This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft File: vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft (raw, json) Hash identifier: YIcmpP4cp2xC4Q5SB33aZPw3C+FbivXOGCjIFEaOKT4= Subject key identifier: 2A:89:43:79:77:00:C7:93:B1:40:2B:D7:30:C0:E5:25:CC:6D:C2:FE Authority key identifier: BD:B2:4D:F4:A7:C9:AA:21:31:D8:57:50:3B:93:D6:0F:7F:B5:1B:D9 Certificate issuer: /CN=bdb24df4a7c9aa2131d857503b93d60f7fb51bd9 Certificate serial: 019B2F672E4B674B8272A34822684E18AA04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft Manifest number: 044F Signing time: Thu 18 Dec 2025 03:00:49 +0000 Manifest this update: Thu 18 Dec 2025 03:00:49 +0000 Manifest next update: Fri 19 Dec 2025 03:00:49 +0000 Files and hashes: 1: AFVAjCiROQ32Z_efvRaORNpa2fQ.roa (hash: STiLszZIpw1MlrUzOI5Ii3ZfZdoAbfQenvPasDTHJCA=) 2: vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl (hash: zy/QOQlVtI8g8L2AOWqvWZ4+VvPnC4d+O9jTRPoLPN4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 03:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:67:2e:4b:67:4b:82:72:a3:48:22:68:4e:18:aa:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdb24df4a7c9aa2131d857503b93d60f7fb51bd9 Validity Not Before: Dec 18 03:00:49 2025 GMT Not After : Dec 19 03:00:49 2025 GMT Subject: CN=2a8943797700c793b1402bd730c0e525cc6dc2fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:6a:3a:82:4e:35:c8:71:52:0a:d8:1d:46:fa: a9:f2:c9:6c:09:cd:7a:91:3d:b8:db:1b:04:04:98: 2e:96:a6:18:1c:7c:72:31:31:da:17:3e:96:3d:ac: 46:2b:aa:81:60:d6:f2:bb:a2:b7:73:0f:76:c8:ac: 14:b9:c9:80:c9:a5:0d:a3:57:31:1f:fd:7c:30:b7: 9f:5a:3a:f6:1d:30:17:b8:f1:34:9f:bc:01:26:8f: 27:f9:d8:2c:a3:84:f8:44:fb:4a:64:c4:e6:d6:a1: a9:49:eb:7e:ab:9e:96:52:11:14:13:0e:90:91:92: 85:71:53:db:e4:2b:9a:00:ae:74:43:71:85:1e:e2: f4:35:c8:8e:50:4c:30:c0:ce:0a:88:c9:8a:d8:ca: 3a:05:cd:1d:a1:b6:4e:f9:3f:46:d5:58:6f:37:d3: b9:c8:14:50:db:44:ab:8b:00:6f:76:cd:16:df:11: 61:43:f4:78:4e:b3:35:6c:f4:51:94:41:08:ff:25: 33:35:8a:5a:00:cd:a5:60:2b:b0:47:40:f4:46:34: 90:54:75:b8:da:4c:bc:a2:f3:6b:79:17:94:b2:84: 55:45:63:3a:17:60:f1:bc:19:1c:c1:43:f2:63:4a: 4d:34:6e:98:6c:ca:50:ef:f2:64:d3:fa:c5:2d:79: 86:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:89:43:79:77:00:C7:93:B1:40:2B:D7:30:C0:E5:25:CC:6D:C2:FE X509v3 Authority Key Identifier: keyid:BD:B2:4D:F4:A7:C9:AA:21:31:D8:57:50:3B:93:D6:0F:7F:B5:1B:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:90:88:f6:c5:09:f1:df:94:8e:57:38:89:42:38:00:7e:22: 5c:ed:1e:52:ac:87:60:ed:41:68:e5:9f:c7:ca:38:95:d2:9c: 0b:ee:0b:1b:7f:11:bf:ab:f8:68:74:89:dc:cd:c5:6c:b2:e1: 7d:5f:19:1d:80:c4:b9:30:28:b4:6e:d8:4a:80:e1:08:d7:f8: d6:25:96:39:d5:0a:07:45:a9:de:01:1d:e4:61:bf:38:8f:95: 6e:84:94:5a:a5:9e:5a:fc:57:fa:76:9a:10:26:e1:81:36:48: ef:12:d8:c7:c2:b5:dd:bd:3d:96:6e:78:9a:b0:55:4b:45:e9: d0:0e:ac:00:9b:c2:e9:03:19:89:cb:8f:3b:9d:7c:7e:a0:71: 01:76:82:23:4b:f9:e0:ea:eb:e4:10:0f:3c:e3:5e:31:2a:23: e9:eb:bc:41:06:9e:9e:24:20:b4:5a:c7:6f:59:c9:1c:df:46: a3:fb:4e:81:9d:54:fd:cc:f3:aa:a0:d0:67:98:94:7f:35:69: bd:50:6e:04:4a:ff:41:cb:39:c0:96:41:14:fa:49:4f:cd:51: 55:f6:21:f2:6e:26:c8:7b:8e:6d:32:0b:b1:78:99:a3:cb:0f: 3b:5d:f6:08:99:e2:c1:74:be:46:cb:b9:91:00:8a:96:07:33: c4:13:5c:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvZy5LZ0uCcqNIImhOGKoEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkYjI0ZGY0YTdjOWFhMjEzMWQ4NTc1MDNiOTNkNjBmN2Zi NTFiZDkwHhcNMjUxMjE4MDMwMDQ5WhcNMjUxMjE5MDMwMDQ5WjAzMTEwLwYDVQQD EygyYTg5NDM3OTc3MDBjNzkzYjE0MDJiZDczMGMwZTUyNWNjNmRjMmZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumo6gk41yHFSCtgdRvqp8slsCc16 kT242xsEBJgulqYYHHxyMTHaFz6WPaxGK6qBYNbyu6K3cw92yKwUucmAyaUNo1cx H/18MLefWjr2HTAXuPE0n7wBJo8n+dgso4T4RPtKZMTm1qGpSet+q56WUhEUEw6Q kZKFcVPb5CuaAK50Q3GFHuL0NciOUEwwwM4KiMmK2Mo6Bc0dobZO+T9G1VhvN9O5 yBRQ20SriwBvds0W3xFhQ/R4TrM1bPRRlEEI/yUzNYpaAM2lYCuwR0D0RjSQVHW4 2ky8ovNreReUsoRVRWM6F2DxvBkcwUPyY0pNNG6YbMpQ7/Jk0/rFLXmGJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCqJQ3l3AMeTsUAr1zDA5SXMbcL+MB8GA1UdIwQY MBaAFL2yTfSnyaohMdhXUDuT1g9/tRvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wMTAyYzctYjRlYS00YmFiLWI3NzAt ZDMwYWViMWMyMGNhLzEvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC8wMTAyYzctYjRlYS00YmFiLWI3NzAtZDMwYWViMWMyMGNh LzEvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJCI9sUJ 8d+Ujlc4iUI4AH4iXO0eUqyHYO1BaOWfx8o4ldKcC+4LG38Rv6v4aHSJ3M3FbLLh fV8ZHYDEuTAotG7YSoDhCNf41iWWOdUKB0Wp3gEd5GG/OI+VboSUWqWeWvxX+naa ECbhgTZI7xLYx8K13b09lm54mrBVS0Xp0A6sAJvC6QMZicuPO518fqBxAXaCI0v5 4Orr5BAPPONeMSoj6eu8QQaeniQgtFrHb1nJHN9Go/tOgZ1U/czzqqDQZ5iUfzVp vVBuBEr/Qcs5wJZBFPpJT81RVfYh8m4myHuObTILsXiZo8sPO132CJniwXS+Rsu5 kQCKlgczxBNcjA== -----END CERTIFICATE-----Generated at Thu Dec 18 12:47:57 2025 by rpki-client