This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b9a1a0-6ada-4dde-965b-46ff7ce2c140/1/cHdwf2aXiCaodeuNLrMzvthWlmc.mft File: cHdwf2aXiCaodeuNLrMzvthWlmc.mft (raw, json) Hash identifier: rlCBhoMPIB+a86Rzgs40aUu2h9Qr5XxCOsX9xiV/px8= Subject key identifier: 4F:8E:50:A3:1F:30:DF:BF:10:57:C9:10:8E:7D:8E:43:B8:B0:62:12 Authority key identifier: 70:77:70:7F:66:97:88:26:A8:75:EB:8D:2E:B3:33:BE:D8:56:96:67 Certificate issuer: /CN=7077707f66978826a875eb8d2eb333bed8569667 Certificate serial: 019B0E2667E01F481A2443C83F2E00D5AFE2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHdwf2aXiCaodeuNLrMzvthWlmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b9a1a0-6ada-4dde-965b-46ff7ce2c140/1/cHdwf2aXiCaodeuNLrMzvthWlmc.mft Manifest number: 0956 Signing time: Thu 11 Dec 2025 16:02:36 +0000 Manifest this update: Thu 11 Dec 2025 16:02:36 +0000 Manifest next update: Fri 12 Dec 2025 16:02:36 +0000 Files and hashes: 1: ZBqGiL5Lwt5_4rzPo7SO0cTda9c.roa (hash: KELG75sz8Tw2WawKyeiPVA4v+ezxNcK7f4e9XzFuUUw=) 2: cHdwf2aXiCaodeuNLrMzvthWlmc.crl (hash: eEHXvd/cgDFPF38yW3/CT7xV7nTiuqER+IBlyO0Uoz0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/b9a1a0-6ada-4dde-965b-46ff7ce2c140/1/cHdwf2aXiCaodeuNLrMzvthWlmc.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/b9a1a0-6ada-4dde-965b-46ff7ce2c140/1/cHdwf2aXiCaodeuNLrMzvthWlmc.mft rsync://rpki.ripe.net/repository/DEFAULT/cHdwf2aXiCaodeuNLrMzvthWlmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:26:67:e0:1f:48:1a:24:43:c8:3f:2e:00:d5:af:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7077707f66978826a875eb8d2eb333bed8569667 Validity Not Before: Dec 11 16:02:36 2025 GMT Not After : Dec 12 16:02:36 2025 GMT Subject: CN=4f8e50a31f30dfbf1057c9108e7d8e43b8b06212 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:29:4c:b6:6c:f4:0c:67:4e:54:29:14:15:4e: 08:31:55:3c:e2:e7:39:e4:30:b2:2a:4a:89:e5:c5: f3:7e:ca:2d:d6:13:96:78:94:d9:3d:2a:89:a2:ad: e4:4b:81:1a:27:72:92:c2:f2:95:a5:16:01:61:1d: bf:02:81:e2:b4:26:c2:af:cc:88:64:bb:e4:36:e1: 4c:f9:61:2e:3a:e2:e0:19:ed:21:42:52:d9:f7:9e: 96:6f:82:f5:be:ba:ff:ea:3e:5c:db:64:ad:31:2c: 79:0d:4d:7a:8b:4c:52:f5:93:b3:75:da:b8:15:0a: b8:ad:7d:c7:e0:33:8e:8f:b1:27:a3:01:8b:49:e5: 49:69:09:5f:f7:a3:a0:b7:0e:bd:88:ad:66:b6:50: 5d:17:e8:de:4d:e3:f7:fa:fa:bb:1f:b4:9f:b5:2b: fb:0c:d1:36:22:c9:8e:f7:a4:0a:7e:91:ab:cb:4b: 25:54:ae:df:e8:b1:43:1e:a5:74:95:53:1f:63:2a: d0:bd:f5:44:46:2d:ad:64:ac:78:d3:aa:6f:db:8e: 68:21:48:c0:bf:4e:7d:43:5f:2f:fa:f0:77:60:b8: ef:02:7e:e8:b2:e8:ab:d7:4a:52:03:26:7c:a4:74: a4:91:ed:c0:ba:91:98:a6:af:7a:bc:39:53:cc:a9: 86:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:8E:50:A3:1F:30:DF:BF:10:57:C9:10:8E:7D:8E:43:B8:B0:62:12 X509v3 Authority Key Identifier: keyid:70:77:70:7F:66:97:88:26:A8:75:EB:8D:2E:B3:33:BE:D8:56:96:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHdwf2aXiCaodeuNLrMzvthWlmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b9a1a0-6ada-4dde-965b-46ff7ce2c140/1/cHdwf2aXiCaodeuNLrMzvthWlmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b9a1a0-6ada-4dde-965b-46ff7ce2c140/1/cHdwf2aXiCaodeuNLrMzvthWlmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:b1:32:c6:82:f1:1e:30:ea:df:92:a3:8d:9a:9e:78:0c:80: 51:ab:e1:9b:3c:08:64:cd:6c:4e:ac:12:c3:15:70:39:5c:ee: de:66:2a:31:2b:7f:37:cb:d5:66:1e:36:5e:53:e3:93:16:4e: bc:af:da:1c:9c:29:2a:a4:36:3d:1b:76:1e:22:fb:f8:d0:35: fa:33:c2:75:fb:2c:05:d6:f7:01:3a:57:7b:cf:2f:38:99:4a: 75:b0:a5:37:d3:85:47:33:97:ac:b7:5c:f7:4b:87:6c:f1:0e: a0:56:d5:a7:1e:37:f8:4d:fb:c9:26:42:7b:09:fb:e1:02:72: 38:ea:61:41:60:45:a3:d7:05:e2:4c:02:27:ec:be:07:63:e2: b8:45:be:3d:3c:80:8c:21:00:10:74:78:09:59:cf:59:e5:6a: 9c:be:05:26:98:4e:14:de:1d:c3:be:62:ca:98:b5:7e:6d:5a: 14:c7:de:e1:a4:4a:e1:2f:5a:ce:17:86:62:94:37:85:c3:bb: 93:53:e1:78:eb:de:e5:73:01:1e:5d:7c:7c:f7:a0:9c:fd:7e: 6a:bc:72:96:d9:86:a0:f1:15:1f:5e:cd:b5:4c:57:55:d9:e2: c0:66:73:41:f4:99:ed:77:e7:e7:b1:03:a9:1e:19:ce:83:4e: af:33:c7:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOJmfgH0gaJEPIPy4A1a/iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwNzc3MDdmNjY5Nzg4MjZhODc1ZWI4ZDJlYjMzM2JlZDg1 Njk2NjcwHhcNMjUxMjExMTYwMjM2WhcNMjUxMjEyMTYwMjM2WjAzMTEwLwYDVQQD Eyg0ZjhlNTBhMzFmMzBkZmJmMTA1N2M5MTA4ZTdkOGU0M2I4YjA2MjEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlylMtmz0DGdOVCkUFU4IMVU84uc5 5DCyKkqJ5cXzfsot1hOWeJTZPSqJoq3kS4EaJ3KSwvKVpRYBYR2/AoHitCbCr8yI ZLvkNuFM+WEuOuLgGe0hQlLZ956Wb4L1vrr/6j5c22StMSx5DU16i0xS9ZOzddq4 FQq4rX3H4DOOj7EnowGLSeVJaQlf96Ogtw69iK1mtlBdF+jeTeP3+vq7H7SftSv7 DNE2IsmO96QKfpGry0slVK7f6LFDHqV0lVMfYyrQvfVERi2tZKx406pv245oIUjA v059Q18v+vB3YLjvAn7osuir10pSAyZ8pHSkke3AupGYpq96vDlTzKmG8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE+OUKMfMN+/EFfJEI59jkO4sGISMB8GA1UdIwQY MBaAFHB3cH9ml4gmqHXrjS6zM77YVpZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0hkd2YyYVhpQ2FvZGV1TkxyTXp2dGhXbG1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOWExYTAtNmFkYS00ZGRlLTk2NWIt NDZmZjdjZTJjMTQwLzEvY0hkd2YyYVhpQ2FvZGV1TkxyTXp2dGhXbG1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9iOWExYTAtNmFkYS00ZGRlLTk2NWItNDZmZjdjZTJjMTQw LzEvY0hkd2YyYVhpQ2FvZGV1TkxyTXp2dGhXbG1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjbEyxoLx HjDq35KjjZqeeAyAUavhmzwIZM1sTqwSwxVwOVzu3mYqMSt/N8vVZh42XlPjkxZO vK/aHJwpKqQ2PRt2HiL7+NA1+jPCdfssBdb3ATpXe88vOJlKdbClN9OFRzOXrLdc 90uHbPEOoFbVpx43+E37ySZCewn74QJyOOphQWBFo9cF4kwCJ+y+B2PiuEW+PTyA jCEAEHR4CVnPWeVqnL4FJphOFN4dw75iypi1fm1aFMfe4aRK4S9azheGYpQ3hcO7 k1PheOve5XMBHl18fPegnP1+arxyltmGoPEVH17NtUxXVdniwGZzQfSZ7Xfn57ED qR4ZzoNOrzPHwA== -----END CERTIFICATE-----Generated at Thu Dec 11 23:06:57 2025 by rpki-client