This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft File: _ORf1v09kyaEwMW8J_T6YVoQkOA.mft (raw, json) Hash identifier: S+q4/JyVBfDuW5WgBd0EjQ6GplrO3cxMRY+PCAhRiYQ= Subject key identifier: 2E:47:C6:53:A4:2F:C9:C2:8E:05:57:46:EC:BD:D3:76:FF:F3:A2:4C Authority key identifier: FC:E4:5F:D6:FD:3D:93:26:84:C0:C5:BC:27:F4:FA:61:5A:10:90:E0 Certificate issuer: /CN=fce45fd6fd3d932684c0c5bc27f4fa615a1090e0 Certificate serial: 019B43254172200B608866F4F916BF03615E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft Manifest number: 0E0F Signing time: Sun 21 Dec 2025 23:01:13 +0000 Manifest this update: Sun 21 Dec 2025 23:01:13 +0000 Manifest next update: Mon 22 Dec 2025 23:01:13 +0000 Files and hashes: 1: 0q3J-c3dMCcb0fEi4kT4_OFKaDo.roa (hash: GFF2i9DOD9iNc83o9PQkrJQokdzx6TTVi4lrSIyhIgE=) 2: _ORf1v09kyaEwMW8J_T6YVoQkOA.crl (hash: P6xuEPjJ+sYMcgwuMuHrlykaOhTHKmLa2KW9jYQ6bFE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:25:41:72:20:0b:60:88:66:f4:f9:16:bf:03:61:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fce45fd6fd3d932684c0c5bc27f4fa615a1090e0 Validity Not Before: Dec 21 23:01:13 2025 GMT Not After : Dec 22 23:01:13 2025 GMT Subject: CN=2e47c653a42fc9c28e055746ecbdd376fff3a24c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:96:a0:a2:00:f1:1e:cc:8a:19:7c:75:55:90: d2:61:94:49:14:6d:3f:e6:4b:4f:29:11:ff:6e:d0: 90:60:b0:47:d0:68:bf:61:69:ba:04:7c:94:51:af: 97:73:ea:38:11:0f:0c:ab:2c:5b:ad:e1:75:7b:f8: 90:c1:43:68:37:fc:05:31:36:a8:f7:84:cc:6a:ad: 83:66:9c:81:e7:ec:fb:ee:e9:9d:c1:56:7f:b6:fe: 41:2a:77:2e:62:71:99:e9:3e:0e:ef:56:3d:f1:36: a2:f6:1c:96:73:83:11:54:f3:47:7a:f6:86:73:b5: d9:03:6f:d0:af:c2:d1:2a:79:2b:08:bf:a1:bd:d0: d1:6a:ad:aa:ac:16:d8:34:d7:31:37:ba:15:8d:9c: c0:8f:6f:10:f8:40:b1:1d:35:3b:3f:7b:70:e3:eb: 30:5a:d7:92:e7:0c:cf:13:10:66:50:78:15:6a:5c: 34:86:9e:7b:80:f6:8c:45:10:04:b7:ae:01:63:f4: 38:fe:bc:c3:f4:bf:c5:29:3c:96:24:85:71:fc:99: 0f:38:50:7f:97:f1:32:dc:4a:a9:a5:6f:33:09:bb: fb:20:cd:1f:41:86:d4:18:56:ea:2f:56:91:f0:aa: f4:04:58:56:21:36:af:89:0a:c9:de:85:9c:8c:e9: bd:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:47:C6:53:A4:2F:C9:C2:8E:05:57:46:EC:BD:D3:76:FF:F3:A2:4C X509v3 Authority Key Identifier: keyid:FC:E4:5F:D6:FD:3D:93:26:84:C0:C5:BC:27:F4:FA:61:5A:10:90:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ORf1v09kyaEwMW8J_T6YVoQkOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bf5a64-8aaf-44a8-bace-36850df4e997/1/_ORf1v09kyaEwMW8J_T6YVoQkOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:d6:25:3c:f8:6d:fc:3f:a2:9a:5b:d1:7b:e6:77:a7:26:81: d2:6e:a7:31:31:5d:40:c5:3c:a0:32:64:ca:b6:41:31:1f:da: be:5c:58:45:80:0c:de:a6:6f:0b:97:4b:a3:5f:88:6a:bb:6e: 8f:f3:a7:6f:8a:c0:c3:c0:08:4f:45:92:35:6b:38:ae:e0:e1: 4a:2c:50:48:73:f5:69:8c:06:da:e3:fe:06:54:50:74:36:9d: b7:43:22:25:e1:6e:80:c4:dd:07:7f:9c:44:20:fc:7d:32:1b: c9:49:5c:6d:6d:7a:26:66:df:1f:2d:16:86:5d:e2:0e:56:6c: 37:c7:6f:28:8a:57:3d:8c:77:15:ee:24:68:71:93:38:f7:63: 0e:13:6c:bf:d0:98:2c:4d:9b:9f:81:86:2a:ff:1f:27:86:43: 85:ad:14:11:6b:6a:71:56:3d:44:c3:12:ca:2d:42:55:76:e9: 0f:24:ea:83:d1:11:54:14:8c:29:ea:e2:c4:78:2f:c8:e7:9b: 33:8c:44:04:4e:aa:be:c0:42:ad:4c:df:9d:e9:4b:2f:71:6f: d5:d5:36:fb:a7:2f:b7:b1:51:42:76:c9:9c:d4:fe:54:ef:b2: b9:b8:47:19:16:a8:18:5b:0e:e8:32:d6:71:c0:9d:2b:dc:ca: 53:47:86:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDJUFyIAtgiGb0+Ra/A2FeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjZTQ1ZmQ2ZmQzZDkzMjY4NGMwYzViYzI3ZjRmYTYxNWEx MDkwZTAwHhcNMjUxMjIxMjMwMTEzWhcNMjUxMjIyMjMwMTEzWjAzMTEwLwYDVQQD EygyZTQ3YzY1M2E0MmZjOWMyOGUwNTU3NDZlY2JkZDM3NmZmZjNhMjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55agogDxHsyKGXx1VZDSYZRJFG0/ 5ktPKRH/btCQYLBH0Gi/YWm6BHyUUa+Xc+o4EQ8MqyxbreF1e/iQwUNoN/wFMTao 94TMaq2DZpyB5+z77umdwVZ/tv5BKncuYnGZ6T4O71Y98Tai9hyWc4MRVPNHevaG c7XZA2/Qr8LRKnkrCL+hvdDRaq2qrBbYNNcxN7oVjZzAj28Q+ECxHTU7P3tw4+sw WteS5wzPExBmUHgValw0hp57gPaMRRAEt64BY/Q4/rzD9L/FKTyWJIVx/JkPOFB/ l/Ey3EqppW8zCbv7IM0fQYbUGFbqL1aR8Kr0BFhWITaviQrJ3oWcjOm95wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC5HxlOkL8nCjgVXRuy903b/86JMMB8GA1UdIwQY MBaAFPzkX9b9PZMmhMDFvCf0+mFaEJDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iZjVhNjQtOGFhZi00NGE4LWJhY2Ut MzY4NTBkZjRlOTk3LzEvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi9iZjVhNjQtOGFhZi00NGE4LWJhY2UtMzY4NTBkZjRlOTk3 LzEvX09SZjF2MDlreWFFd01XOEpfVDZZVm9Ra09BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbNYlPPht /D+imlvRe+Z3pyaB0m6nMTFdQMU8oDJkyrZBMR/avlxYRYAM3qZvC5dLo1+Iartu j/Onb4rAw8AIT0WSNWs4ruDhSixQSHP1aYwG2uP+BlRQdDadt0MiJeFugMTdB3+c RCD8fTIbyUlcbW16JmbfHy0Whl3iDlZsN8dvKIpXPYx3Fe4kaHGTOPdjDhNsv9CY LE2bn4GGKv8fJ4ZDha0UEWtqcVY9RMMSyi1CVXbpDyTqg9ERVBSMKerixHgvyOeb M4xEBE6qvsBCrUzfnelLL3Fv1dU2+6cvt7FRQnbJnNT+VO+yubhHGRaoGFsO6DLW ccCdK9zKU0eGpg== -----END CERTIFICATE-----Generated at Mon Dec 22 08:08:04 2025 by rpki-client