This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json) Hash identifier: VRTfwixXXUawYXAdY6WGl9is8swQ2RMrq3du2QRS29w= Subject key identifier: A0:5B:96:58:1F:C1:B2:A0:D5:A5:F8:0F:AE:F5:B8:5D:14:70:69:2C Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a Certificate serial: 019B3D599514537E233E05F7C687161C167C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft Manifest number: 03AB Signing time: Sat 20 Dec 2025 20:00:39 +0000 Manifest this update: Sat 20 Dec 2025 20:00:39 +0000 Manifest next update: Sun 21 Dec 2025 20:00:39 +0000 Files and hashes: 1: 5ZRHOA8DDg_XhJ8JjCvhTOGiC1w.roa (hash: eWpgjaoVJC0L+xFRvzTJa/HrtM2zzM7SykfE1sq9g2I=) 2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: PDF/ccthq6wBr1+FhaNF/LeL8GCNCZhI9bS07wecv+w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:95:14:53:7e:23:3e:05:f7:c6:87:16:1c:16:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a Validity Not Before: Dec 20 20:00:39 2025 GMT Not After : Dec 21 20:00:39 2025 GMT Subject: CN=a05b96581fc1b2a0d5a5f80faef5b85d1470692c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:53:95:3b:17:49:fb:51:ea:4d:7b:71:0e:e5: c4:da:e5:27:76:6a:56:65:e4:be:5a:70:cf:67:d1: ec:36:74:4b:1f:78:bc:d9:41:10:58:94:75:c5:09: b4:75:54:00:7f:f0:8e:08:a3:f0:5e:3b:1d:d7:bf: 44:4b:4c:33:d7:37:b6:fa:3a:6d:7f:90:00:b1:b4: 23:95:91:14:b0:68:45:f1:ab:18:33:04:15:ea:8c: ad:3e:de:90:0d:04:a7:91:7d:80:c7:60:44:5c:60: 4e:11:94:28:30:87:d7:11:76:de:f4:4d:ea:fa:81: 5d:0c:79:4c:4c:83:a9:07:5f:23:4f:5b:f9:c4:4b: bc:64:d0:86:72:b3:58:0f:c3:7b:83:7f:46:79:ec: dd:98:5d:c9:05:68:2f:7b:65:6c:fa:a7:07:0a:de: 37:ce:d9:b8:2c:07:a5:33:34:ef:8b:e1:8c:9c:14: 05:5f:8d:ff:98:6e:9e:e2:7a:99:5d:f2:22:7f:58: de:31:ed:9a:7d:4f:08:cc:5d:44:48:44:e9:e6:be: 81:0e:d4:3f:8c:36:17:04:fc:c4:ee:fc:9f:4f:2e: 0e:9f:1c:89:fa:8c:da:63:aa:2f:6d:42:9f:64:ad: 93:4b:da:4a:fe:3d:b9:7d:fe:c3:eb:3b:c6:1b:72: bd:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:5B:96:58:1F:C1:B2:A0:D5:A5:F8:0F:AE:F5:B8:5D:14:70:69:2C X509v3 Authority Key Identifier: keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:5b:58:bd:8e:1a:27:36:5e:fb:0a:85:96:b6:ad:bf:05:82: b0:f9:59:b1:22:78:61:9b:4e:5f:49:4e:92:7c:76:33:2f:62: 70:5b:f1:1e:bb:41:d2:c9:ec:4b:7a:bf:4a:2d:43:5d:a4:2c: 76:96:f7:d2:8c:c8:66:9e:ad:e4:16:7b:61:89:15:04:b6:31: 3b:92:bc:1a:99:7e:b5:27:52:e4:f6:dd:4f:dc:08:f4:0e:43: f5:6e:37:35:1f:b1:7e:49:63:6e:78:59:4e:c9:ab:a0:e6:bb: 93:03:20:b9:aa:02:64:e1:12:22:83:33:4e:97:1f:9f:85:8a: d7:b9:e4:4b:1b:d0:06:8c:bb:ec:a8:b1:61:5d:3d:97:a8:24: 92:53:ea:bf:8b:51:6e:53:07:b6:51:48:52:26:37:9b:70:6e: 34:16:33:c4:22:94:d9:ea:0e:7a:6d:ed:15:d5:0d:4c:d5:32: d1:42:66:6c:65:be:a6:5f:2b:77:d3:4f:57:ad:28:34:f3:7a: 08:7e:fd:45:9b:f0:a8:2f:15:82:5c:98:3a:3c:92:6a:e4:dd: cb:6e:d3:98:b0:bf:f3:cf:8a:90:1a:59:39:d8:fe:73:ca:93: f9:6b:c2:28:3c:0e:d6:4a:4e:cd:4a:15:c2:6c:be:49:76:e0: cc:83:3b:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9WZUUU34jPgX3xocWHBZ8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2 ODY5MWEwHhcNMjUxMjIwMjAwMDM5WhcNMjUxMjIxMjAwMDM5WjAzMTEwLwYDVQQD EyhhMDViOTY1ODFmYzFiMmEwZDVhNWY4MGZhZWY1Yjg1ZDE0NzA2OTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1OVOxdJ+1HqTXtxDuXE2uUndmpW ZeS+WnDPZ9HsNnRLH3i82UEQWJR1xQm0dVQAf/COCKPwXjsd179ES0wz1ze2+jpt f5AAsbQjlZEUsGhF8asYMwQV6oytPt6QDQSnkX2Ax2BEXGBOEZQoMIfXEXbe9E3q +oFdDHlMTIOpB18jT1v5xEu8ZNCGcrNYD8N7g39GeezdmF3JBWgve2Vs+qcHCt43 ztm4LAelMzTvi+GMnBQFX43/mG6e4nqZXfIif1jeMe2afU8IzF1ESETp5r6BDtQ/ jDYXBPzE7vyfTy4OnxyJ+ozaY6ovbUKfZK2TS9pK/j25ff7D6zvGG3K9mwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKBbllgfwbKg1aX4D671uF0UcGksMB8GA1UdIwQY MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA1tYvY4a JzZe+wqFlratvwWCsPlZsSJ4YZtOX0lOknx2My9icFvxHrtB0snsS3q/Si1DXaQs dpb30ozIZp6t5BZ7YYkVBLYxO5K8Gpl+tSdS5PbdT9wI9A5D9W43NR+xfkljbnhZ TsmroOa7kwMguaoCZOESIoMzTpcfn4WK17nkSxvQBoy77KixYV09l6gkklPqv4tR blMHtlFIUiY3m3BuNBYzxCKU2eoOem3tFdUNTNUy0UJmbGW+pl8rd9NPV60oNPN6 CH79RZvwqC8VglyYOjySauTdy27TmLC/88+KkBpZOdj+c8qT+WvCKDwO1kpOzUoV wmy+SXbgzIM7Zw== -----END CERTIFICATE-----Generated at Sat Dec 20 21:51:49 2025 by rpki-client