This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/P7eM0aMQyZ1jdxQOUoqj5uDcq58.mft File: P7eM0aMQyZ1jdxQOUoqj5uDcq58.mft (raw, json) Hash identifier: 3jAhvttaKhUgr0kwWk8mamHAV36473wcZiJaaQ+6EjU= Subject key identifier: B7:AB:38:DC:D9:EA:4F:85:09:27:B4:C0:90:43:9C:16:0E:44:77:BA Authority key identifier: 3F:B7:8C:D1:A3:10:C9:9D:63:77:14:0E:52:8A:A3:E6:E0:DC:AB:9F Certificate issuer: /CN=3fb78cd1a310c99d6377140e528aa3e6e0dcab9f Certificate serial: 019B33B25BCB53B19FD20EF13B4063734B86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P7eM0aMQyZ1jdxQOUoqj5uDcq58.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/P7eM0aMQyZ1jdxQOUoqj5uDcq58.mft Manifest number: 02B9 Signing time: Thu 18 Dec 2025 23:01:25 +0000 Manifest this update: Thu 18 Dec 2025 23:01:25 +0000 Manifest next update: Fri 19 Dec 2025 23:01:25 +0000 Files and hashes: 1: P7eM0aMQyZ1jdxQOUoqj5uDcq58.crl (hash: YPFeKF32byMm07WBET/NEA6bQJThAl9vhdSSU2UsQC0=) 2: tO945n8IOH4m4HY-IByza0kUANU.roa (hash: 1Y70k1PM1fySvFZtbmtzuB2FgWQvwNTM4axab3kjR2A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/P7eM0aMQyZ1jdxQOUoqj5uDcq58.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/P7eM0aMQyZ1jdxQOUoqj5uDcq58.mft rsync://rpki.ripe.net/repository/DEFAULT/P7eM0aMQyZ1jdxQOUoqj5uDcq58.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b2:5b:cb:53:b1:9f:d2:0e:f1:3b:40:63:73:4b:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fb78cd1a310c99d6377140e528aa3e6e0dcab9f Validity Not Before: Dec 18 23:01:25 2025 GMT Not After : Dec 19 23:01:25 2025 GMT Subject: CN=b7ab38dcd9ea4f850927b4c090439c160e4477ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:8a:b9:16:69:a4:f0:86:2e:59:cf:29:4a:7f: 03:84:73:42:a3:18:56:f7:b0:6e:85:d2:2c:fc:0c: 7a:75:2c:e0:8e:e4:a1:29:f0:80:1c:fc:ea:50:57: e0:88:0d:ca:0a:9a:2c:b8:cb:0a:89:b1:e7:1b:ed: 7d:83:d5:f4:8a:c6:fe:48:df:a5:8e:31:a2:53:f1: fb:1a:81:db:32:f3:e9:f9:eb:f0:fd:64:91:d4:d9: 73:a4:e5:e9:fc:29:10:a4:f5:52:3d:9a:c0:5e:b9: 72:19:fb:ca:11:28:87:fb:9d:31:2a:54:56:4b:cc: 69:91:6e:dd:f3:28:38:81:a0:16:45:2f:c1:64:3d: 86:61:f0:56:74:23:83:1c:21:56:47:06:8c:ad:22: 1f:e1:52:4f:28:b2:2b:66:03:10:75:c0:5d:ad:d0: 6d:a4:45:ff:74:93:d3:83:57:d2:31:df:1d:ba:c4: 4f:82:6b:a9:86:0a:8a:50:0b:aa:db:2f:6f:52:ec: 2a:e3:6e:15:4e:d2:28:36:c2:4f:18:76:ca:02:f4: 79:cc:92:e0:1d:31:e3:d7:fd:10:9c:1a:4c:e0:19: 7b:82:75:ca:5f:eb:82:42:5c:7b:8a:79:9a:bd:62: 6e:33:e5:ce:f3:c9:69:71:3c:06:a0:a8:50:bf:24: 9d:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:AB:38:DC:D9:EA:4F:85:09:27:B4:C0:90:43:9C:16:0E:44:77:BA X509v3 Authority Key Identifier: keyid:3F:B7:8C:D1:A3:10:C9:9D:63:77:14:0E:52:8A:A3:E6:E0:DC:AB:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P7eM0aMQyZ1jdxQOUoqj5uDcq58.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/P7eM0aMQyZ1jdxQOUoqj5uDcq58.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/323c3f-aab3-4684-81c7-c5815118e52f/1/P7eM0aMQyZ1jdxQOUoqj5uDcq58.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:53:e6:0a:87:f7:71:bc:2b:d0:dc:b6:64:f3:11:09:63:b3: cc:44:52:0b:e1:62:66:82:d7:d6:92:8f:76:0f:3a:44:d8:df: 4c:aa:bb:88:57:fb:c3:0e:75:df:4c:b5:6f:b6:9d:b7:fe:9c: 42:2b:1d:95:f0:d8:c5:2c:42:0e:76:4c:05:5b:a3:f6:bd:9e: 6b:b4:0e:01:20:7c:28:1c:c9:88:08:41:28:16:28:09:71:d8: 99:a4:7c:d6:92:5e:83:ca:89:d4:40:9e:e1:8b:5a:40:2d:92: 69:3c:00:04:a8:94:1f:c4:15:5e:30:49:4e:e7:1b:c3:9d:08: 2d:5c:ad:12:74:39:95:d5:48:9f:0d:96:d2:d0:cd:11:da:e0: e8:10:00:0a:6f:9c:db:77:89:2e:4a:bb:3e:11:84:05:f6:da: a6:ea:50:85:76:3c:df:2b:7a:a6:04:32:ea:d9:f1:fb:09:e8: 45:f2:a4:7e:29:2f:d4:27:da:e9:6d:5c:19:6d:82:8c:15:4f: 27:e4:ba:8f:e2:8f:e5:18:7c:b1:7e:bb:1e:09:b6:fc:e4:88: 49:bd:a1:96:e5:cd:b6:ce:f7:53:f3:9b:8d:60:5e:48:cf:77: 16:aa:79:25:18:e6:e7:94:4e:a3:c0:0e:ef:fc:9c:49:8f:f8: 97:ba:26:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszslvLU7Gf0g7xO0Bjc0uGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmYjc4Y2QxYTMxMGM5OWQ2Mzc3MTQwZTUyOGFhM2U2ZTBk Y2FiOWYwHhcNMjUxMjE4MjMwMTI1WhcNMjUxMjE5MjMwMTI1WjAzMTEwLwYDVQQD EyhiN2FiMzhkY2Q5ZWE0Zjg1MDkyN2I0YzA5MDQzOWMxNjBlNDQ3N2JhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYq5Fmmk8IYuWc8pSn8DhHNCoxhW 97BuhdIs/Ax6dSzgjuShKfCAHPzqUFfgiA3KCposuMsKibHnG+19g9X0isb+SN+l jjGiU/H7GoHbMvPp+evw/WSR1NlzpOXp/CkQpPVSPZrAXrlyGfvKESiH+50xKlRW S8xpkW7d8yg4gaAWRS/BZD2GYfBWdCODHCFWRwaMrSIf4VJPKLIrZgMQdcBdrdBt pEX/dJPTg1fSMd8dusRPgmuphgqKUAuq2y9vUuwq424VTtIoNsJPGHbKAvR5zJLg HTHj1/0QnBpM4Bl7gnXKX+uCQlx7inmavWJuM+XO88lpcTwGoKhQvySdkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLerONzZ6k+FCSe0wJBDnBYORHe6MB8GA1UdIwQY MBaAFD+3jNGjEMmdY3cUDlKKo+bg3KufMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDdlTTBhTVF5WjFqZHhRT1VvcWo1dURjcTU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMjNjM2YtYWFiMy00Njg0LTgxYzct YzU4MTUxMThlNTJmLzEvUDdlTTBhTVF5WjFqZHhRT1VvcWo1dURjcTU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8zMjNjM2YtYWFiMy00Njg0LTgxYzctYzU4MTUxMThlNTJm LzEvUDdlTTBhTVF5WjFqZHhRT1VvcWo1dURjcTU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI1PmCof3 cbwr0Ny2ZPMRCWOzzERSC+FiZoLX1pKPdg86RNjfTKq7iFf7ww5130y1b7adt/6c QisdlfDYxSxCDnZMBVuj9r2ea7QOASB8KBzJiAhBKBYoCXHYmaR81pJeg8qJ1ECe 4YtaQC2SaTwABKiUH8QVXjBJTucbw50ILVytEnQ5ldVInw2W0tDNEdrg6BAACm+c 23eJLkq7PhGEBfbapupQhXY83yt6pgQy6tnx+wnoRfKkfikv1Cfa6W1cGW2CjBVP J+S6j+KP5Rh8sX67Hgm2/OSISb2hluXNts73U/ObjWBeSM93Fqp5JRjm55ROo8AO 7/ycSY/4l7ompw== -----END CERTIFICATE-----Generated at Fri Dec 19 02:33:27 2025 by rpki-client