This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft File: ruCNkzby5s0WXrcwKX_m0gyDw5o.mft (raw, json) Hash identifier: pcAef8sDD8QtfrW5vtMQQchVSj5756WOYCnUpecyagI= Subject key identifier: D3:FF:10:C5:5B:E3:17:A9:FC:43:80:83:57:F0:FD:E9:54:6C:DF:FF Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a Certificate serial: 019B206212886281039884990E4D864F969D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft Manifest number: 14C4 Signing time: Mon 15 Dec 2025 05:00:56 +0000 Manifest this update: Mon 15 Dec 2025 05:00:56 +0000 Manifest next update: Tue 16 Dec 2025 05:00:56 +0000 Files and hashes: 1: BS_uFjltIa2QdarHmlrjr-N1lfU.roa (hash: In6YLEFgpwciZfoYuJdlvQqiCYVNTfn1vSODPqF0a14=) 2: KyGy1yiZWdO5Baarc34FhluuX6o.roa (hash: PluDSAEvqHUwzzXaYjhHiEYtCeH5Nq3YEFQLeyKhxg0=) 3: MTuQql9Rh88BHIoSEfi0N5xULhQ.roa (hash: c4KaJbDb+YQM6dcx+R5wyGu53GnRsEWM+y0F8Wui/6Q=) 4: aPIQbORfDqMdRus3FUsayPmmxSc.roa (hash: Bjwo2XfxvG4dmeK0piMxmJc9w9b8pe3Sc6uuX95IjTw=) 5: aTlzb3K-mNhSWkbEKv29Xc3ITT0.roa (hash: Y8Xw4D+ihA3z60B6zW48nfEFoOcri17+Bm+/jPd3INc=) 6: kL_2gvtUAFUX3-zbMD5AfdbkkFc.roa (hash: i5sBmgPlAzgh1HcdG7lTgrd/mdbOcJciFVKfQ5U2fAw=) 7: ruCNkzby5s0WXrcwKX_m0gyDw5o.crl (hash: t8PMmKQnJ10mybemKWz8rIrwxuOtXG5IfyDr/MnVKQ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 05:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:62:12:88:62:81:03:98:84:99:0e:4d:86:4f:96:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a Validity Not Before: Dec 15 05:00:56 2025 GMT Not After : Dec 16 05:00:56 2025 GMT Subject: CN=d3ff10c55be317a9fc43808357f0fde9546cdfff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:03:b7:aa:54:1d:97:4e:3a:c3:26:e0:6a:90: bb:f3:ce:ec:fe:53:58:bf:3e:0f:ba:10:71:c6:b7: 59:76:91:f7:36:bb:a2:a2:cd:8d:1f:f0:72:0f:e8: 5e:17:79:c7:81:01:2a:f1:88:ee:cd:99:76:f1:3f: de:fe:e8:f7:86:c8:ad:c6:31:e7:9b:a4:c4:18:87: e0:f0:95:75:f1:3f:29:6d:b7:b8:95:3e:66:67:17: 9a:84:2d:e0:6c:56:d0:9c:36:90:55:7a:40:88:c6: 2b:b9:3b:41:ae:29:bb:6e:a2:69:ce:1e:0a:98:2a: cf:91:ad:6d:b6:dd:86:b6:df:7b:a9:5c:33:a9:8f: 83:d1:0e:45:cc:76:f1:a3:3a:b2:0c:43:7f:83:ab: 54:73:a0:8b:d7:66:c3:e6:37:d9:56:49:de:2e:2d: 5a:bf:7c:81:ae:dd:96:88:ac:8a:b5:24:f0:8b:3f: b2:19:bf:6e:ea:bc:8e:40:65:ee:b3:a6:1d:27:f0: 10:5c:09:d9:3c:4e:08:d4:0e:5a:be:b4:b0:43:11: 53:2e:d3:62:80:2f:d4:01:f4:fa:1f:5d:72:3d:03: c5:c8:ef:ed:7f:77:57:ed:71:de:1e:7a:01:ec:85: 4e:e0:c1:27:84:b6:d2:73:72:ca:45:8c:1b:32:69: 46:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:FF:10:C5:5B:E3:17:A9:FC:43:80:83:57:F0:FD:E9:54:6C:DF:FF X509v3 Authority Key Identifier: keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:ee:57:5a:18:cb:e0:62:95:21:ee:60:de:79:95:9f:5c:d9: cc:3f:e4:8f:f4:59:db:94:9d:a4:33:d1:78:56:a6:7b:9a:07: 0c:b4:c0:12:82:89:bd:a4:4d:3f:81:88:c6:20:55:c2:ea:f2: b4:57:b6:dd:e9:9f:ef:2e:14:05:64:3a:c8:57:2b:7e:17:12: 6a:b1:6d:91:9c:48:f4:1e:a8:8b:c0:16:3e:fb:b0:e4:61:03: 62:00:5c:dd:93:7d:53:bf:1a:6c:a2:18:94:41:d6:c5:43:83: 54:89:22:14:57:30:a2:96:98:5e:ef:13:f4:3b:9a:0d:28:26: d7:bf:54:66:19:b4:7a:81:a8:69:8b:ed:22:3f:3a:b4:d7:e4: 2f:7f:c2:95:7b:29:0a:7b:4d:54:38:27:1d:43:73:ea:af:88: 32:aa:c2:1d:88:54:ac:48:d6:ad:6b:73:a0:26:b9:8a:ee:73: 43:ac:f2:86:02:7e:87:26:e2:47:59:88:67:a6:a8:03:32:d2: 72:75:cb:d2:09:e2:b2:4b:27:ca:fc:d9:fc:69:bd:f4:27:d3: 45:2d:f2:14:9a:ba:03:28:84:fa:7f:1a:ab:73:f0:58:81:0e: d5:a2:05:21:9c:35:b0:20:d4:10:fd:c9:d1:99:d4:01:94:d2: 17:b4:1a:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgYhKIYoEDmISZDk2GT5adMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4 M2MzOWEwHhcNMjUxMjE1MDUwMDU2WhcNMjUxMjE2MDUwMDU2WjAzMTEwLwYDVQQD EyhkM2ZmMTBjNTViZTMxN2E5ZmM0MzgwODM1N2YwZmRlOTU0NmNkZmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AO3qlQdl046wybgapC7887s/lNY vz4PuhBxxrdZdpH3Nruios2NH/ByD+heF3nHgQEq8YjuzZl28T/e/uj3hsitxjHn m6TEGIfg8JV18T8pbbe4lT5mZxeahC3gbFbQnDaQVXpAiMYruTtBrim7bqJpzh4K mCrPka1ttt2Gtt97qVwzqY+D0Q5FzHbxozqyDEN/g6tUc6CL12bD5jfZVkneLi1a v3yBrt2WiKyKtSTwiz+yGb9u6ryOQGXus6YdJ/AQXAnZPE4I1A5avrSwQxFTLtNi gC/UAfT6H11yPQPFyO/tf3dX7XHeHnoB7IVO4MEnhLbSc3LKRYwbMmlG4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNP/EMVb4xep/EOAg1fw/elUbN//MB8GA1UdIwQY MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt NDk3YmVkZDcxZWI5LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5 LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALu5XWhjL 4GKVIe5g3nmVn1zZzD/kj/RZ25SdpDPReFame5oHDLTAEoKJvaRNP4GIxiBVwury tFe23emf7y4UBWQ6yFcrfhcSarFtkZxI9B6oi8AWPvuw5GEDYgBc3ZN9U78abKIY lEHWxUODVIkiFFcwopaYXu8T9DuaDSgm179UZhm0eoGoaYvtIj86tNfkL3/ClXsp CntNVDgnHUNz6q+IMqrCHYhUrEjWrWtzoCa5iu5zQ6zyhgJ+hybiR1mIZ6aoAzLS cnXL0gnisksnyvzZ/Gm99CfTRS3yFJq6AyiE+n8aq3PwWIEO1aIFIZw1sCDUEP3J 0ZnUAZTSF7QaXQ== -----END CERTIFICATE-----Generated at Mon Dec 15 12:47:56 2025 by rpki-client