This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft File: VXe0uHq4aspXflbjjVuKWBPMzD0.mft (raw, json) Hash identifier: rF2Zc2KILcKEwoL+UJ+NKlJJpadH/K8mrKGUbvOxzzA= Subject key identifier: 71:78:EA:FD:F4:12:7A:3B:64:83:20:56:7D:41:AC:89:C6:9A:D6:93 Authority key identifier: 55:77:B4:B8:7A:B8:6A:CA:57:7E:56:E3:8D:5B:8A:58:13:CC:CC:3D Certificate issuer: /CN=5577b4b87ab86aca577e56e38d5b8a5813cccc3d Certificate serial: 019B5AF6A976EAB4D9403F7D60B739794CED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft Manifest number: 12CA Signing time: Fri 26 Dec 2025 14:01:13 +0000 Manifest this update: Fri 26 Dec 2025 14:01:13 +0000 Manifest next update: Sat 27 Dec 2025 14:01:13 +0000 Files and hashes: 1: P9bs-w5DkWpu1aBuTV3PHAzvH6Q.roa (hash: oAepJ4+j0gmtz7XxqoB+yGPsz6tmKuFLhq6h9fcVyTY=) 2: VXe0uHq4aspXflbjjVuKWBPMzD0.crl (hash: 79HnZvmSJZQ8ett43YrFP1QYzNudgomweQLFy5DOAZg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.crl rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:a9:76:ea:b4:d9:40:3f:7d:60:b7:39:79:4c:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5577b4b87ab86aca577e56e38d5b8a5813cccc3d Validity Not Before: Dec 26 14:01:13 2025 GMT Not After : Dec 27 14:01:13 2025 GMT Subject: CN=7178eafdf4127a3b648320567d41ac89c69ad693 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0e:26:d0:70:57:78:60:11:69:d1:23:7e:60: 89:fb:84:30:a9:13:73:fa:25:bc:96:2b:16:94:95: 8f:96:90:af:d5:18:40:d0:6d:4f:70:ce:9a:c2:09: 15:4f:b9:37:3a:c3:46:b5:d1:b0:0c:49:12:33:2f: 66:8f:6c:88:0c:7e:a3:be:72:7d:f6:52:56:49:47: c9:97:91:d0:4d:11:89:61:10:0b:29:e1:44:a2:e7: ed:cb:55:38:6d:5c:e1:a7:21:2d:31:c9:1f:40:56: 9d:2b:57:c5:90:e1:eb:a5:92:3a:7a:ae:89:0c:97: 44:36:f0:a1:05:76:9c:29:c7:13:56:9d:85:ec:e0: 40:b4:b6:41:4b:45:ac:32:3f:d0:78:13:ae:9a:c4: 81:88:c0:94:82:24:b3:1d:a2:12:f1:ca:60:f2:13: 0c:05:f0:09:63:87:a6:8e:37:08:6d:1a:96:bd:ed: 8d:98:de:cd:c5:23:52:2b:cd:c0:cb:eb:bd:d5:67: be:2c:0b:5d:6e:bd:c0:99:78:e2:84:74:9e:af:e6: 12:c7:62:8e:00:72:a8:b2:05:92:6e:f6:4e:d3:1d: f9:de:d1:82:e2:3e:2d:0e:8a:07:8f:dd:46:57:b6: 42:f8:ec:86:b9:bc:4f:d6:0e:b6:ba:15:6a:52:0b: 9d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:78:EA:FD:F4:12:7A:3B:64:83:20:56:7D:41:AC:89:C6:9A:D6:93 X509v3 Authority Key Identifier: keyid:55:77:B4:B8:7A:B8:6A:CA:57:7E:56:E3:8D:5B:8A:58:13:CC:CC:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:08:70:7c:ae:a4:d7:e7:4f:39:cd:b0:1f:64:10:3b:9a:b1: 9e:49:cd:3d:87:96:13:f1:85:ef:5a:f0:35:4e:7e:11:6a:40: e5:da:7f:04:08:e1:00:3a:0f:04:55:f1:5b:eb:ac:3d:dd:0f: c0:28:29:50:35:f3:ec:77:b4:29:a5:5f:fb:86:37:72:83:36: 6b:fd:d6:0c:fc:93:03:53:b3:29:6d:e3:49:d6:b4:69:52:a9: 9c:6a:ad:19:2a:34:70:2e:9a:d2:a4:aa:4c:dd:85:00:cb:ec: 02:ed:cf:48:de:45:5e:b0:4a:94:fd:59:11:86:5b:f1:f2:21: 8c:5f:b4:6b:78:89:e1:52:23:6c:b2:46:a9:b3:c2:41:07:cd: 3f:b2:98:80:c8:8d:e8:b0:e0:ee:5c:eb:5f:71:d1:71:95:94: bc:a5:cd:46:78:2a:d5:8d:da:f9:e1:90:10:e1:7f:1f:29:47: db:37:1a:fd:69:35:f5:da:72:98:3c:88:73:8b:20:8c:04:04: fe:db:90:5b:c0:90:ea:ac:c8:62:4f:d4:14:fa:89:da:14:30: 72:f7:17:19:64:88:e5:d5:fb:1d:82:78:04:b5:a2:ac:b2:c0: aa:88:ea:38:54:d1:45:44:ec:31:b3:33:c0:f1:0e:0b:bc:40: 1d:dc:48:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9ql26rTZQD99YLc5eUztMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU1NzdiNGI4N2FiODZhY2E1NzdlNTZlMzhkNWI4YTU4MTNj Y2NjM2QwHhcNMjUxMjI2MTQwMTEzWhcNMjUxMjI3MTQwMTEzWjAzMTEwLwYDVQQD Eyg3MTc4ZWFmZGY0MTI3YTNiNjQ4MzIwNTY3ZDQxYWM4OWM2OWFkNjkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg4m0HBXeGARadEjfmCJ+4QwqRNz +iW8lisWlJWPlpCv1RhA0G1PcM6awgkVT7k3OsNGtdGwDEkSMy9mj2yIDH6jvnJ9 9lJWSUfJl5HQTRGJYRALKeFEoufty1U4bVzhpyEtMckfQFadK1fFkOHrpZI6eq6J DJdENvChBXacKccTVp2F7OBAtLZBS0WsMj/QeBOumsSBiMCUgiSzHaIS8cpg8hMM BfAJY4emjjcIbRqWve2NmN7NxSNSK83Ay+u91We+LAtdbr3AmXjihHSer+YSx2KO AHKosgWSbvZO0x353tGC4j4tDooHj91GV7ZC+OyGubxP1g62uhVqUgudMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHF46v30Eno7ZIMgVn1BrInGmtaTMB8GA1UdIwQY MBaAFFV3tLh6uGrKV35W441bilgTzMw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kMTU4ZTEtNTEyYi00NDg2LWFmODct YjQ5MGE2ZDZiZTI1LzEvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My9kMTU4ZTEtNTEyYi00NDg2LWFmODctYjQ5MGE2ZDZiZTI1 LzEvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQAhwfK6k 1+dPOc2wH2QQO5qxnknNPYeWE/GF71rwNU5+EWpA5dp/BAjhADoPBFXxW+usPd0P wCgpUDXz7He0KaVf+4Y3coM2a/3WDPyTA1OzKW3jSda0aVKpnGqtGSo0cC6a0qSq TN2FAMvsAu3PSN5FXrBKlP1ZEYZb8fIhjF+0a3iJ4VIjbLJGqbPCQQfNP7KYgMiN 6LDg7lzrX3HRcZWUvKXNRngq1Y3a+eGQEOF/HylH2zca/Wk19dpymDyIc4sgjAQE /tuQW8CQ6qzIYk/UFPqJ2hQwcvcXGWSI5dX7HYJ4BLWirLLAqojqOFTRRUTsMbMz wPEOC7xAHdxIsA== -----END CERTIFICATE-----Generated at Fri Dec 26 17:43:29 2025 by rpki-client