This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.mft File: bZ_0pTo9sPQyggzXN9VD-Gepctg.mft (raw, json) Hash identifier: HgQE5eSW3w+6JnkEX5DCS/a4xtwER2ksPAKUwC6nZBg= Subject key identifier: CD:EF:EE:68:43:FD:F2:08:65:02:EF:20:26:79:18:CF:BF:61:29:4A Authority key identifier: 6D:9F:F4:A5:3A:3D:B0:F4:32:82:0C:D7:37:D5:43:F8:67:A9:72:D8 Certificate issuer: /CN=6d9ff4a53a3db0f432820cd737d543f867a972d8 Certificate serial: 019B4B15C66F0642BCB9543EE9BE571F3BF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.mft Manifest number: 1792 Signing time: Tue 23 Dec 2025 12:01:16 +0000 Manifest this update: Tue 23 Dec 2025 12:01:16 +0000 Manifest next update: Wed 24 Dec 2025 12:01:16 +0000 Files and hashes: 1: BhpMJWOfusOQEVpOrd-46zXykZY.roa (hash: 0YBwZ2xZ2kE/oCS5ZASinXgiSDtB02PggMsq/vyRmUc=) 2: bZ_0pTo9sPQyggzXN9VD-Gepctg.crl (hash: 44B8NJi1bjt7KTP2eiVIQvAL+wfUpc3yKAMRFcTFJM0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.crl rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.mft rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:15:c6:6f:06:42:bc:b9:54:3e:e9:be:57:1f:3b:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d9ff4a53a3db0f432820cd737d543f867a972d8 Validity Not Before: Dec 23 12:01:16 2025 GMT Not After : Dec 24 12:01:16 2025 GMT Subject: CN=cdefee6843fdf2086502ef20267918cfbf61294a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:11:2c:d8:0b:9d:96:f5:92:c5:fe:61:5e:4c: c9:5e:cf:1f:06:bb:6a:7b:71:5a:ca:49:db:1c:5a: 2e:5b:61:bb:00:ed:1a:29:2a:8b:ad:86:b3:ad:fc: 3a:b9:40:f2:10:06:3d:d6:ee:6e:55:ec:35:49:8c: ff:83:8f:4e:01:bf:07:ab:d2:aa:40:d9:cf:f3:ee: d1:45:84:a0:e6:bc:36:3d:55:f9:fd:77:c3:36:92: 33:45:66:08:42:8c:48:2f:df:ed:49:8f:60:05:97: 68:c7:65:86:af:c4:2b:28:36:b0:a7:83:21:bf:b7: da:3d:7b:a4:ba:b7:46:2a:3f:a7:ee:25:62:22:bd: c5:20:8e:7a:d5:86:3d:e1:ea:35:ba:b6:b5:db:3d: a0:79:6b:54:a9:8e:a0:7b:12:d0:38:f6:a9:7a:27: 3a:01:f4:e7:30:3d:9a:38:81:15:32:bf:41:0c:a6: 6b:50:92:e5:7f:2d:8c:c6:1d:47:fb:c3:ec:37:72: fa:ac:50:fd:cf:da:f6:47:bb:f3:79:9c:6b:7d:a1: 97:b7:57:4a:ee:f5:42:00:08:2a:fb:cc:94:2a:8f: a1:b0:fa:9f:b2:86:a2:2a:38:0d:1f:1b:0b:2e:00: a1:93:3b:f1:8f:b1:8b:81:56:c6:f0:5c:8f:dd:91: e6:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:EF:EE:68:43:FD:F2:08:65:02:EF:20:26:79:18:CF:BF:61:29:4A X509v3 Authority Key Identifier: keyid:6D:9F:F4:A5:3A:3D:B0:F4:32:82:0C:D7:37:D5:43:F8:67:A9:72:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bZ_0pTo9sPQyggzXN9VD-Gepctg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/61979a-ea83-4ee7-b7f7-e168db2c54b4/1/bZ_0pTo9sPQyggzXN9VD-Gepctg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:3c:ea:1e:c1:c2:44:f3:ba:f4:c3:d5:1e:3d:e5:c9:6b:4e: 6d:50:88:00:34:28:7e:5a:9b:97:4f:3b:9e:9e:66:90:76:29: 93:b3:81:53:8e:9e:89:a6:12:cd:83:4c:ef:55:ca:90:88:e2: f6:d9:c2:72:a5:a4:4a:36:c6:c8:3d:f0:6e:00:9f:30:4a:20: 5b:3f:d1:43:46:50:f0:c2:95:62:a9:b5:79:aa:89:16:55:87: 68:31:86:47:3a:de:2a:b5:b4:ab:e1:10:f1:6e:e8:d4:c4:37: 0e:83:5c:97:79:df:ba:e7:52:c7:ef:de:35:c3:f0:9f:ce:15: 87:95:62:31:7c:f4:43:e3:e6:2d:53:d3:47:4c:93:f4:af:b9: 0f:28:ad:f6:b7:59:c9:54:80:b9:d1:00:9f:dd:72:19:b2:3d: 0c:70:bc:5a:00:f8:8a:0c:6b:66:d0:20:ab:0a:f7:2e:3d:a4: 14:ee:b1:a5:e1:1f:5e:f5:24:31:bc:59:fb:45:f7:90:5b:33: ca:8e:be:f1:ee:88:55:b4:3c:df:ed:b4:6b:fe:cd:eb:30:7f: 96:9d:1e:ea:13:b3:37:0c:fe:96:96:83:ae:69:dd:ab:fb:27: 41:4b:73:50:a0:c9:8c:0e:7c:dd:e4:1a:59:00:7b:e8:5f:5f: 31:c6:86:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLFcZvBkK8uVQ+6b5XHzv3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkOWZmNGE1M2EzZGIwZjQzMjgyMGNkNzM3ZDU0M2Y4Njdh OTcyZDgwHhcNMjUxMjIzMTIwMTE2WhcNMjUxMjI0MTIwMTE2WjAzMTEwLwYDVQQD EyhjZGVmZWU2ODQzZmRmMjA4NjUwMmVmMjAyNjc5MThjZmJmNjEyOTRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxEs2AudlvWSxf5hXkzJXs8fBrtq e3FayknbHFouW2G7AO0aKSqLrYazrfw6uUDyEAY91u5uVew1SYz/g49OAb8Hq9Kq QNnP8+7RRYSg5rw2PVX5/XfDNpIzRWYIQoxIL9/tSY9gBZdox2WGr8QrKDawp4Mh v7faPXukurdGKj+n7iViIr3FII561YY94eo1ura12z2geWtUqY6gexLQOPapeic6 AfTnMD2aOIEVMr9BDKZrUJLlfy2Mxh1H+8PsN3L6rFD9z9r2R7vzeZxrfaGXt1dK 7vVCAAgq+8yUKo+hsPqfsoaiKjgNHxsLLgChkzvxj7GLgVbG8FyP3ZHm4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM3v7mhD/fIIZQLvICZ5GM+/YSlKMB8GA1UdIwQY MBaAFG2f9KU6PbD0MoIM1zfVQ/hnqXLYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlpfMHBUbzlzUFF5Z2d6WE45VkQtR2VwY3RnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82MTk3OWEtZWE4My00ZWU3LWI3Zjct ZTE2OGRiMmM1NGI0LzEvYlpfMHBUbzlzUFF5Z2d6WE45VkQtR2VwY3RnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC82MTk3OWEtZWE4My00ZWU3LWI3ZjctZTE2OGRiMmM1NGI0 LzEvYlpfMHBUbzlzUFF5Z2d6WE45VkQtR2VwY3RnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOzzqHsHC RPO69MPVHj3lyWtObVCIADQoflqbl087np5mkHYpk7OBU46eiaYSzYNM71XKkIji 9tnCcqWkSjbGyD3wbgCfMEogWz/RQ0ZQ8MKVYqm1eaqJFlWHaDGGRzreKrW0q+EQ 8W7o1MQ3DoNcl3nfuudSx+/eNcPwn84Vh5ViMXz0Q+PmLVPTR0yT9K+5Dyit9rdZ yVSAudEAn91yGbI9DHC8WgD4igxrZtAgqwr3Lj2kFO6xpeEfXvUkMbxZ+0X3kFsz yo6+8e6IVbQ83+20a/7N6zB/lp0e6hOzNwz+lpaDrmndq/snQUtzUKDJjA583eQa WQB76F9fMcaGrw== -----END CERTIFICATE-----Generated at Tue Dec 23 14:53:48 2025 by rpki-client