This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft File: vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft (raw, json) Hash identifier: xsCCL2kfUrgrmqJHdabQ6sjwChrMtxHBFqW83DJhKjw= Subject key identifier: E0:1F:24:68:57:43:F3:28:A4:AD:4C:26:61:AC:12:61:7A:22:46:9A Authority key identifier: BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC Certificate issuer: /CN=be722a99732c9c3cbc20b0a47292a823782603ac Certificate serial: 019B488278DDEA3ED1382DF57D121670A5F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft Manifest number: 171F Signing time: Tue 23 Dec 2025 00:01:08 +0000 Manifest this update: Tue 23 Dec 2025 00:01:08 +0000 Manifest next update: Wed 24 Dec 2025 00:01:08 +0000 Files and hashes: 1: KEoMu2N6_T8O9ufaf0Y2clZ16n8.roa (hash: TtnWx5gcstoPtaU3BdfsPkG0EZi+JY/3eJmxv3P7PTM=) 2: vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl (hash: lLfYSY+Fm/nrPDSYEUe1tVfG/6k9mGA9UoQ8yT7vqWw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:82:78:dd:ea:3e:d1:38:2d:f5:7d:12:16:70:a5:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=be722a99732c9c3cbc20b0a47292a823782603ac Validity Not Before: Dec 23 00:01:08 2025 GMT Not After : Dec 24 00:01:08 2025 GMT Subject: CN=e01f24685743f328a4ad4c2661ac12617a22469a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:9a:02:ca:93:06:f7:3c:2c:f2:72:84:8c:72: e3:aa:32:71:69:e0:69:ce:b0:4c:0d:2d:73:03:38: 0c:d9:bf:b6:eb:6f:0f:f4:32:ed:b2:73:b9:35:0b: 20:e2:b9:e0:d0:9f:a0:08:4b:bd:07:58:c4:c0:49: 00:46:d7:ea:48:94:96:25:1d:ad:0f:f2:6c:8a:13: d9:11:07:43:03:1c:07:58:c3:97:05:6a:1c:a9:62: 2c:46:e4:ef:23:b2:8b:e7:03:7b:f3:8f:b3:fe:60: b9:11:e9:07:5b:d0:66:b6:30:08:36:f9:04:83:1d: 26:c6:2c:91:4c:ff:16:a5:8b:6b:87:f0:ab:27:6c: a7:cc:ab:39:e6:7f:47:cf:5e:da:f1:20:4b:c4:bd: c3:32:bb:af:d6:89:72:1d:d5:bc:20:a2:0e:ff:0a: 6b:6e:cf:d4:0b:04:ed:18:19:68:f3:f2:be:37:b1: 14:57:47:43:99:65:db:1c:ed:03:ec:64:47:e8:e6: f0:b6:47:40:29:84:29:dd:27:b0:59:20:af:5a:a5: 39:0b:3a:07:43:0f:f2:00:2a:2f:b1:35:88:65:03: 98:a9:31:ed:c9:c0:e8:7a:b3:6d:5f:76:3c:78:04: 34:9f:f8:0d:fe:c4:05:6d:da:1b:e2:06:be:fc:bc: 4f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:1F:24:68:57:43:F3:28:A4:AD:4C:26:61:AC:12:61:7A:22:46:9A X509v3 Authority Key Identifier: keyid:BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:46:a0:7a:8f:68:df:b0:4f:df:f9:bd:db:6c:ae:97:90:79: 36:8a:99:6a:9f:19:32:bc:66:a6:40:15:ac:d8:09:78:96:a0: e0:51:a7:a3:cf:e4:61:dd:b4:d4:7d:a7:96:2f:95:20:d7:2b: 40:1a:20:f6:7c:36:58:9e:69:96:e6:f5:4c:fe:cc:f0:af:07: cd:8c:3e:9a:2e:cf:de:d9:b3:75:3b:01:2c:31:ae:20:e9:5a: b6:55:52:be:41:c7:f6:0c:f5:d5:b6:97:c0:47:ad:ee:7a:1d: 4b:e8:6f:11:f2:f9:f8:49:b3:aa:53:62:e6:19:3a:53:8a:76: 1f:14:e8:bc:63:b8:5d:ff:16:18:b1:d6:0c:cd:64:8b:22:7a: 7b:bf:bc:29:40:f9:1b:e7:b1:c4:b4:cd:b6:06:16:e5:bd:79: 79:70:4a:da:3a:2e:46:78:b3:a4:0b:e3:18:99:d7:b4:48:95: 12:d5:51:3b:c6:77:f2:e0:82:58:54:39:45:5a:f1:ca:93:dd: b7:47:33:35:21:85:e6:61:bf:89:f9:79:ca:2e:93:17:8d:fd: 52:96:e0:bd:9b:0e:83:52:37:39:7b:1d:24:36:26:f3:b1:ac: bb:79:fc:11:4d:28:93:67:57:0a:e6:f8:f8:17:ae:5a:9b:af: b2:48:7f:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgnjd6j7ROC31fRIWcKX1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJlNzIyYTk5NzMyYzljM2NiYzIwYjBhNDcyOTJhODIzNzgy NjAzYWMwHhcNMjUxMjIzMDAwMTA4WhcNMjUxMjI0MDAwMTA4WjAzMTEwLwYDVQQD EyhlMDFmMjQ2ODU3NDNmMzI4YTRhZDRjMjY2MWFjMTI2MTdhMjI0NjlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJoCypMG9zws8nKEjHLjqjJxaeBp zrBMDS1zAzgM2b+2628P9DLtsnO5NQsg4rng0J+gCEu9B1jEwEkARtfqSJSWJR2t D/JsihPZEQdDAxwHWMOXBWocqWIsRuTvI7KL5wN784+z/mC5EekHW9BmtjAINvkE gx0mxiyRTP8WpYtrh/CrJ2ynzKs55n9Hz17a8SBLxL3DMruv1olyHdW8IKIO/wpr bs/UCwTtGBlo8/K+N7EUV0dDmWXbHO0D7GRH6ObwtkdAKYQp3SewWSCvWqU5CzoH Qw/yACovsTWIZQOYqTHtycDoerNtX3Y8eAQ0n/gN/sQFbdob4ga+/LxPNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOAfJGhXQ/MopK1MJmGsEmF6IkaaMB8GA1UdIwQY MBaAFL5yKplzLJw8vCCwpHKSqCN4JgOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODct MjliOTdhMTg3N2ZiLzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODctMjliOTdhMTg3N2Zi LzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUageo9o 37BP3/m922yul5B5NoqZap8ZMrxmpkAVrNgJeJag4FGno8/kYd201H2nli+VINcr QBog9nw2WJ5plub1TP7M8K8HzYw+mi7P3tmzdTsBLDGuIOlatlVSvkHH9gz11baX wEet7nodS+hvEfL5+EmzqlNi5hk6U4p2HxTovGO4Xf8WGLHWDM1kiyJ6e7+8KUD5 G+exxLTNtgYW5b15eXBK2jouRnizpAvjGJnXtEiVEtVRO8Z38uCCWFQ5RVrxypPd t0czNSGF5mG/ifl5yi6TF439UpbgvZsOg1I3OXsdJDYm87Gsu3n8EU0ok2dXCub4 +BeuWpuvskh/hQ== -----END CERTIFICATE-----Generated at Tue Dec 23 07:20:31 2025 by rpki-client