This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3f19f9-8395-4088-af17-e5ca67c11533/1/vPnwsJRzjFKC-_SzBnDsX9y1id8.mft File: vPnwsJRzjFKC-_SzBnDsX9y1id8.mft (raw, json) Hash identifier: vfZAGVWybCYFFi+qdOP1RGULoXTGeS2uL4sW2TT3wYI= Subject key identifier: 79:3B:23:9F:6E:6F:69:A6:A3:CB:59:00:1F:37:56:94:59:D0:E8:20 Authority key identifier: BC:F9:F0:B0:94:73:8C:52:82:FB:F4:B3:06:70:EC:5F:DC:B5:89:DF Certificate issuer: /CN=bcf9f0b094738c5282fbf4b30670ec5fdcb589df Certificate serial: 019B51BC7201738F17FD75F328F23D8F00FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vPnwsJRzjFKC-_SzBnDsX9y1id8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3f19f9-8395-4088-af17-e5ca67c11533/1/vPnwsJRzjFKC-_SzBnDsX9y1id8.mft Manifest number: 1791 Signing time: Wed 24 Dec 2025 19:01:02 +0000 Manifest this update: Wed 24 Dec 2025 19:01:02 +0000 Manifest next update: Thu 25 Dec 2025 19:01:02 +0000 Files and hashes: 1: GcXZXurTGrAnFXKjvUHU9XD_YyQ.roa (hash: CVqER74xo0XyQrFlwwf0CdK9BC9SAVXvCBJxlFB4CBw=) 2: vPnwsJRzjFKC-_SzBnDsX9y1id8.crl (hash: CwAk+av95XEnQyP8RJ144PHAP+G+thjHl6ydEx26cLA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3f19f9-8395-4088-af17-e5ca67c11533/1/vPnwsJRzjFKC-_SzBnDsX9y1id8.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/3f19f9-8395-4088-af17-e5ca67c11533/1/vPnwsJRzjFKC-_SzBnDsX9y1id8.mft rsync://rpki.ripe.net/repository/DEFAULT/vPnwsJRzjFKC-_SzBnDsX9y1id8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:72:01:73:8f:17:fd:75:f3:28:f2:3d:8f:00:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bcf9f0b094738c5282fbf4b30670ec5fdcb589df Validity Not Before: Dec 24 19:01:02 2025 GMT Not After : Dec 25 19:01:02 2025 GMT Subject: CN=793b239f6e6f69a6a3cb59001f37569459d0e820 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:57:c3:27:f8:02:b5:32:e7:97:bb:e1:c8:a0: ae:de:fe:3e:06:76:9f:0f:b5:17:aa:ef:0b:1f:5a: 0a:4b:53:01:52:19:09:0d:c4:f2:37:ce:81:fe:03: f8:8f:3d:f1:0f:91:c3:1d:68:d4:6d:c4:4b:52:9a: d6:64:e9:2e:6c:a8:6f:49:84:ee:12:4e:4f:aa:55: 03:3b:26:f5:e9:53:93:62:4d:11:43:20:47:fc:e5: d5:77:f6:4d:c2:49:d2:de:3e:4b:99:74:1f:71:60: 64:f3:38:01:12:67:62:d5:4c:e5:7d:37:5c:89:05: de:7d:65:3a:1f:de:9f:5f:86:54:3a:a4:43:c2:ff: 34:ee:75:56:ee:06:2d:1f:3e:5a:0d:cc:5f:2d:4b: fb:77:60:ce:7c:ca:7b:35:f9:f4:1f:97:26:23:1a: 81:17:4c:20:7d:c3:1e:f8:d9:d9:42:5d:eb:bb:8d: d1:9c:d4:27:4c:0b:90:44:4d:6d:8e:2e:f1:cc:55: a7:60:f1:c7:07:ef:75:d4:8f:db:95:d3:3a:5c:86: 79:58:f3:0b:a0:d5:54:04:77:b5:46:67:64:d2:90: ee:a5:bd:2d:7b:7e:9f:e1:54:bd:2d:d2:e5:86:6f: cc:5a:45:20:bb:85:a5:d2:cc:25:cb:3c:b2:fa:e3: 9f:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:3B:23:9F:6E:6F:69:A6:A3:CB:59:00:1F:37:56:94:59:D0:E8:20 X509v3 Authority Key Identifier: keyid:BC:F9:F0:B0:94:73:8C:52:82:FB:F4:B3:06:70:EC:5F:DC:B5:89:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPnwsJRzjFKC-_SzBnDsX9y1id8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3f19f9-8395-4088-af17-e5ca67c11533/1/vPnwsJRzjFKC-_SzBnDsX9y1id8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3f19f9-8395-4088-af17-e5ca67c11533/1/vPnwsJRzjFKC-_SzBnDsX9y1id8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:de:83:8a:cd:ec:d5:47:53:2b:d1:c0:59:07:59:2a:10:d0: b1:21:75:be:9b:a1:15:c0:a9:12:7e:70:69:49:73:7a:70:22: a1:eb:49:5a:74:38:1d:ae:0a:25:b3:c1:81:01:73:81:17:ff: 3f:f2:8c:ab:35:4a:ac:d4:13:81:aa:e3:88:7f:90:84:b6:b8: 7a:bd:c8:e3:4a:63:09:32:b4:04:a1:42:f5:0b:1d:93:2d:bd: c6:e0:34:51:72:e2:83:ce:73:2e:98:88:58:4c:75:25:5e:21: e0:cf:f1:ef:3e:6f:e6:11:90:ed:9f:17:03:35:27:77:8c:53: 35:38:bb:78:69:64:ac:49:14:e0:8f:35:ef:74:8c:a4:1f:5a: 5b:29:58:1a:1d:02:c3:51:5b:cc:f9:a6:d1:ce:93:15:a3:52: fd:dd:54:2e:63:f1:d5:e1:64:ce:6d:1d:65:4d:c7:02:df:a1: 93:d1:e9:63:e6:a3:d8:35:3e:10:a4:13:a2:ec:4b:1b:f8:0f: ab:a9:d3:38:46:5f:92:dc:a1:84:05:b6:ff:af:80:a3:fc:c8: 25:9b:ac:c7:db:98:8f:5a:d9:d2:76:53:b4:1c:27:79:fa:f8: 71:03:e6:81:3c:44:d5:1b:5d:0c:d4:1c:00:4f:1b:b1:30:93: b4:0c:05:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvHIBc48X/XXzKPI9jwD/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjZjlmMGIwOTQ3MzhjNTI4MmZiZjRiMzA2NzBlYzVmZGNi NTg5ZGYwHhcNMjUxMjI0MTkwMTAyWhcNMjUxMjI1MTkwMTAyWjAzMTEwLwYDVQQD Eyg3OTNiMjM5ZjZlNmY2OWE2YTNjYjU5MDAxZjM3NTY5NDU5ZDBlODIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51fDJ/gCtTLnl7vhyKCu3v4+Bnaf D7UXqu8LH1oKS1MBUhkJDcTyN86B/gP4jz3xD5HDHWjUbcRLUprWZOkubKhvSYTu Ek5PqlUDOyb16VOTYk0RQyBH/OXVd/ZNwknS3j5LmXQfcWBk8zgBEmdi1UzlfTdc iQXefWU6H96fX4ZUOqRDwv807nVW7gYtHz5aDcxfLUv7d2DOfMp7Nfn0H5cmIxqB F0wgfcMe+NnZQl3ru43RnNQnTAuQRE1tji7xzFWnYPHHB+911I/bldM6XIZ5WPML oNVUBHe1Rmdk0pDupb0te36f4VS9LdLlhm/MWkUgu4Wl0swlyzyy+uOfvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHk7I59ub2mmo8tZAB83VpRZ0OggMB8GA1UdIwQY MBaAFLz58LCUc4xSgvv0swZw7F/ctYnfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlBud3NKUnpqRktDLV9TekJuRHNYOXkxaWQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZjE5ZjktODM5NS00MDg4LWFmMTct ZTVjYTY3YzExNTMzLzEvdlBud3NKUnpqRktDLV9TekJuRHNYOXkxaWQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8zZjE5ZjktODM5NS00MDg4LWFmMTctZTVjYTY3YzExNTMz LzEvdlBud3NKUnpqRktDLV9TekJuRHNYOXkxaWQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABt6Dis3s 1UdTK9HAWQdZKhDQsSF1vpuhFcCpEn5waUlzenAioetJWnQ4Ha4KJbPBgQFzgRf/ P/KMqzVKrNQTgarjiH+QhLa4er3I40pjCTK0BKFC9Qsdky29xuA0UXLig85zLpiI WEx1JV4h4M/x7z5v5hGQ7Z8XAzUnd4xTNTi7eGlkrEkU4I8173SMpB9aWylYGh0C w1FbzPmm0c6TFaNS/d1ULmPx1eFkzm0dZU3HAt+hk9HpY+aj2DU+EKQTouxLG/gP q6nTOEZfktyhhAW2/6+Ao/zIJZusx9uYj1rZ0nZTtBwnefr4cQPmgTxE1RtdDNQc AE8bsTCTtAwFBQ== -----END CERTIFICATE-----Generated at Thu Dec 25 03:40:01 2025 by rpki-client