This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft File: VmHZZN9KhtuP-5mqiVgtpoowkIw.mft (raw, json) Hash identifier: c1zCNcU3559EW4yZt2oAE5geIpGIyvDRwQZW9ru6pGI= Subject key identifier: 5F:A4:7B:B4:74:39:D2:EA:BA:0D:F3:01:FC:28:38:5D:C1:69:9A:B3 Authority key identifier: 56:61:D9:64:DF:4A:86:DB:8F:FB:99:AA:89:58:2D:A6:8A:30:90:8C Certificate issuer: /CN=5661d964df4a86db8ffb99aa89582da68a30908c Certificate serial: 019B7591F6AF0E647DA5F3306D19AE39167A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft Manifest number: 033B Signing time: Wed 31 Dec 2025 18:00:58 +0000 Manifest this update: Wed 31 Dec 2025 18:00:58 +0000 Manifest next update: Thu 01 Jan 2026 18:00:58 +0000 Files and hashes: 1: VmHZZN9KhtuP-5mqiVgtpoowkIw.crl (hash: 1CI3jXQspMOvyS8TGQLNjVwKLGIxtcMUsdytdqlptOs=) 2: xMdRmutHFokxkkQckhp-estBVrY.roa (hash: B+GeVyXFQ8LdKQlX7fXVWpcWBfpc+XAscpHvCnfEhnA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 16:22:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:75:91:f6:af:0e:64:7d:a5:f3:30:6d:19:ae:39:16:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5661d964df4a86db8ffb99aa89582da68a30908c Validity Not Before: Dec 31 18:00:58 2025 GMT Not After : Jan 1 18:00:58 2026 GMT Subject: CN=5fa47bb47439d2eaba0df301fc28385dc1699ab3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e8:66:2a:7e:5d:62:d6:d9:da:88:41:c8:95: 9a:03:b1:53:67:87:3a:6f:5e:d6:5b:69:8c:2a:0c: bf:c5:48:e5:1b:9b:a9:5b:96:fb:62:dc:de:c0:7a: 06:5a:1a:bc:af:0d:00:8b:8b:b5:3a:62:e5:88:8b: d0:64:2c:21:f5:12:9b:bd:96:2d:d7:70:97:69:df: fc:87:ac:36:09:c9:b8:97:9f:4d:2c:43:2c:08:87: 47:fd:a2:b1:b5:17:ce:83:ec:e6:1a:cb:16:04:12: 27:e2:91:92:d1:e1:37:8b:be:42:e1:23:c0:f4:16: dd:37:11:22:b6:5a:50:d9:4d:bb:a5:41:9e:42:10: 13:08:32:fb:7f:56:2c:6c:6b:a5:fe:a8:03:ef:b2: 47:04:85:65:57:6e:fc:a3:d0:ae:93:d5:fa:8f:ec: f0:d1:ca:2a:ed:5a:13:2a:da:3e:01:da:6f:92:11: 3d:78:57:32:6b:3a:bd:e9:a5:b6:80:2e:68:53:41: 8a:0c:70:b7:10:21:a6:39:e2:7d:84:9a:e6:4b:11: d5:c2:e3:e8:63:a2:46:d7:7f:44:3b:88:db:dd:9d: 9e:07:45:36:90:75:55:4e:d1:c6:46:83:a4:c2:01: b2:30:e8:a0:26:03:a2:ee:1f:33:e9:57:2c:81:48: 47:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:A4:7B:B4:74:39:D2:EA:BA:0D:F3:01:FC:28:38:5D:C1:69:9A:B3 X509v3 Authority Key Identifier: keyid:56:61:D9:64:DF:4A:86:DB:8F:FB:99:AA:89:58:2D:A6:8A:30:90:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmHZZN9KhtuP-5mqiVgtpoowkIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b03a36-0807-41ef-af86-3d439b7cde72/1/VmHZZN9KhtuP-5mqiVgtpoowkIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:7c:1f:43:68:bb:f2:02:bf:65:24:89:66:bd:7d:52:3e:7b: 97:36:76:38:33:37:80:e9:66:0d:79:e3:a0:98:ec:9e:c4:fe: df:6b:ee:6e:3f:69:3a:d5:7b:af:03:f8:8f:e2:c7:ed:21:dd: 3d:c7:8f:28:80:b9:58:ba:da:df:70:39:1b:26:32:87:35:93: 09:ab:93:1d:a3:a4:d1:f9:99:76:a4:bf:15:47:35:cb:41:a5: d4:a0:2c:04:f7:20:f6:90:fc:24:b9:66:a2:10:44:40:9e:92: 9e:9a:f6:8a:c1:7a:87:00:1f:44:a0:37:ba:cb:bc:d5:22:b9: 4d:7b:9c:3e:1e:a5:10:28:22:51:f7:63:21:44:45:0b:23:d2: 1f:91:e7:6b:ac:b2:0d:7a:61:f2:c9:35:bb:27:32:48:39:5a: 19:55:6e:a5:0b:09:10:34:06:a0:4e:3e:b6:70:c0:51:01:91: 1a:53:ae:60:19:2d:63:98:33:2a:12:13:a9:39:6a:6d:f4:92: 11:00:3b:d8:2c:7e:f8:08:35:12:65:ba:17:e2:d5:cf:67:de: eb:22:5d:62:8b:f8:57:b0:40:be:cc:3e:63:81:19:75:a7:2a: d7:3b:b8:1e:c0:c6:be:fa:9b:a8:5a:e8:3c:43:f8:2e:48:05: ca:89:aa:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt1kfavDmR9pfMwbRmuORZ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2NjFkOTY0ZGY0YTg2ZGI4ZmZiOTlhYTg5NTgyZGE2OGEz MDkwOGMwHhcNMjUxMjMxMTgwMDU4WhcNMjYwMTAxMTgwMDU4WjAzMTEwLwYDVQQD Eyg1ZmE0N2JiNDc0MzlkMmVhYmEwZGYzMDFmYzI4Mzg1ZGMxNjk5YWIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuhmKn5dYtbZ2ohByJWaA7FTZ4c6 b17WW2mMKgy/xUjlG5upW5b7YtzewHoGWhq8rw0Ai4u1OmLliIvQZCwh9RKbvZYt 13CXad/8h6w2Ccm4l59NLEMsCIdH/aKxtRfOg+zmGssWBBIn4pGS0eE3i75C4SPA 9BbdNxEitlpQ2U27pUGeQhATCDL7f1YsbGul/qgD77JHBIVlV278o9Cuk9X6j+zw 0coq7VoTKto+AdpvkhE9eFcyazq96aW2gC5oU0GKDHC3ECGmOeJ9hJrmSxHVwuPo Y6JG139EO4jb3Z2eB0U2kHVVTtHGRoOkwgGyMOigJgOi7h8z6VcsgUhHkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF+ke7R0OdLqug3zAfwoOF3BaZqzMB8GA1UdIwQY MBaAFFZh2WTfSobbj/uZqolYLaaKMJCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iMDNhMzYtMDgwNy00MWVmLWFmODYt M2Q0MzliN2NkZTcyLzEvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9iMDNhMzYtMDgwNy00MWVmLWFmODYtM2Q0MzliN2NkZTcy LzEvVm1IWlpOOUtodHVQLTVtcWlWZ3Rwb293a0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQHwfQ2i7 8gK/ZSSJZr19Uj57lzZ2ODM3gOlmDXnjoJjsnsT+32vubj9pOtV7rwP4j+LH7SHd PcePKIC5WLra33A5GyYyhzWTCauTHaOk0fmZdqS/FUc1y0Gl1KAsBPcg9pD8JLlm ohBEQJ6Snpr2isF6hwAfRKA3usu81SK5TXucPh6lECgiUfdjIURFCyPSH5Hna6yy DXph8sk1uycySDlaGVVupQsJEDQGoE4+tnDAUQGRGlOuYBktY5gzKhITqTlqbfSS EQA72Cx++Ag1EmW6F+LVz2fe6yJdYov4V7BAvsw+Y4EZdacq1zu4HsDGvvqbqFro PEP4LkgFyomq9g== -----END CERTIFICATE-----Generated at Wed Dec 31 19:34:53 2025 by rpki-client