This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft File: VmHZZN9KhtuP-5mqiVgtpoowkIw.mft (raw, json) Hash identifier: 4x2T4SaDky94ECFL4bXBeIe/DTu5j+GaCj8/8HqZyFc= Subject key identifier: 9C:8B:FB:45:26:DE:2B:83:26:6D:3C:28:45:1F:D3:94:D7:15:49:44 Authority key identifier: 56:61:D9:64:DF:4A:86:DB:8F:FB:99:AA:89:58:2D:A6:8A:30:90:8C Certificate issuer: /CN=5661d964df4a86db8ffb99aa89582da68a30908c Certificate serial: 019B3BA282B14AE9A8E9254B14225B0A85E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft Manifest number: 031D Signing time: Sat 20 Dec 2025 12:01:04 +0000 Manifest this update: Sat 20 Dec 2025 12:01:04 +0000 Manifest next update: Sun 21 Dec 2025 12:01:04 +0000 Files and hashes: 1: VmHZZN9KhtuP-5mqiVgtpoowkIw.crl (hash: jNVsu9RuCw3IsJcv2Bj1BGvh4PO04hLDjppVVf/7ua4=) 2: xMdRmutHFokxkkQckhp-estBVrY.roa (hash: B+GeVyXFQ8LdKQlX7fXVWpcWBfpc+XAscpHvCnfEhnA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 12:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:82:b1:4a:e9:a8:e9:25:4b:14:22:5b:0a:85:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5661d964df4a86db8ffb99aa89582da68a30908c Validity Not Before: Dec 20 12:01:04 2025 GMT Not After : Dec 21 12:01:04 2025 GMT Subject: CN=9c8bfb4526de2b83266d3c28451fd394d7154944 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d6:45:34:6e:82:fa:c4:6d:df:2f:1c:70:e7: ce:f6:15:d5:1a:90:fe:11:55:f7:02:52:13:e8:61: 3c:12:62:45:90:f7:c1:b9:d4:d7:89:62:a2:c1:c5: d2:41:f0:18:d0:7d:5e:44:73:82:f1:51:da:46:34: 21:f0:96:f2:08:71:e6:d6:b2:85:70:5c:de:24:f8: d0:f9:5f:a5:81:90:6c:98:54:96:0c:d6:d3:2f:34: cd:e5:01:a7:cc:40:7c:c1:15:87:7d:af:5a:24:30: 10:a8:69:5d:dd:73:35:fc:25:d0:ce:fb:20:9c:59: 79:53:8f:ab:ff:b4:ed:76:98:78:ac:06:ab:64:d2: f2:be:37:6d:93:08:c6:1b:23:f1:db:2a:fb:88:46: c1:05:1b:06:1e:b0:79:d7:14:f0:96:f7:4f:dc:37: 15:aa:06:0b:f8:fd:0a:5a:31:37:37:35:7c:6a:47: f2:4f:ce:51:28:e8:e2:c1:52:ab:2b:3e:15:a6:8f: 3c:cf:f8:99:4c:a0:8e:4a:3b:51:eb:84:ad:32:be: 3d:db:df:dd:8f:2d:4b:1d:4c:19:f6:67:92:86:d7: 23:47:c2:a6:b5:29:00:72:17:c9:11:e1:2c:a3:39: 2b:38:fb:60:c9:ee:78:88:a4:40:fa:a2:74:3e:42: d3:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:8B:FB:45:26:DE:2B:83:26:6D:3C:28:45:1F:D3:94:D7:15:49:44 X509v3 Authority Key Identifier: keyid:56:61:D9:64:DF:4A:86:DB:8F:FB:99:AA:89:58:2D:A6:8A:30:90:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:59:23:af:17:40:46:0d:e6:bc:bf:92:53:0c:d6:32:19:7f: b9:14:f6:d7:73:cb:f3:d1:f3:d4:cd:99:34:d6:15:fd:08:9e: e5:9c:91:7f:5d:f7:46:75:1f:76:a6:a6:b2:d8:9b:1a:b2:fb: 86:ae:88:c3:5c:0f:bf:98:e2:c7:1e:92:ec:2c:05:23:53:83: 5f:65:4d:a5:45:45:a0:ba:01:8c:28:02:09:8d:89:20:ff:57: 71:1c:a8:8e:15:b2:83:e3:f9:5a:5e:18:0a:76:7d:21:45:a6: af:2a:20:aa:8a:b1:4c:47:6a:4b:8b:2a:b1:ba:d4:8a:e4:f1: 7d:df:7c:b7:ae:fe:90:ca:78:58:f8:07:52:42:c4:f1:c1:c5: d7:d5:e0:64:e7:ce:d2:2b:93:bf:1a:04:a7:c7:db:e2:a4:14: 11:86:01:30:89:8e:c9:0f:92:12:fb:17:78:48:67:99:35:48: 07:e9:dc:0a:a8:cd:ce:ee:e1:73:3f:4c:2d:63:75:d0:0d:01: 48:3f:a8:1c:69:1f:a1:31:be:f1:29:2d:0f:30:5a:64:ad:11: 8b:c4:60:80:4a:db:4c:2c:9e:74:23:52:22:2a:45:d8:54:32: eb:cf:83:4f:2f:4a:29:71:55:3e:61:fb:c8:10:c0:33:3b:57: 26:4c:fd:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7ooKxSumo6SVLFCJbCoXiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2NjFkOTY0ZGY0YTg2ZGI4ZmZiOTlhYTg5NTgyZGE2OGEz MDkwOGMwHhcNMjUxMjIwMTIwMTA0WhcNMjUxMjIxMTIwMTA0WjAzMTEwLwYDVQQD Eyg5YzhiZmI0NTI2ZGUyYjgzMjY2ZDNjMjg0NTFmZDM5NGQ3MTU0OTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9ZFNG6C+sRt3y8ccOfO9hXVGpD+ EVX3AlIT6GE8EmJFkPfBudTXiWKiwcXSQfAY0H1eRHOC8VHaRjQh8JbyCHHm1rKF cFzeJPjQ+V+lgZBsmFSWDNbTLzTN5QGnzEB8wRWHfa9aJDAQqGld3XM1/CXQzvsg nFl5U4+r/7Ttdph4rAarZNLyvjdtkwjGGyPx2yr7iEbBBRsGHrB51xTwlvdP3DcV qgYL+P0KWjE3NzV8akfyT85RKOjiwVKrKz4Vpo88z/iZTKCOSjtR64StMr4929/d jy1LHUwZ9meShtcjR8KmtSkAchfJEeEsozkrOPtgye54iKRA+qJ0PkLTLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJyL+0Um3iuDJm08KEUf05TXFUlEMB8GA1UdIwQY MBaAFFZh2WTfSobbj/uZqolYLaaKMJCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iMDNhMzYtMDgwNy00MWVmLWFmODYt M2Q0MzliN2NkZTcyLzEvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9iMDNhMzYtMDgwNy00MWVmLWFmODYtM2Q0MzliN2NkZTcy LzEvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFkjrxdA Rg3mvL+SUwzWMhl/uRT213PL89Hz1M2ZNNYV/Qie5ZyRf133RnUfdqamstibGrL7 hq6Iw1wPv5jixx6S7CwFI1ODX2VNpUVFoLoBjCgCCY2JIP9XcRyojhWyg+P5Wl4Y CnZ9IUWmryogqoqxTEdqS4sqsbrUiuTxfd98t67+kMp4WPgHUkLE8cHF19XgZOfO 0iuTvxoEp8fb4qQUEYYBMImOyQ+SEvsXeEhnmTVIB+ncCqjNzu7hcz9MLWN10A0B SD+oHGkfoTG+8SktDzBaZK0Ri8RggErbTCyedCNSIipF2FQy68+DTy9KKXFVPmH7 yBDAMztXJkz9ww== -----END CERTIFICATE-----Generated at Sat Dec 20 21:09:22 2025 by rpki-client