This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft File: r3gchFM5kA9-ayAz5jiItTrleHU.mft (raw, json) Hash identifier: srEu0C88y2iT0WtEVbfDjuWYurI0CgWcYVZUYKmxaEg= Subject key identifier: AF:2E:28:6A:A9:29:98:84:53:93:4F:9F:A0:8F:7D:AA:D3:10:88:AF Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75 Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875 Certificate serial: 019B4C28558CA20D214E1B4B41F37A8F239C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft Manifest number: 1791 Signing time: Tue 23 Dec 2025 17:01:10 +0000 Manifest this update: Tue 23 Dec 2025 17:01:10 +0000 Manifest next update: Wed 24 Dec 2025 17:01:10 +0000 Files and hashes: 1: qZsU012FOT7iNKmn0Q6fmLHg-jY.roa (hash: t+/X1ob1d2V1rnzYvMBrQBRc/+JtrsZ+AHNltw325kg=) 2: r3gchFM5kA9-ayAz5jiItTrleHU.crl (hash: wYmdJ+mchJkOgznVDoN5fAMkGwpJVmtk++GBBCrbIbI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:28:55:8c:a2:0d:21:4e:1b:4b:41:f3:7a:8f:23:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875 Validity Not Before: Dec 23 17:01:10 2025 GMT Not After : Dec 24 17:01:10 2025 GMT Subject: CN=af2e286aa929988453934f9fa08f7daad31088af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:24:81:00:8e:d8:50:94:6a:64:c4:31:f8:fe: 44:b4:c8:ea:6b:f2:57:17:d2:11:17:bd:a4:e2:1a: 9e:a6:a3:ab:5e:85:9f:a8:25:07:23:38:c3:94:0a: 37:37:ca:02:f6:44:17:11:32:43:ab:16:35:d8:89: 1e:97:91:36:54:b0:34:e9:38:7c:5f:90:ee:9d:5c: d1:89:12:3b:ed:64:43:99:f8:b9:75:5a:68:1c:2d: 2a:46:6e:31:45:04:1d:f2:7e:1f:c2:12:52:14:98: 1c:63:ff:2a:99:3c:50:bb:36:45:35:7d:43:9c:05: 65:ea:98:74:40:87:ae:b1:35:3a:c8:22:e3:7d:25: c5:d1:6f:9e:d0:e6:cc:e3:f1:a4:4a:79:d0:be:b6: 36:16:9f:60:2a:d1:4e:9d:19:c3:3c:8b:b2:13:4f: d9:82:eb:6d:10:5e:35:ed:21:e6:47:a3:9d:7b:03: f6:44:a2:dd:25:bd:d3:7c:d3:25:2a:a4:af:e6:a6: 28:a9:f1:65:f7:77:16:00:ae:50:a1:3b:a5:23:d3: 74:67:d6:4f:3e:3e:b6:74:5e:3d:82:f9:64:b9:07: 89:ad:16:6c:f8:ba:00:ba:8d:45:e2:76:a9:2f:6c: 03:a7:83:fb:99:e8:39:dc:ad:8b:0b:4c:79:11:40: c2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:2E:28:6A:A9:29:98:84:53:93:4F:9F:A0:8F:7D:AA:D3:10:88:AF X509v3 Authority Key Identifier: keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:1c:e4:f5:4e:4c:69:0f:d0:be:73:db:7f:a1:1a:34:40:3c: 26:00:0f:42:c5:1b:8e:28:7b:67:86:a5:37:50:31:b0:d4:48: 42:3a:40:4c:47:cb:a0:12:57:3a:12:5e:e9:17:30:69:69:4e: f8:d1:c5:33:42:35:6b:15:79:ec:15:b0:e2:24:01:ae:4c:2c: ae:de:c5:30:a1:e7:38:d0:62:7c:07:3d:8d:a9:38:38:55:7f: 61:82:01:47:c6:e6:f4:e0:6e:1d:d5:b0:43:4a:ea:52:78:2d: 58:8d:49:9e:52:f3:98:b6:3a:27:e0:11:a2:99:a8:32:48:10: 68:03:6b:d9:c4:86:d1:d3:9c:c4:b5:47:9c:cf:a0:80:95:ac: eb:20:09:18:09:df:8f:25:15:b5:5a:db:70:35:57:fc:96:6c: 49:0d:13:2b:0b:e1:68:18:20:3a:27:c5:88:1e:9a:53:24:36: 20:c8:a2:1e:d0:c1:06:af:a7:93:ea:4b:06:ad:f4:49:c4:04: ab:fa:2d:a6:ec:4d:5e:fb:c0:65:4b:a8:88:a0:54:f1:a3:3d: b9:b5:4c:3d:93:a3:3b:5a:c5:ec:b5:b5:2d:c8:ec:e0:5a:1e: 89:b7:1d:ad:6e:f5:ab:25:a0:55:94:cf:79:07:c1:1b:fd:25: 95:f5:6b:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMKFWMog0hThtLQfN6jyOcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl NTc4NzUwHhcNMjUxMjIzMTcwMTEwWhcNMjUxMjI0MTcwMTEwWjAzMTEwLwYDVQQD EyhhZjJlMjg2YWE5Mjk5ODg0NTM5MzRmOWZhMDhmN2RhYWQzMTA4OGFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCSBAI7YUJRqZMQx+P5EtMjqa/JX F9IRF72k4hqepqOrXoWfqCUHIzjDlAo3N8oC9kQXETJDqxY12Ikel5E2VLA06Th8 X5DunVzRiRI77WRDmfi5dVpoHC0qRm4xRQQd8n4fwhJSFJgcY/8qmTxQuzZFNX1D nAVl6ph0QIeusTU6yCLjfSXF0W+e0ObM4/GkSnnQvrY2Fp9gKtFOnRnDPIuyE0/Z guttEF417SHmR6OdewP2RKLdJb3TfNMlKqSv5qYoqfFl93cWAK5QoTulI9N0Z9ZP Pj62dF49gvlkuQeJrRZs+LoAuo1F4napL2wDp4P7meg53K2LC0x5EUDCvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK8uKGqpKZiEU5NPn6CPfarTEIivMB8GA1UdIwQY MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt NWNmMzdhMzQ4MzBkLzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxzk9U5M aQ/QvnPbf6EaNEA8JgAPQsUbjih7Z4alN1AxsNRIQjpATEfLoBJXOhJe6RcwaWlO +NHFM0I1axV57BWw4iQBrkwsrt7FMKHnONBifAc9jak4OFV/YYIBR8bm9OBuHdWw Q0rqUngtWI1JnlLzmLY6J+ARopmoMkgQaANr2cSG0dOcxLVHnM+ggJWs6yAJGAnf jyUVtVrbcDVX/JZsSQ0TKwvhaBggOifFiB6aUyQ2IMiiHtDBBq+nk+pLBq30ScQE q/otpuxNXvvAZUuoiKBU8aM9ubVMPZOjO1rF7LW1Lcjs4FoeibcdrW71qyWgVZTP eQfBG/0llfVrVw== -----END CERTIFICATE-----Generated at Wed Dec 24 00:11:58 2025 by rpki-client