This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft File: ruCNkzby5s0WXrcwKX_m0gyDw5o.mft (raw, json) Hash identifier: 63N19V4Xdv+ywUbx2YGFk4bWTHekd31gX0yolfk5GeM= Subject key identifier: D9:9C:76:BE:E2:02:D5:A2:A7:63:59:3B:56:60:1A:EC:76:26:4B:F3 Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a Certificate serial: 019B4ADEBA296C2D0DF609586953B2F5FE43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft Manifest number: 14DA Signing time: Tue 23 Dec 2025 11:01:09 +0000 Manifest this update: Tue 23 Dec 2025 11:01:09 +0000 Manifest next update: Wed 24 Dec 2025 11:01:09 +0000 Files and hashes: 1: BS_uFjltIa2QdarHmlrjr-N1lfU.roa (hash: In6YLEFgpwciZfoYuJdlvQqiCYVNTfn1vSODPqF0a14=) 2: KyGy1yiZWdO5Baarc34FhluuX6o.roa (hash: PluDSAEvqHUwzzXaYjhHiEYtCeH5Nq3YEFQLeyKhxg0=) 3: MTuQql9Rh88BHIoSEfi0N5xULhQ.roa (hash: c4KaJbDb+YQM6dcx+R5wyGu53GnRsEWM+y0F8Wui/6Q=) 4: aPIQbORfDqMdRus3FUsayPmmxSc.roa (hash: Bjwo2XfxvG4dmeK0piMxmJc9w9b8pe3Sc6uuX95IjTw=) 5: aTlzb3K-mNhSWkbEKv29Xc3ITT0.roa (hash: Y8Xw4D+ihA3z60B6zW48nfEFoOcri17+Bm+/jPd3INc=) 6: kL_2gvtUAFUX3-zbMD5AfdbkkFc.roa (hash: i5sBmgPlAzgh1HcdG7lTgrd/mdbOcJciFVKfQ5U2fAw=) 7: ruCNkzby5s0WXrcwKX_m0gyDw5o.crl (hash: fS4HOu62/u+zLvFhwVvTW9b0pKWe0OjCGT7XCyuzVB8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:de:ba:29:6c:2d:0d:f6:09:58:69:53:b2:f5:fe:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a Validity Not Before: Dec 23 11:01:09 2025 GMT Not After : Dec 24 11:01:09 2025 GMT Subject: CN=d99c76bee202d5a2a763593b56601aec76264bf3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:0e:1c:50:a6:8e:40:9b:27:d6:91:82:ce:a9: f6:5b:52:bf:d2:ae:e4:82:53:6a:eb:aa:ab:8a:68: e2:e5:2a:c6:08:c9:81:c9:31:0d:04:2f:d2:48:29: b9:1b:fd:50:a4:0e:18:7c:f6:d1:89:d1:79:e8:76: 52:ac:ba:22:2e:db:c2:a1:82:9a:8a:a1:dd:d1:d2: 71:b7:b0:e2:69:e4:c3:9b:a4:1d:bc:fc:9d:a9:bf: f3:69:58:d9:e3:d9:f4:2a:d2:94:8b:eb:c8:88:55: e1:aa:b4:e4:31:de:05:bf:ab:d2:89:2f:f3:55:a1: fb:8a:3a:a5:7f:45:2c:39:3d:7e:0c:4f:6a:88:e1: 9a:ad:70:55:d7:15:9f:e0:44:d4:e9:62:27:f1:d7: 27:6c:28:23:3d:c6:b9:71:33:7a:9a:59:d6:c4:35: c1:8c:b8:a8:ad:c4:58:3b:c3:4f:52:48:03:7a:4e: a5:2e:ca:0c:1e:a8:af:b4:44:55:85:c4:15:90:ff: 0a:f5:9b:b0:dd:8d:ad:2a:4a:10:2f:ad:91:48:94: 46:3d:ba:3c:5f:19:9e:6a:c2:f9:40:6e:0f:e3:83: 5e:bf:ad:6e:50:5e:9f:ce:49:13:5e:c9:ab:02:2c: ca:5c:ad:d1:09:66:cf:70:c2:cf:a8:4b:71:06:b0: 74:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:9C:76:BE:E2:02:D5:A2:A7:63:59:3B:56:60:1A:EC:76:26:4B:F3 X509v3 Authority Key Identifier: keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:ec:ba:8c:0e:b2:22:2f:c3:42:0d:10:63:98:4a:85:fd:68: ff:54:ca:76:23:c6:15:10:cb:74:c4:d5:77:78:22:97:e8:b0: 98:2e:b3:e2:2e:d1:15:82:ef:41:ad:d4:80:33:38:60:5f:93: 67:d9:31:04:4f:fd:0f:cf:fc:5d:50:30:fe:53:06:27:b4:8e: 57:ac:8b:e6:34:d5:5c:0e:32:58:39:cc:27:62:a9:37:ef:b4: 21:65:08:ba:40:d6:0c:39:5c:13:99:32:37:24:0d:35:8d:18: 79:4c:c3:39:c2:93:dc:32:a9:6a:d8:d3:80:c0:fb:6f:eb:a6: d0:7e:74:7e:df:70:54:e1:b9:1a:48:c3:b1:d9:96:b9:fd:75: 2f:87:90:bf:fc:dc:c7:7e:5d:41:34:d6:d9:36:e5:08:66:38: 86:d2:52:f2:86:c4:b1:9a:20:fe:57:aa:fd:11:08:44:0d:f3: 9a:6a:2e:84:c9:d9:8f:9c:71:46:54:29:9c:30:b5:97:6f:42: 00:03:0f:aa:66:4a:8d:69:d5:a3:d3:e6:19:9b:fa:69:d4:39: 46:10:f3:6e:e8:fd:cf:06:8a:7e:e7:4a:dc:b6:b6:e6:c7:c1: 2e:2c:88:12:ff:88:5d:36:d8:97:04:73:49:66:56:9f:cd:44: 56:6e:56:8e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtK3ropbC0N9glYaVOy9f5DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4 M2MzOWEwHhcNMjUxMjIzMTEwMTA5WhcNMjUxMjI0MTEwMTA5WjAzMTEwLwYDVQQD EyhkOTljNzZiZWUyMDJkNWEyYTc2MzU5M2I1NjYwMWFlYzc2MjY0YmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug4cUKaOQJsn1pGCzqn2W1K/0q7k glNq66qrimji5SrGCMmByTENBC/SSCm5G/1QpA4YfPbRidF56HZSrLoiLtvCoYKa iqHd0dJxt7DiaeTDm6QdvPydqb/zaVjZ49n0KtKUi+vIiFXhqrTkMd4Fv6vSiS/z VaH7ijqlf0UsOT1+DE9qiOGarXBV1xWf4ETU6WIn8dcnbCgjPca5cTN6mlnWxDXB jLiorcRYO8NPUkgDek6lLsoMHqivtERVhcQVkP8K9Zuw3Y2tKkoQL62RSJRGPbo8 XxmeasL5QG4P44Nev61uUF6fzkkTXsmrAizKXK3RCWbPcMLPqEtxBrB0iQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNmcdr7iAtWip2NZO1ZgGux2JkvzMB8GA1UdIwQY MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt NDk3YmVkZDcxZWI5LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5 LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASuy6jA6y Ii/DQg0QY5hKhf1o/1TKdiPGFRDLdMTVd3gil+iwmC6z4i7RFYLvQa3UgDM4YF+T Z9kxBE/9D8/8XVAw/lMGJ7SOV6yL5jTVXA4yWDnMJ2KpN++0IWUIukDWDDlcE5ky NyQNNY0YeUzDOcKT3DKpatjTgMD7b+um0H50ft9wVOG5GkjDsdmWuf11L4eQv/zc x35dQTTW2TblCGY4htJS8obEsZog/leq/REIRA3zmmouhMnZj5xxRlQpnDC1l29C AAMPqmZKjWnVo9PmGZv6adQ5RhDzbuj9zwaKfudK3La25sfBLiyIEv+IXTbYlwRz SWZWn81EVm5Wjg== -----END CERTIFICATE-----Generated at Tue Dec 23 13:00:08 2025 by rpki-client