This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft File: VDxwGANHJZY6lxyWqMqrWYyuY4o.mft (raw, json) Hash identifier: Cb49uOYpHAU9r7jvVSbimgiZz//2UCO5BUwWM8q9Yfw= Subject key identifier: 2F:25:07:CD:0D:BB:4D:E6:2B:CF:4C:77:60:0C:75:C5:6D:4B:A9:D4 Authority key identifier: 54:3C:70:18:03:47:25:96:3A:97:1C:96:A8:CA:AB:59:8C:AE:63:8A Certificate issuer: /CN=543c7018034725963a971c96a8caab598cae638a Certificate serial: 019B6354A068016B4A907936F6E21F5B3208 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxwGANHJZY6lxyWqMqrWYyuY4o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft Manifest number: 0591 Signing time: Sun 28 Dec 2025 05:00:49 +0000 Manifest this update: Sun 28 Dec 2025 05:00:49 +0000 Manifest next update: Mon 29 Dec 2025 05:00:49 +0000 Files and hashes: 1: O7wVhYp5aN-EHbBcAt5o4QIzfyg.roa (hash: 1pH3pLqu6QshZ8HwYPfHNSe335AW5zx9SMrVG3Y2btc=) 2: VDxwGANHJZY6lxyWqMqrWYyuY4o.crl (hash: LHbqkSheh3IzRlbmuQzuQHTuJ6rbALdtqjtlxT+MJJk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.crl rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft rsync://rpki.ripe.net/repository/DEFAULT/VDxwGANHJZY6lxyWqMqrWYyuY4o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:54:a0:68:01:6b:4a:90:79:36:f6:e2:1f:5b:32:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=543c7018034725963a971c96a8caab598cae638a Validity Not Before: Dec 28 05:00:49 2025 GMT Not After : Dec 29 05:00:49 2025 GMT Subject: CN=2f2507cd0dbb4de62bcf4c77600c75c56d4ba9d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:07:45:ab:15:da:7b:4b:12:4f:6c:8d:0d:9f: 46:d8:a1:d4:60:ba:8f:4d:e1:18:b3:21:15:8f:46: fc:77:fb:83:40:2d:09:62:3e:d7:36:e4:7f:eb:86: 62:69:a5:fb:2f:41:25:b8:75:d8:be:b5:78:56:e8: 63:92:06:47:e1:c9:f2:2f:95:e8:81:4d:78:a2:e1: aa:52:60:21:50:4e:23:b6:c2:ad:04:85:16:50:ba: 94:57:04:a3:b2:da:7f:cf:e9:0e:86:f6:4a:8e:7a: d7:fb:6d:4a:58:57:9e:4e:fb:6b:d6:5a:cb:4e:02: a6:2b:10:a4:c7:1d:ec:5c:d7:4d:f5:ea:4e:d4:ca: 72:1b:48:d4:2f:e0:a5:c8:94:de:fd:40:94:7b:32: fb:78:05:2d:1e:e5:2c:6b:1f:3c:20:8b:75:12:2b: ef:47:8c:83:ab:f0:89:7b:39:ad:9d:20:62:c9:29: bb:38:c8:e0:2e:00:2f:bd:62:ed:0f:bb:5f:43:a5: 6b:08:fd:d2:f3:58:2c:6a:ba:a9:fd:28:d3:b7:7a: c1:53:b3:05:76:93:a8:4d:71:e0:e7:5f:d8:b9:83: 9c:7d:fe:24:ab:5d:4e:1a:f4:5d:85:8f:d0:6f:ec: 7b:22:24:79:5d:d7:b7:66:8e:2b:8e:5f:bd:f9:e3: e4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:25:07:CD:0D:BB:4D:E6:2B:CF:4C:77:60:0C:75:C5:6D:4B:A9:D4 X509v3 Authority Key Identifier: keyid:54:3C:70:18:03:47:25:96:3A:97:1C:96:A8:CA:AB:59:8C:AE:63:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxwGANHJZY6lxyWqMqrWYyuY4o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/509d0b-acd1-4958-a3cd-375f2449a8c1/1/VDxwGANHJZY6lxyWqMqrWYyuY4o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:98:12:ad:8a:c2:84:bb:ff:ff:2b:19:78:94:d4:a2:11:45: d8:6e:63:8c:9d:43:43:92:ba:4f:fa:c1:2a:96:ab:85:dd:4f: 40:26:2b:cf:08:38:57:c3:18:55:dc:13:20:ab:bf:6b:73:01: 39:ab:3b:62:79:fa:40:e4:5e:8e:2e:11:08:82:2d:7e:63:fb: c7:98:3f:4d:4a:98:7b:c0:f5:67:7b:2a:52:0a:af:20:46:33: 3f:8d:d5:bd:f7:1c:17:e4:07:48:4f:4a:38:21:4b:81:ee:36: e8:78:d8:21:d7:e1:35:df:eb:0c:c5:a4:64:74:6e:15:32:55: 55:23:24:c7:92:2c:6e:4c:d4:af:55:7c:5f:a8:0d:f6:15:a2: 26:78:38:29:89:04:a6:e8:a4:3b:97:23:70:2f:5d:45:99:b3: d0:59:d9:42:49:c8:55:d5:38:ef:c4:bf:e7:21:39:39:07:20: 4b:89:55:fe:f5:b3:29:b8:47:5b:a4:81:92:73:5d:12:da:0b: 43:8e:7d:2b:bb:e0:26:39:bc:e0:5e:2e:9b:35:77:95:0c:5e: 08:36:69:32:4a:b9:bf:dd:d4:0e:7f:01:29:e5:ed:b7:77:f0: f2:ed:48:86:41:5e:a0:74:70:3a:bf:d4:e7:2c:09:3e:87:ce: b2:00:3e:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjVKBoAWtKkHk29uIfWzIIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0M2M3MDE4MDM0NzI1OTYzYTk3MWM5NmE4Y2FhYjU5OGNh ZTYzOGEwHhcNMjUxMjI4MDUwMDQ5WhcNMjUxMjI5MDUwMDQ5WjAzMTEwLwYDVQQD EygyZjI1MDdjZDBkYmI0ZGU2MmJjZjRjNzc2MDBjNzVjNTZkNGJhOWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AdFqxXae0sST2yNDZ9G2KHUYLqP TeEYsyEVj0b8d/uDQC0JYj7XNuR/64ZiaaX7L0EluHXYvrV4VuhjkgZH4cnyL5Xo gU14ouGqUmAhUE4jtsKtBIUWULqUVwSjstp/z+kOhvZKjnrX+21KWFeeTvtr1lrL TgKmKxCkxx3sXNdN9epO1MpyG0jUL+ClyJTe/UCUezL7eAUtHuUsax88IIt1Eivv R4yDq/CJezmtnSBiySm7OMjgLgAvvWLtD7tfQ6VrCP3S81gsarqp/SjTt3rBU7MF dpOoTXHg51/YuYOcff4kq11OGvRdhY/Qb+x7IiR5Xde3Zo4rjl+9+ePkowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC8lB80Nu03mK89Md2AMdcVtS6nUMB8GA1UdIwQY MBaAFFQ8cBgDRyWWOpcclqjKq1mMrmOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkR4d0dBTkhKWlk2bHh5V3FNcXJXWXl1WTRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81MDlkMGItYWNkMS00OTU4LWEzY2Qt Mzc1ZjI0NDlhOGMxLzEvVkR4d0dBTkhKWlk2bHh5V3FNcXJXWXl1WTRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS81MDlkMGItYWNkMS00OTU4LWEzY2QtMzc1ZjI0NDlhOGMx LzEvVkR4d0dBTkhKWlk2bHh5V3FNcXJXWXl1WTRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZgSrYrC hLv//ysZeJTUohFF2G5jjJ1DQ5K6T/rBKparhd1PQCYrzwg4V8MYVdwTIKu/a3MB Oas7Ynn6QOReji4RCIItfmP7x5g/TUqYe8D1Z3sqUgqvIEYzP43VvfccF+QHSE9K OCFLge426HjYIdfhNd/rDMWkZHRuFTJVVSMkx5IsbkzUr1V8X6gN9hWiJng4KYkE puikO5cjcC9dRZmz0FnZQknIVdU478S/5yE5OQcgS4lV/vWzKbhHW6SBknNdEtoL Q459K7vgJjm84F4umzV3lQxeCDZpMkq5v93UDn8BKeXtt3fw8u1IhkFeoHRwOr/U 5ywJPofOsgA+Ow== -----END CERTIFICATE-----Generated at Sun Dec 28 09:58:10 2025 by rpki-client