This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
File: RDTtvhtBAbKKviMvK88qAUiXglo.mft (raw, json)
Hash identifier: XMIE3iNdqilmHi8BKHRv64upn7dVJYnl7ZT526x+KRw=
Subject key identifier: 0A:41:32:A6:2A:21:91:83:A3:CC:F7:24:D1:96:D1:15:6C:8A:1B:C3
Authority key identifier: 44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
Certificate issuer: /CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Certificate serial: 019B409191BB028199AE406B689E20E71799
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
Manifest number: 1175
Signing time: Sun 21 Dec 2025 11:00:40 +0000
Manifest this update: Sun 21 Dec 2025 11:00:40 +0000
Manifest next update: Mon 22 Dec 2025 11:00:40 +0000
Files and hashes: 1: MBnjR0q6eR7PujQYuvXc6EY3kbo.roa (hash: HNqzyjDd+TtlMN5tniTDAwjj1tssNX0++6C4Wyg438o=)
2: RDTtvhtBAbKKviMvK88qAUiXglo.crl (hash: hnqqbgbbZwqHpvT3XBVHQYP8qnKeslIhhES+8JHAhUI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 22 Dec 2025 11:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:40:91:91:bb:02:81:99:ae:40:6b:68:9e:20:e7:17:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Validity
Not Before: Dec 21 11:00:40 2025 GMT
Not After : Dec 22 11:00:40 2025 GMT
Subject: CN=0a4132a62a219183a3ccf724d196d1156c8a1bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c3:66:c1:aa:bf:52:a0:7d:8b:e4:8b:06:bf:
a6:fb:ce:5c:97:5c:6b:82:ad:3e:2f:7e:69:c6:da:
19:a4:51:0a:8f:eb:08:7d:93:97:75:22:4e:f4:28:
6d:48:c6:a7:66:8c:16:19:d5:5e:26:fa:50:33:65:
c2:57:89:9a:e9:b6:ca:e5:49:4c:bd:54:88:a5:d4:
65:7f:96:f4:1b:93:40:98:cc:e3:3c:d9:d3:36:b7:
f2:51:c5:a6:f0:79:f8:68:a4:e4:9a:cb:ee:f3:c1:
a3:5c:00:fc:d6:16:ac:f3:e9:ae:31:83:cf:6e:86:
68:8c:b3:a8:d7:a6:83:5c:5a:80:4b:b4:d4:29:da:
9e:b6:33:8a:70:4a:bd:0e:5c:b8:8c:7b:c5:d9:e6:
d1:46:9e:ca:5a:07:2d:d8:9b:33:01:e6:d2:95:6b:
57:f7:67:57:eb:33:a6:50:1f:81:6a:d8:65:91:54:
81:ac:96:a4:9c:bc:71:4a:af:d4:5e:ae:a0:88:ec:
bb:75:b1:cb:08:97:94:59:7c:05:30:26:d0:1c:85:
86:9d:9d:0b:c3:e4:3e:4a:21:19:05:06:b5:95:58:
62:5d:bf:aa:d0:08:87:43:f1:7e:bd:53:b7:c4:42:
5a:7d:39:91:ca:49:b7:ed:4c:9a:1b:7a:10:f9:1e:
06:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:41:32:A6:2A:21:91:83:A3:CC:F7:24:D1:96:D1:15:6C:8A:1B:C3
X509v3 Authority Key Identifier:
keyid:44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:96:c5:66:22:0b:8d:f8:1a:7f:ea:86:cc:64:94:d6:29:01:
14:4c:11:31:02:f7:b7:f6:f0:ef:1a:63:67:e4:9f:36:86:7e:
b7:03:27:da:be:d9:32:8c:3b:f7:f4:86:ac:6d:a1:fc:89:99:
86:2f:74:cc:30:8d:bc:f7:a7:b5:e2:f6:40:4a:e8:e2:c4:1f:
2b:cb:cc:18:a1:1b:08:f3:0b:b0:4e:fd:72:11:e1:95:9b:53:
0b:53:16:98:26:f8:80:82:8d:8b:fd:15:4d:cd:3f:e0:6c:a9:
b1:99:e1:f0:7b:33:3f:07:d0:7e:0b:e4:2e:24:3e:b9:22:80:
fc:81:be:38:e1:9c:47:4d:fb:fc:d2:b6:c9:f7:98:15:a6:37:
3b:a2:4d:c1:0e:3a:f7:ca:24:cd:b0:6b:88:81:f3:ce:8d:ea:
19:30:e8:15:2b:35:67:7a:e2:ce:36:5c:80:72:73:4e:07:f9:
77:a2:82:5d:ad:46:81:9a:df:8f:1d:95:b8:2d:ad:df:64:17:
75:07:6d:fa:ba:5f:d4:27:ac:fe:bd:58:47:62:09:2a:17:f2:
a5:91:57:d4:6a:d5:78:9d:ef:9a:c2:b2:0d:27:3b:b6:a3:4a:
f1:e1:c0:ac:a1:a0:8b:bc:70:06:55:18:74:14:ce:27:41:f8:
cc:87:b1:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtAkZG7AoGZrkBraJ4g5xeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzRlZGJlMWI0MTAxYjI4YWJlMjMyZjJiY2YyYTAxNDg5
NzgyNWEwHhcNMjUxMjIxMTEwMDQwWhcNMjUxMjIyMTEwMDQwWjAzMTEwLwYDVQQD
EygwYTQxMzJhNjJhMjE5MTgzYTNjY2Y3MjRkMTk2ZDExNTZjOGExYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8Nmwaq/UqB9i+SLBr+m+85cl1xr
gq0+L35pxtoZpFEKj+sIfZOXdSJO9ChtSManZowWGdVeJvpQM2XCV4ma6bbK5UlM
vVSIpdRlf5b0G5NAmMzjPNnTNrfyUcWm8Hn4aKTkmsvu88GjXAD81has8+muMYPP
boZojLOo16aDXFqAS7TUKdqetjOKcEq9Dly4jHvF2ebRRp7KWgct2JszAebSlWtX
92dX6zOmUB+BathlkVSBrJaknLxxSq/UXq6giOy7dbHLCJeUWXwFMCbQHIWGnZ0L
w+Q+SiEZBQa1lVhiXb+q0AiHQ/F+vVO3xEJafTmRykm37UyaG3oQ+R4GRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFApBMqYqIZGDo8z3JNGW0RVsihvDMB8GA1UdIwQY
MBaAFEQ07b4bQQGyir4jLyvPKgFIl4JaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDkt
MTBjYWY1NDk4NmZmLzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDktMTBjYWY1NDk4NmZm
LzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdpbFZiIL
jfgaf+qGzGSU1ikBFEwRMQL3t/bw7xpjZ+SfNoZ+twMn2r7ZMow79/SGrG2h/ImZ
hi90zDCNvPenteL2QEro4sQfK8vMGKEbCPMLsE79chHhlZtTC1MWmCb4gIKNi/0V
Tc0/4GypsZnh8HszPwfQfgvkLiQ+uSKA/IG+OOGcR037/NK2yfeYFaY3O6JNwQ46
98okzbBriIHzzo3qGTDoFSs1Z3rizjZcgHJzTgf5d6KCXa1GgZrfjx2VuC2t32QX
dQdt+rpf1Ces/r1YR2IJKhfypZFX1GrVeJ3vmsKyDSc7tqNK8eHArKGgi7xwBlUY
dBTOJ0H4zIex2w==
-----END CERTIFICATE-----
Generated at Sun Dec 21 17:25:54 2025 by rpki-client