This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft File: 1-kak8RQ6vjrfxLaDX6E0498srDQ.mft (raw, json) Hash identifier: zvbxD5FjhfBP/9ZiRp+AFI0rsNahhWrGYgBg4UUxDPo= Subject key identifier: 39:84:4B:0D:B2:0E:BA:3D:DC:CB:51:2C:FC:A2:04:80:2A:EA:9E:85 Authority key identifier: FA:46:A4:F1:14:3A:BE:3A:DF:C4:B6:83:5F:A1:34:E3:DF:2C:AC:34 Certificate issuer: /CN=fa46a4f1143abe3adfc4b6835fa134e3df2cac34 Certificate serial: 019B337B5CB341935B16E3E636D04F790709 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft Manifest number: 1784 Signing time: Thu 18 Dec 2025 22:01:21 +0000 Manifest this update: Thu 18 Dec 2025 22:01:21 +0000 Manifest next update: Fri 19 Dec 2025 22:01:21 +0000 Files and hashes: 1: 1-kak8RQ6vjrfxLaDX6E0498srDQ.crl (hash: E4xKDz3q5XIMGhl1SaVq/j7WDgaMyNNOh8GI4FhLJ2Y=) 2: 3uEhAk6Wx4KcEg0MVVsAAyyADBw.roa (hash: FqSkeFfRf148LCqtNv59QOP75egaClJCY4HAjWTWGX0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:5c:b3:41:93:5b:16:e3:e6:36:d0:4f:79:07:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fa46a4f1143abe3adfc4b6835fa134e3df2cac34 Validity Not Before: Dec 18 22:01:21 2025 GMT Not After : Dec 19 22:01:21 2025 GMT Subject: CN=39844b0db20eba3ddccb512cfca204802aea9e85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:17:7f:17:9d:4a:d3:64:64:44:9d:9b:64:69: 83:8a:01:71:54:d2:ef:ff:b4:ae:37:12:01:63:b5: 00:64:78:dd:01:2e:b5:fd:60:b1:f2:68:42:bb:e1: d8:81:c8:cf:97:8d:c3:8a:0c:35:78:4a:3e:3d:a3: bd:5c:36:c8:f9:d1:a4:19:79:87:2b:80:dc:cd:5d: 65:22:f6:5d:15:d3:fc:7c:9e:7a:1a:73:3a:f8:0c: f3:ff:5e:c9:36:ff:1b:a2:4b:52:62:7e:57:df:b8: ab:78:c8:08:b6:f0:a5:ca:4b:92:2d:86:2f:08:68: 81:b2:fa:e9:23:33:ee:a9:fe:2d:6c:0f:8a:ef:f9: 91:68:0f:86:19:c6:2f:54:03:e7:7f:71:89:ef:e8: 73:02:02:a9:db:44:44:59:6b:e2:9c:84:5e:74:91: 9f:4c:dc:d6:b8:9b:c3:46:42:0d:64:d1:a6:d4:6b: 6d:61:00:40:e5:ab:5a:dd:69:bd:a3:b0:c1:3b:58: 53:54:cf:11:87:a8:ec:12:06:34:58:85:7a:e6:b0: 8f:4b:9a:88:91:00:6e:56:0a:29:34:85:bf:59:d0: bb:97:aa:e3:be:4c:18:0d:7e:78:64:e1:44:06:d7: bc:28:77:e8:61:49:cd:de:d2:43:08:79:d0:c0:53: 8d:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:84:4B:0D:B2:0E:BA:3D:DC:CB:51:2C:FC:A2:04:80:2A:EA:9E:85 X509v3 Authority Key Identifier: keyid:FA:46:A4:F1:14:3A:BE:3A:DF:C4:B6:83:5F:A1:34:E3:DF:2C:AC:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-kak8RQ6vjrfxLaDX6E0498srDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f3a79d-38cf-4905-ab5f-5bca45efde8c/1/1-kak8RQ6vjrfxLaDX6E0498srDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:44:97:d5:f9:1f:aa:e2:14:46:89:dc:bc:e7:0d:b1:a9:cd: 91:f1:8f:2d:89:29:8a:a3:2a:a0:e6:2b:d7:ef:c7:38:29:e9: 4d:f3:06:c2:2c:47:05:b3:f6:ac:ee:67:12:6b:ab:8b:78:94: ea:08:33:92:bf:3a:a0:eb:a2:72:4f:86:bd:56:c9:12:51:a3: e1:fc:0b:d4:17:0c:fb:ed:f1:a1:e2:a6:af:81:6e:19:26:25: 42:39:cd:46:44:b6:15:9f:23:d3:47:c0:d5:fc:4d:54:9f:eb: 96:54:aa:2d:8c:af:aa:7a:a5:37:04:de:ab:ba:a0:19:b3:25: 79:ff:14:20:9e:ce:4b:8e:be:e1:2f:90:79:60:1c:4a:2b:78: 99:84:fd:a6:e4:02:af:2e:0b:30:98:c3:85:5e:74:01:f6:0f: 35:20:6d:dc:39:51:a2:c5:35:97:52:7b:55:be:2b:66:d2:2d: c9:be:55:7e:18:58:6f:53:45:23:d3:d0:71:62:49:4c:ae:61: 30:0e:f8:52:8d:fd:da:3d:52:54:8e:6c:ca:8c:89:fb:77:d6: 1b:bf:fe:0e:f8:49:7f:f2:2f:2e:68:da:ab:ab:68:25:71:76: 02:fb:c4:10:05:12:ea:62:f1:09:6f:bb:93:36:c8:9a:6d:d2: bb:3a:3d:d2 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZsze1yzQZNbFuPmNtBPeQcJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZhNDZhNGYxMTQzYWJlM2FkZmM0YjY4MzVmYTEzNGUzZGYy Y2FjMzQwHhcNMjUxMjE4MjIwMTIxWhcNMjUxMjE5MjIwMTIxWjAzMTEwLwYDVQQD EygzOTg0NGIwZGIyMGViYTNkZGNjYjUxMmNmY2EyMDQ4MDJhZWE5ZTg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xd/F51K02RkRJ2bZGmDigFxVNLv /7SuNxIBY7UAZHjdAS61/WCx8mhCu+HYgcjPl43Digw1eEo+PaO9XDbI+dGkGXmH K4DczV1lIvZdFdP8fJ56GnM6+Azz/17JNv8boktSYn5X37ireMgItvClykuSLYYv CGiBsvrpIzPuqf4tbA+K7/mRaA+GGcYvVAPnf3GJ7+hzAgKp20REWWvinIRedJGf TNzWuJvDRkINZNGm1GttYQBA5ata3Wm9o7DBO1hTVM8Rh6jsEgY0WIV65rCPS5qI kQBuVgopNIW/WdC7l6rjvkwYDX54ZOFEBte8KHfoYUnN3tJDCHnQwFONMQIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFDmESw2yDro93MtRLPyiBIAq6p6FMB8GA1UdIwQY MBaAFPpGpPEUOr4638S2g1+hNOPfLKw0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1rYWs4UlE2dmpyZnhMYURYNkUwNDk4c3JEUS5jZXIw gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvZjNhNzlkLTM4Y2YtNDkwNS1hYjVm LTViY2E0NWVmZGU4Yy8xLzEta2FrOFJRNnZqcmZ4TGFEWDZFMDQ5OHNyRFEubWZ0 MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np dG9yeS9ERUZBVUxUL2RjL2YzYTc5ZC0zOGNmLTQ5MDUtYWI1Zi01YmNhNDVlZmRl OGMvMS8xLWthazhSUTZ2anJmeExhRFg2RTA0OThzckRRLmNybDAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWUSX 1fkfquIURoncvOcNsanNkfGPLYkpiqMqoOYr1+/HOCnpTfMGwixHBbP2rO5nEmur i3iU6ggzkr86oOuick+GvVbJElGj4fwL1BcM++3xoeKmr4FuGSYlQjnNRkS2FZ8j 00fA1fxNVJ/rllSqLYyvqnqlNwTeq7qgGbMlef8UIJ7OS46+4S+QeWAcSit4mYT9 puQCry4LMJjDhV50AfYPNSBt3DlRosU1l1J7Vb4rZtItyb5VfhhYb1NFI9PQcWJJ TK5hMA74Uo392j1SVI5syoyJ+3fWG7/+DvhJf/IvLmjaq6toJXF2AvvEEAUS6mLx CW+7kzbImm3Suzo90g== -----END CERTIFICATE-----Generated at Fri Dec 19 07:49:03 2025 by rpki-client