This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.mft File: 43ipS5lk6l6fiwWThwK6WDFrUA8.mft (raw, json) Hash identifier: sFiZhtQ/rw4RCAfSuupNtCM75ssoiAQkC46mUvK66Rs= Subject key identifier: 66:34:D0:6B:71:CA:C4:96:C9:1E:6C:E0:6A:00:63:85:94:FB:99:44 Authority key identifier: E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F Certificate issuer: /CN=e378a94b9964ea5e9f8b05938702ba58316b500f Certificate serial: 019B416D497CE4C1673023A9D9706D436683 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.mft Manifest number: 171A Signing time: Sun 21 Dec 2025 15:00:39 +0000 Manifest this update: Sun 21 Dec 2025 15:00:39 +0000 Manifest next update: Mon 22 Dec 2025 15:00:39 +0000 Files and hashes: 1: 43ipS5lk6l6fiwWThwK6WDFrUA8.crl (hash: qp7IZQFTouQO9Qe5eDnj5dMeUnBSoVc89xTCmrmkRkU=) 2: vvNRTPRqU8Pnch_p0B0gqgkil_Q.roa (hash: nLSnGecWyvHzo3G0jRopUHVVK/4X1Sw9XUMyVphgWSE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.crl rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.mft rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:49:7c:e4:c1:67:30:23:a9:d9:70:6d:43:66:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e378a94b9964ea5e9f8b05938702ba58316b500f Validity Not Before: Dec 21 15:00:39 2025 GMT Not After : Dec 22 15:00:39 2025 GMT Subject: CN=6634d06b71cac496c91e6ce06a00638594fb9944 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a2:50:66:12:d1:5b:95:31:71:fe:ba:ab:70: b9:a0:7e:40:e9:8b:5c:95:08:01:26:1b:e2:70:97: 18:fe:c8:0d:09:4a:ea:26:e3:4d:85:11:07:96:3c: 9e:6c:14:f3:1b:c5:bd:35:5b:7a:13:27:83:8e:dd: 96:b5:41:9e:25:eb:a0:d1:c0:ac:de:c1:04:43:fc: b1:94:56:46:fc:79:53:5b:f7:08:4e:11:b6:b1:d6: 5a:50:e2:a8:c5:b1:6e:b9:84:08:5f:13:49:30:c2: 1d:8b:f4:61:9e:56:17:53:5c:0c:c1:41:b8:07:15: 63:f4:51:30:30:6d:af:c1:5f:2a:ec:e4:48:07:e6: e8:e3:41:06:79:c3:f0:2c:ee:aa:5c:44:1b:13:cd: d3:4c:2a:5d:5b:8a:d8:af:a1:03:58:43:49:73:1c: bc:c8:78:0a:76:24:bf:90:68:72:92:38:e9:4b:e2: 2a:48:12:f5:ac:49:33:b9:e9:2e:51:e0:75:8f:7d: 93:7e:ba:6a:dc:db:10:d3:3c:be:28:bd:72:8c:cc: 50:d8:66:03:2e:ad:c4:62:ab:51:30:1d:4d:06:d6: b8:68:74:9a:9a:a2:ce:85:c7:6c:78:9d:62:0b:ae: e0:12:e5:6c:8c:6b:80:b1:8d:47:f2:7c:03:d5:eb: 20:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:34:D0:6B:71:CA:C4:96:C9:1E:6C:E0:6A:00:63:85:94:FB:99:44 X509v3 Authority Key Identifier: keyid:E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:af:4d:04:83:98:72:98:c4:86:9e:67:5b:14:f5:95:49:44: 3f:69:a1:c2:59:fb:7c:3d:20:2e:b4:b2:d7:d6:99:32:89:d4: f6:e7:26:15:c5:9a:83:42:b7:f6:e8:38:50:06:82:66:1e:eb: 85:6b:7b:7b:39:b5:21:e6:3d:d9:3c:be:b9:ca:82:22:82:f1: 8e:02:75:90:27:3b:ab:42:41:56:a7:85:60:44:e4:87:8c:0e: 7c:f5:53:52:0f:18:60:5a:54:bf:f4:83:ea:f4:41:40:74:45: 0a:9a:5e:1d:f5:3e:ef:70:72:ce:cf:c5:2a:15:70:65:9b:a0: cf:d4:18:4f:67:02:5d:b5:81:f0:cf:8a:e5:32:18:eb:e1:cd: 79:79:ff:b6:2d:a5:69:a6:70:a1:6b:a3:8c:76:be:86:6e:de: 8c:a9:0d:46:30:f0:88:a2:20:03:2d:43:e7:2e:46:da:37:47: c5:96:ed:a9:0a:26:18:06:0c:31:ca:9f:1d:21:bd:2b:1c:7b: 78:b0:28:b2:3c:fd:91:c9:44:e5:6c:3d:04:b5:ac:71:e1:ec: 2b:0c:d0:72:18:6d:13:30:30:cf:6b:ee:e5:e9:dc:91:1d:26: 5b:9c:4a:1e:4d:66:5c:13:96:75:fe:9e:c8:87:ec:12:dc:97: 03:5f:20:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbUl85MFnMCOp2XBtQ2aDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzNzhhOTRiOTk2NGVhNWU5ZjhiMDU5Mzg3MDJiYTU4MzE2 YjUwMGYwHhcNMjUxMjIxMTUwMDM5WhcNMjUxMjIyMTUwMDM5WjAzMTEwLwYDVQQD Eyg2NjM0ZDA2YjcxY2FjNDk2YzkxZTZjZTA2YTAwNjM4NTk0ZmI5OTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKJQZhLRW5Uxcf66q3C5oH5A6Ytc lQgBJhvicJcY/sgNCUrqJuNNhREHljyebBTzG8W9NVt6EyeDjt2WtUGeJeug0cCs 3sEEQ/yxlFZG/HlTW/cIThG2sdZaUOKoxbFuuYQIXxNJMMIdi/RhnlYXU1wMwUG4 BxVj9FEwMG2vwV8q7ORIB+bo40EGecPwLO6qXEQbE83TTCpdW4rYr6EDWENJcxy8 yHgKdiS/kGhykjjpS+IqSBL1rEkzuekuUeB1j32Tfrpq3NsQ0zy+KL1yjMxQ2GYD Lq3EYqtRMB1NBta4aHSamqLOhcdseJ1iC67gEuVsjGuAsY1H8nwD1esgcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGY00GtxysSWyR5s4GoAY4WU+5lEMB8GA1UdIwQY MBaAFON4qUuZZOpen4sFk4cCulgxa1APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUt ZjQyMTc2Y2QwNDQ1LzEvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUtZjQyMTc2Y2QwNDQ1 LzEvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaa9NBIOY cpjEhp5nWxT1lUlEP2mhwln7fD0gLrSy19aZMonU9ucmFcWag0K39ug4UAaCZh7r hWt7ezm1IeY92Ty+ucqCIoLxjgJ1kCc7q0JBVqeFYETkh4wOfPVTUg8YYFpUv/SD 6vRBQHRFCppeHfU+73Byzs/FKhVwZZugz9QYT2cCXbWB8M+K5TIY6+HNeXn/ti2l aaZwoWujjHa+hm7ejKkNRjDwiKIgAy1D5y5G2jdHxZbtqQomGAYMMcqfHSG9Kxx7 eLAosjz9kclE5Ww9BLWsceHsKwzQchhtEzAwz2vu5enckR0mW5xKHk1mXBOWdf6e yIfsEtyXA18gOg== -----END CERTIFICATE-----Generated at Sun Dec 21 22:49:57 2025 by rpki-client