This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.mft File: s5Pfh3vy8M8BqXGJc-ru6HsGl9k.mft (raw, json) Hash identifier: wZzhqTIKdHT5OphhjhSa7ZYFtPeLl3un+xu9geJwgs0= Subject key identifier: 78:5B:35:32:D3:B8:E3:C8:F4:9D:2A:76:B3:34:CE:F4:35:FC:78:9E Authority key identifier: B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9 Certificate issuer: /CN=b393df877bf2f0cf01a9718973eaeee87b0697d9 Certificate serial: 019B3B6B6322E8900E3DD415AA583785C4A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.mft Manifest number: 1163 Signing time: Sat 20 Dec 2025 11:00:51 +0000 Manifest this update: Sat 20 Dec 2025 11:00:51 +0000 Manifest next update: Sun 21 Dec 2025 11:00:51 +0000 Files and hashes: 1: GhdbZGuzA1z36-UUonZ5zaCX38Q.roa (hash: gEgIQ1ixFSRgI4FI7VMbdhgtgY8jLC1wmNutDGTQS80=) 2: NItMcfmuUtS9SnSR4ZKm4r93TXs.roa (hash: F3sutapYp582NIFvW6vfwf2KF7d5dSaqH83k0FhwJoc=) 3: QCQJObKakvoo4ygnw5Fh20FS0Ts.roa (hash: pr5RHo/glhDEkjitYcq1TogKj+NW5j/LUqIM2EWPEaw=) 4: UVdJ6rkBr4eKgNxEkOLstufV6r8.roa (hash: +gXeK3tudL2I9QvUvgp4q5Jq/oJHp1PYKMtr+laCpNs=) 5: VtsYZXVJAZoFqneDgMrcdY1ZLqo.roa (hash: iydD1kql5GaDH+9KnMFCTe4zA6F46avj8WklVHWfoCY=) 6: YaM_6GNAfAUY1a7EBWWPiZdkY80.roa (hash: imYp4kHblD7OJu3xkBBiybF6gSfL+pAE8EuXrkCO7Ws=) 7: eulbDis-0B0z9GbHcqEo9NdV9rU.roa (hash: r5N8Yg0+954vST6YgvvV4VsOdx/dWOgqxmrlpu8jwtw=) 8: peZQPUG6EREQXk9fJ6XL9FgtEhs.roa (hash: dkv5IIQlSg33elfikzY5ije40KJ3f2E2+53gSCvVzhE=) 9: s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl (hash: BW2/JfNgPCfrp2D1dVINe5L62EDmWKwpldv/5ndifxY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.mft rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 11:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:63:22:e8:90:0e:3d:d4:15:aa:58:37:85:c4:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b393df877bf2f0cf01a9718973eaeee87b0697d9 Validity Not Before: Dec 20 11:00:51 2025 GMT Not After : Dec 21 11:00:51 2025 GMT Subject: CN=785b3532d3b8e3c8f49d2a76b334cef435fc789e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b5:95:cb:03:ad:e1:a0:fc:d9:df:7c:63:5f: d7:63:2f:3b:0e:a1:f2:5c:a3:b5:0c:78:33:21:b7: e3:bd:41:26:db:1b:6f:04:28:49:79:a0:a6:ff:41: d0:62:56:be:25:f9:2b:2d:8c:d1:1c:82:b7:cb:1e: 2e:de:a4:a5:84:49:9a:a3:c3:43:67:58:d9:c4:3f: b8:14:8c:a9:da:7f:43:3e:46:7b:c1:34:49:fd:b6: 50:73:21:95:75:d2:89:ed:f2:fd:c7:64:6a:f5:61: 9f:fb:50:89:b4:47:28:9d:d9:78:e0:a7:b1:86:50: d0:cf:1c:f7:a0:76:f9:de:a1:28:b2:b6:69:5f:ba: e7:3f:44:7f:c3:18:4d:53:5f:bf:18:58:cb:d2:40: 58:98:7a:1c:7d:b9:02:e1:e5:c5:0c:ff:29:6e:a7: ac:a0:89:1b:41:45:26:80:75:53:3a:42:7b:85:40: 1a:4f:10:b5:a8:89:91:9a:18:25:8d:f7:cc:4b:4e: 61:0e:65:ad:fc:4c:f1:81:21:a0:2e:fe:1d:81:d0: 94:2a:f0:3d:7d:fe:94:f4:c0:5c:ca:0b:da:58:22: be:12:f7:48:7b:d1:e5:fd:88:d5:b4:8d:ec:c9:ae: 8a:9c:76:6f:57:77:27:c0:5b:09:d5:15:89:26:16: 3d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:5B:35:32:D3:B8:E3:C8:F4:9D:2A:76:B3:34:CE:F4:35:FC:78:9E X509v3 Authority Key Identifier: keyid:B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c4:3b:f7:05:6f:d2:a7:22:7f:c9:f6:dc:13:fa:a9:f2:86:c8: fd:85:fd:f2:41:15:f3:35:b6:84:8f:67:88:57:fc:04:fe:f0: 36:48:71:3c:dc:b7:ad:49:c2:af:a5:2a:25:ef:e0:d6:81:84: 57:23:ba:20:d2:ae:14:73:c0:9c:33:25:d9:ec:c5:15:a2:ea: 6a:70:6d:6a:cd:08:4b:f7:7a:5a:04:10:ab:b8:86:35:43:d5: 69:75:6b:79:7d:89:86:13:d2:4c:bc:2b:35:c1:55:6f:27:57: 0e:02:a6:d4:dd:95:6d:26:0f:33:13:93:df:2c:92:96:30:56: 0f:75:79:a8:b5:e8:36:d5:4b:71:4c:ee:70:97:6f:ae:5a:c6: 4d:eb:c6:58:e0:09:6e:35:7f:ad:68:99:09:20:e3:b9:92:b6: 14:2e:21:bd:87:72:38:24:3d:53:8e:99:a7:52:8f:ab:15:49: 54:ee:60:ac:06:7f:d6:81:ab:27:7f:57:3e:25:22:9a:c4:96: ff:18:f4:6e:52:48:4b:82:ec:38:08:62:d5:03:55:70:ab:04: 05:06:a2:78:21:cf:1a:af:16:a5:7b:11:ff:9e:54:a4:0e:e8: e0:b9:ad:81:dc:b1:f2:7c:fb:da:90:6e:96:ab:7e:69:36:d0: 3c:9d:67:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7a2Mi6JAOPdQVqlg3hcSlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzOTNkZjg3N2JmMmYwY2YwMWE5NzE4OTczZWFlZWU4N2Iw Njk3ZDkwHhcNMjUxMjIwMTEwMDUxWhcNMjUxMjIxMTEwMDUxWjAzMTEwLwYDVQQD Eyg3ODViMzUzMmQzYjhlM2M4ZjQ5ZDJhNzZiMzM0Y2VmNDM1ZmM3ODllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLWVywOt4aD82d98Y1/XYy87DqHy XKO1DHgzIbfjvUEm2xtvBChJeaCm/0HQYla+JfkrLYzRHIK3yx4u3qSlhEmao8ND Z1jZxD+4FIyp2n9DPkZ7wTRJ/bZQcyGVddKJ7fL9x2Rq9WGf+1CJtEcondl44Kex hlDQzxz3oHb53qEosrZpX7rnP0R/wxhNU1+/GFjL0kBYmHocfbkC4eXFDP8pbqes oIkbQUUmgHVTOkJ7hUAaTxC1qImRmhgljffMS05hDmWt/EzxgSGgLv4dgdCUKvA9 ff6U9MBcygvaWCK+EvdIe9Hl/YjVtI3sya6KnHZvV3cnwFsJ1RWJJhY9ewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHhbNTLTuOPI9J0qdrM0zvQ1/HieMB8GA1UdIwQY MBaAFLOT34d78vDPAalxiXPq7uh7BpfZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYt Mzk2YmM3MjBlMmI0LzEvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYtMzk2YmM3MjBlMmI0 LzEvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxDv3BW/S pyJ/yfbcE/qp8obI/YX98kEV8zW2hI9niFf8BP7wNkhxPNy3rUnCr6UqJe/g1oGE VyO6INKuFHPAnDMl2ezFFaLqanBtas0IS/d6WgQQq7iGNUPVaXVreX2JhhPSTLwr NcFVbydXDgKm1N2VbSYPMxOT3yySljBWD3V5qLXoNtVLcUzucJdvrlrGTevGWOAJ bjV/rWiZCSDjuZK2FC4hvYdyOCQ9U46Zp1KPqxVJVO5grAZ/1oGrJ39XPiUimsSW /xj0blJIS4LsOAhi1QNVcKsEBQaieCHPGq8WpXsR/55UpA7o4Lmtgdyx8nz72pBu lqt+aTbQPJ1nQw== -----END CERTIFICATE-----Generated at Sat Dec 20 20:53:34 2025 by rpki-client