This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft File: 9naIfyLs2o0HSBWgvPkfr4GUKr0.mft (raw, json) Hash identifier: nSnEthpz8B1/YQvGbNphCQEWlsavSJwQli5YbZvYAog= Subject key identifier: 82:42:CE:65:DE:C1:24:71:41:1B:B0:1A:77:22:61:54:38:87:3F:16 Authority key identifier: F6:76:88:7F:22:EC:DA:8D:07:48:15:A0:BC:F9:1F:AF:81:94:2A:BD Certificate issuer: /CN=f676887f22ecda8d074815a0bcf91faf81942abd Certificate serial: 019B3F7ECBDD70D66FA405809CEEE05D9A96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft Manifest number: 0A54 Signing time: Sun 21 Dec 2025 06:00:32 +0000 Manifest this update: Sun 21 Dec 2025 06:00:32 +0000 Manifest next update: Mon 22 Dec 2025 06:00:32 +0000 Files and hashes: 1: 1--aJOHbG2HarYQRIFHME9kGdrI8.roa (hash: e0PFqEIF1I8KQrFh+AG+JLWzJuU3cKKiEgrK5TdCBkw=) 2: 9naIfyLs2o0HSBWgvPkfr4GUKr0.crl (hash: MeouLnupjrXIlGp1rcF4zcPNjWGASqSHUs/M6UxL70w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7e:cb:dd:70:d6:6f:a4:05:80:9c:ee:e0:5d:9a:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f676887f22ecda8d074815a0bcf91faf81942abd Validity Not Before: Dec 21 06:00:32 2025 GMT Not After : Dec 22 06:00:32 2025 GMT Subject: CN=8242ce65dec12471411bb01a7722615438873f16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a2:45:7b:59:49:40:fc:72:a8:12:14:56:6b: a8:8e:d1:a5:48:ea:4b:56:a2:51:6f:7b:cc:19:c0: a5:90:c0:41:78:08:06:da:9c:5f:2d:43:f8:69:c4: 30:e5:f5:90:c1:37:dd:72:41:ae:49:95:25:53:05: 34:8d:ed:8a:c9:4a:c2:a1:6e:8d:5f:f8:79:bf:f2: cf:1d:73:9e:46:9c:22:26:15:68:cd:52:8b:68:78: 3c:19:cf:f7:c9:14:e3:b0:f9:65:59:d6:47:1e:88: 35:71:11:12:4f:52:36:f8:da:f0:5e:e6:84:9e:f6: c6:89:59:1f:cf:4a:6e:f2:13:44:d0:31:12:5c:72: ee:89:20:3d:2c:3b:0e:80:25:f3:a9:04:27:3f:46: 7f:ad:c7:8b:71:5f:bc:f7:93:6b:6f:f8:58:c1:0e: 8c:bc:d5:48:de:eb:17:78:2f:fb:7c:47:06:22:d5: 1a:f4:45:ea:cb:37:75:45:26:dd:83:ef:44:9c:a4: 5b:1f:99:14:89:2f:cd:d7:b7:d2:86:5c:2d:3c:de: 17:45:31:8a:2d:cb:3d:52:59:fb:68:e2:ff:d4:5b: 89:f4:b7:51:fd:dd:1f:71:da:81:9f:57:42:6d:76: 90:20:d3:7d:2b:f0:43:aa:f1:91:e1:21:77:f0:a4: 71:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:42:CE:65:DE:C1:24:71:41:1B:B0:1A:77:22:61:54:38:87:3F:16 X509v3 Authority Key Identifier: keyid:F6:76:88:7F:22:EC:DA:8D:07:48:15:A0:BC:F9:1F:AF:81:94:2A:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9naIfyLs2o0HSBWgvPkfr4GUKr0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cbc4bb-999c-4988-a1e1-cd2dcb355655/1/9naIfyLs2o0HSBWgvPkfr4GUKr0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d0:e5:4a:69:7b:52:a2:2f:47:ec:bb:d9:3e:4f:40:9a:21:16: 47:57:c8:17:20:11:07:b5:4c:cd:df:d4:2c:cd:e2:cb:59:e9: 76:09:b7:2b:62:9e:b6:41:14:02:87:d1:23:bd:f2:25:ac:1b: 06:38:18:67:47:9e:44:bf:7c:9e:e0:cd:e5:b7:09:4f:4b:1c: 15:73:7b:40:97:c8:76:fb:9e:52:5f:bf:5f:18:f9:a2:80:55: 81:e5:da:c2:70:2f:1e:62:e8:99:ae:78:df:af:9e:9a:94:d3: 95:21:2b:41:23:75:b3:00:96:df:df:77:6a:73:2d:c3:e2:6c: ae:ad:dc:c0:75:e7:3d:5f:21:24:8b:2b:14:7e:a1:f7:3b:81: b1:bf:75:c1:12:9a:7e:e8:70:3f:ac:d0:89:94:12:40:61:d4: b2:0c:92:53:28:81:4e:8e:7a:ae:85:4d:42:93:c6:20:90:15: fa:a4:3a:03:c2:ac:64:41:36:5a:63:dc:6d:d4:29:64:f4:71: a4:26:b9:ed:d3:25:68:c4:65:90:9b:10:6e:11:66:10:41:ef: a0:04:99:08:de:6b:75:22:ba:4d:dd:35:ef:ed:fd:6c:fb:ee: d2:1f:28:fc:72:6a:e3:2e:e7:e9:71:d1:92:ff:23:5a:a1:84: dd:44:c1:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/fsvdcNZvpAWAnO7gXZqWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY2NzY4ODdmMjJlY2RhOGQwNzQ4MTVhMGJjZjkxZmFmODE5 NDJhYmQwHhcNMjUxMjIxMDYwMDMyWhcNMjUxMjIyMDYwMDMyWjAzMTEwLwYDVQQD Eyg4MjQyY2U2NWRlYzEyNDcxNDExYmIwMWE3NzIyNjE1NDM4ODczZjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKJFe1lJQPxyqBIUVmuojtGlSOpL VqJRb3vMGcClkMBBeAgG2pxfLUP4acQw5fWQwTfdckGuSZUlUwU0je2KyUrCoW6N X/h5v/LPHXOeRpwiJhVozVKLaHg8Gc/3yRTjsPllWdZHHog1cREST1I2+NrwXuaE nvbGiVkfz0pu8hNE0DESXHLuiSA9LDsOgCXzqQQnP0Z/rceLcV+895Nrb/hYwQ6M vNVI3usXeC/7fEcGItUa9EXqyzd1RSbdg+9EnKRbH5kUiS/N17fShlwtPN4XRTGK Lcs9Uln7aOL/1FuJ9LdR/d0fcdqBn1dCbXaQINN9K/BDqvGR4SF38KRxrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIJCzmXewSRxQRuwGnciYVQ4hz8WMB8GA1UdIwQY MBaAFPZ2iH8i7NqNB0gVoLz5H6+BlCq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jYmM0YmItOTk5Yy00OTg4LWExZTEt Y2QyZGNiMzU1NjU1LzEvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9jYmM0YmItOTk5Yy00OTg4LWExZTEtY2QyZGNiMzU1NjU1 LzEvOW5hSWZ5THMybzBIU0JXZ3ZQa2ZyNEdVS3IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0OVKaXtS oi9H7LvZPk9AmiEWR1fIFyARB7VMzd/ULM3iy1npdgm3K2KetkEUAofRI73yJawb BjgYZ0eeRL98nuDN5bcJT0scFXN7QJfIdvueUl+/Xxj5ooBVgeXawnAvHmLoma54 36+empTTlSErQSN1swCW3993anMtw+Jsrq3cwHXnPV8hJIsrFH6h9zuBsb91wRKa fuhwP6zQiZQSQGHUsgySUyiBTo56roVNQpPGIJAV+qQ6A8KsZEE2WmPcbdQpZPRx pCa57dMlaMRlkJsQbhFmEEHvoASZCN5rdSK6Td017+39bPvu0h8o/HJq4y7n6XHR kv8jWqGE3UTBRA== -----END CERTIFICATE-----Generated at Sun Dec 21 08:20:24 2025 by rpki-client