66:98:5c:85:f6:18:15:e5:0c:a2:7d:29: 39:b1:3a:37:63:d9:06:8f:d9:99:4e:3d:6f:44:19:de:47:49: 99:7c:24:41:df:7f:00:a6:c7:d0:85:f1:db:6b:de:7b:14:1f: 82:e4:43:50:36:78:08:b1:ae:1b:99:1a:95:88:06:67:fc:e4: bb:a9:a6:d5:31:ee:4e:e2:08:65:98:9c:fa:8b:be:24:44:28: 6c:c9:9e:3b:98:5f:22:8c:16:54:f3:34:cf:55:4a:d8:31:45: 75:98:7d:c3:05:f0:00:e6:5a:6f:6b:21:38:6f:70:13:42:80: c0:51:e3:1e:3b:07:8e:b6:9d:f7:36:1c:9f:41:73:f6:ab:38: 4e:b4:20:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5FOLr/3oOLh3zeZ9eMtpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwMzZlMDRlNTNiOWQzOTY3Y2Y5ZDQxOGU3OGI2MGJiYWQw NzU4MzEwHhcNMjUxMjI2MDkwMTM0WhcNMjUxMjI3MDkwMTM0WjAzMTEwLwYDVQQD EygwZjdlYmMyNDA3NDk1YTQzYmI5ZGU2N2FlMWJhZGYwNGY2M2IyMmJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RnIZrg28asH511p4Fq1GyEwWBze Tw6ttJ22Es+KhWjth8xjmNS/ECrm9JGYDHpWakeMUn9Ts/eldiabWFOtFC/OxX1R wmrrWP6Yq0QR8nYp+RZDUtmEVtprOql1A5uxYQYa8SCSA6mZyPu2OD74mS/KBOlB BZJeR9KPW6gY6l3nf6jvwyX/PIz5uJNlruf22SJMFY+OtaHKHGhUPlpkl7CrFlcI Y10B+AtyVzX4hLFIQnVI8ilVnUNO9+48fHGRHYib1ZG1j74VX5GxzcQ0aQULup+l jIKC43gahhym7u32YmWKotog4X8thIIGnaurEhKlahZwuXT1p8Vdo3Q4jQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA9+vCQHSVpDu53meuG63wT2OyK/MB8GA1UdIwQY MBaAFHA24E5TudOWfPnUGOeLYLutB1gxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0RiZ1RsTzUwNVo4LWRRWTU0dGd1NjBIV0RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84MzMyY2ItZmQ0Yi00OWQ5LWIwYTEt ODlkZWYwMDgyZTJhLzEvY0RiZ1RsTzUwNVo4LWRRWTU0dGd1NjBIV0RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC84MzMyY2ItZmQ0Yi00OWQ5LWIwYTEtODlkZWYwMDgyZTJh LzEvY0RiZ1RsTzUwNVo4LWRRWTU0dGd1NjBIV0RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX3LB+Q6Z QvVVZXBql72HA6WJXf3Df+UCQgokfhXRjiycyGcKqbi3UY136/NGgM5f77NrZ/3c 7WkY20Cd7lZQTuYiA/iksOTKKyrCvAhIVJLX1KWkCEzPNV4FP0xJaJzf9lYtZMCB jhvJWtHzcgTu2NzCZphchfYYFeUMon0pObE6N2PZBo/ZmU49b0QZ3kdJmXwkQd9/ AKbH0IXx22veexQfguRDUDZ4CLGuG5kalYgGZ/zku6mm1THuTuIIZZic+ou+JEQo bMmeO5hfIowWVPM0z1VK2DFFdZh9wwXwAOZab2shOG9wE0KAwFHjHjsHjrad9zYc n0Fz9qs4TrQgfg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:20 2025 by rpki-client