This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft File: D3jqRswh1F7WEmjUqfVnMsheIVA.mft (raw, json) Hash identifier: dxXaPebbFqJA82n3gJe3PBPqYPkKHpOFPVeRb7SeC0k= Subject key identifier: 9C:96:48:48:4A:E3:A1:4C:C0:E7:5C:A5:11:7A:BF:6F:5D:AB:F9:9E Authority key identifier: 0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50 Certificate issuer: /CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150 Certificate serial: 019B3AC64DBB47951CFFCA6217FE8D9D9412 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft Manifest number: 1786 Signing time: Sat 20 Dec 2025 08:00:33 +0000 Manifest this update: Sat 20 Dec 2025 08:00:33 +0000 Manifest next update: Sun 21 Dec 2025 08:00:33 +0000 Files and hashes: 1: 8SQTxy_p8cY9en9UR93vjFnnH74.roa (hash: LPCNfHY24fbVR2x4GxfhYD0c8Fxi97g9FBcWFfU2h/o=) 2: D3jqRswh1F7WEmjUqfVnMsheIVA.crl (hash: jGsbWxK01X2eWC0KtAMWZkUY7nqkOSRT39DvgpeT5Uw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 08:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:c6:4d:bb:47:95:1c:ff:ca:62:17:fe:8d:9d:94:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150 Validity Not Before: Dec 20 08:00:33 2025 GMT Not After : Dec 21 08:00:33 2025 GMT Subject: CN=9c9648484ae3a14cc0e75ca5117abf6f5dabf99e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:96:8d:ba:92:2b:58:bd:18:c1:f1:5e:84:a4: f5:16:08:3c:3b:80:b4:2a:2e:eb:be:54:c1:29:e6: 7f:ea:d9:a5:4b:e9:ec:ff:8b:b6:80:e8:74:e6:0d: 24:4a:3b:63:aa:46:ae:54:21:52:72:b9:6c:a6:17: 12:74:f0:9a:5c:3e:24:1c:a4:4b:93:3b:3d:4f:58: 72:f0:02:e2:1b:3c:b3:94:e1:76:dc:49:57:37:34: e1:9d:3f:43:f5:93:1a:e0:aa:6f:c2:15:98:d4:6e: 24:ad:c2:0a:67:42:97:ae:31:91:cb:0b:7b:10:c9: 19:8e:11:d5:d7:d9:1c:b9:95:25:61:6a:11:9c:47: 7a:84:f1:90:f1:57:63:09:36:0a:23:5b:2b:96:25: c5:20:d0:ec:41:02:86:71:c9:c6:a1:3f:26:f3:cc: 09:22:21:ab:08:a2:f2:b1:9f:f2:df:6d:dc:e2:8a: f1:ac:73:d2:e2:a0:8f:01:74:76:a7:43:23:7c:25: 65:6d:d9:87:c7:0b:66:23:65:36:28:e5:59:e4:a8: 3f:6c:54:09:a5:7a:3a:21:18:b7:aa:fe:a4:ff:24: 65:0e:dc:39:83:ab:a6:06:bb:f2:01:01:17:e1:d1: 87:11:75:5e:03:26:b5:1b:a6:f4:50:a0:f8:ae:8a: 47:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:96:48:48:4A:E3:A1:4C:C0:E7:5C:A5:11:7A:BF:6F:5D:AB:F9:9E X509v3 Authority Key Identifier: keyid:0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:a5:c8:b3:79:63:10:54:6e:b4:78:f6:38:84:06:7c:32:ca: 06:1f:82:96:36:3d:c6:20:fc:f5:d9:51:43:72:31:ea:54:a6: a3:9e:59:c0:8f:d1:70:f1:0e:05:f4:8c:07:1f:90:00:db:d4: 75:7e:27:8d:25:ce:7a:ee:a0:51:14:1e:1a:25:18:27:65:1a: 8f:32:6a:9d:49:46:30:a1:ad:b0:21:72:2c:be:7c:77:f8:82: 21:7c:92:71:94:c5:59:2c:23:5f:4e:cd:98:e8:c4:ff:cb:52: fd:f2:93:01:be:d4:9f:56:d1:c2:56:70:7a:71:49:b6:91:d2: 0c:33:f6:01:8a:d6:4a:8f:a7:8c:01:f7:14:ac:9c:34:3e:eb: 80:38:eb:4e:fe:2e:51:aa:b8:55:bc:18:f4:79:1a:7b:66:0a: 3f:ab:43:fb:bf:bd:ea:72:ef:66:30:e3:76:60:d7:6d:cb:b1: 24:bc:4f:e3:ed:60:76:41:e8:f7:6b:6e:76:70:d4:e3:af:9a: c4:80:6d:25:60:6b:3f:49:3d:54:4f:6b:e2:51:4f:64:d6:e9: 25:37:c1:8f:5d:ca:61:2a:4d:54:5b:ba:af:d0:1b:de:06:2a: 98:3c:aa:ba:d5:b9:cf:2a:6c:a7:91:f9:da:92:a9:cf:30:6a: 4e:21:a1:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6xk27R5Uc/8piF/6NnZQSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNzhlYTQ2Y2MyMWQ0NWVkNjEyNjhkNGE5ZjU2NzMyYzg1 ZTIxNTAwHhcNMjUxMjIwMDgwMDMzWhcNMjUxMjIxMDgwMDMzWjAzMTEwLwYDVQQD Eyg5Yzk2NDg0ODRhZTNhMTRjYzBlNzVjYTUxMTdhYmY2ZjVkYWJmOTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JaNupIrWL0YwfFehKT1Fgg8O4C0 Ki7rvlTBKeZ/6tmlS+ns/4u2gOh05g0kSjtjqkauVCFScrlsphcSdPCaXD4kHKRL kzs9T1hy8ALiGzyzlOF23ElXNzThnT9D9ZMa4KpvwhWY1G4krcIKZ0KXrjGRywt7 EMkZjhHV19kcuZUlYWoRnEd6hPGQ8VdjCTYKI1srliXFINDsQQKGccnGoT8m88wJ IiGrCKLysZ/y323c4orxrHPS4qCPAXR2p0MjfCVlbdmHxwtmI2U2KOVZ5Kg/bFQJ pXo6IRi3qv6k/yRlDtw5g6umBrvyAQEX4dGHEXVeAya1G6b0UKD4ropHAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJyWSEhK46FMwOdcpRF6v29dq/meMB8GA1UdIwQY MBaAFA946kbMIdRe1hJo1Kn1ZzLIXiFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMt MDMyYjNiNjE0ZGQ4LzEvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMtMDMyYjNiNjE0ZGQ4 LzEvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOKXIs3lj EFRutHj2OIQGfDLKBh+CljY9xiD89dlRQ3Ix6lSmo55ZwI/RcPEOBfSMBx+QANvU dX4njSXOeu6gURQeGiUYJ2UajzJqnUlGMKGtsCFyLL58d/iCIXyScZTFWSwjX07N mOjE/8tS/fKTAb7Un1bRwlZwenFJtpHSDDP2AYrWSo+njAH3FKycND7rgDjrTv4u Uaq4VbwY9Hkae2YKP6tD+7+96nLvZjDjdmDXbcuxJLxP4+1gdkHo92tudnDU46+a xIBtJWBrP0k9VE9r4lFPZNbpJTfBj13KYSpNVFu6r9Ab3gYqmDyqutW5zypsp5H5 2pKpzzBqTiGh4A== -----END CERTIFICATE-----Generated at Sat Dec 20 18:20:22 2025 by rpki-client