This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft File: dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft (raw, json) Hash identifier: MJubIpu6W5ztLhHn2z1USuyHZ8+3xp8Cj6gckYp8hS4= Subject key identifier: FA:94:F2:39:AA:83:AF:3F:6A:A7:D4:1F:5D:B4:55:CC:F4:1E:FF:E2 Authority key identifier: 74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9 Certificate issuer: /CN=749d8a4328930b938fa86018b1e447ee4d8da8f9 Certificate serial: 019B3B34590E4664D65DBC77E2B30DDC3E91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft Manifest number: FF Signing time: Sat 20 Dec 2025 10:00:44 +0000 Manifest this update: Sat 20 Dec 2025 10:00:44 +0000 Manifest next update: Sun 21 Dec 2025 10:00:44 +0000 Files and hashes: 1: 9aSGIa-WEC1bN7Ni4E8-efLmGGQ.roa (hash: 9siiR4LDQpp3LbxItU8xD6C1s0IOvLTqKZo+clC6imU=) 2: dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl (hash: HWEaGS6vorB7mJSUxeW+OAeHxJ8AdlwpfiO+wr99lXg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:59:0e:46:64:d6:5d:bc:77:e2:b3:0d:dc:3e:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749d8a4328930b938fa86018b1e447ee4d8da8f9 Validity Not Before: Dec 20 10:00:44 2025 GMT Not After : Dec 21 10:00:44 2025 GMT Subject: CN=fa94f239aa83af3f6aa7d41f5db455ccf41effe2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:7b:13:92:92:cf:93:89:dc:42:20:5e:cb:0b: 79:7e:8d:64:16:18:47:c6:1e:d1:3a:4c:30:44:22: 16:d5:5d:b1:12:2b:1b:2c:57:1b:fd:95:eb:a7:24: 2e:46:0e:88:c2:5f:85:6b:77:1b:43:40:fb:f2:21: eb:89:e2:02:82:e7:98:79:e7:b1:06:4e:1d:7d:ad: 81:d0:50:af:48:b7:bb:b9:41:db:6d:da:35:97:57: 0c:29:e8:bf:55:c5:b2:b4:a8:1a:49:36:06:a5:9d: eb:75:ac:be:fc:6b:01:60:0d:eb:fd:53:e2:42:cd: b0:24:c4:d4:96:b9:72:4f:14:a4:b3:05:46:e2:56: 8e:f5:60:b8:35:a4:cb:12:2d:12:68:d5:b8:34:d9: 43:e2:68:dc:8d:78:08:9c:0f:40:b3:6d:38:3a:13: af:58:5b:44:84:54:0f:0e:15:05:a9:d2:4b:12:86: 34:38:97:33:35:63:1b:7c:41:53:a6:ea:92:8d:9a: 50:7d:ad:98:3f:4e:f5:77:0c:7e:ca:d5:bc:c0:d6: bc:14:5c:5e:98:25:3b:41:e6:30:7f:9a:2a:a2:02: 62:c6:24:4b:92:5a:1e:ee:2c:b6:fd:a1:21:de:c6: 19:ec:e6:34:fc:29:c3:16:0b:c5:24:77:b1:ff:44: 66:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:94:F2:39:AA:83:AF:3F:6A:A7:D4:1F:5D:B4:55:CC:F4:1E:FF:E2 X509v3 Authority Key Identifier: keyid:74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:24:75:2b:b4:85:69:a0:70:27:86:e3:1f:43:5a:7b:2b:e9: d0:e6:e7:ec:28:98:3e:61:fa:c6:5f:56:f8:f3:28:b2:85:3c: 65:b0:ce:9c:e2:46:e3:f2:7f:89:0a:e2:f8:52:d8:66:8a:1b: 66:33:f8:17:90:18:b7:cd:38:e4:ca:e9:a7:e3:30:04:97:3e: f6:56:79:f8:5f:3c:1c:e2:82:bb:d7:29:48:bb:a8:39:ef:be: 9c:32:04:5c:0b:36:67:f9:22:77:22:bd:29:75:f6:ef:7b:2c: ba:66:ea:93:38:75:e4:d2:f7:6e:94:4b:49:1d:12:3f:e0:41: d7:54:d9:ae:a4:4e:c6:d5:dc:47:35:87:ba:c7:5a:fa:7d:99: 80:36:de:f4:63:87:d1:51:52:6e:13:c8:fb:9e:22:b6:44:b7: 67:83:1d:ef:ac:8b:4b:52:f6:4b:2a:73:58:eb:9e:32:a7:47: 4b:f2:21:95:73:dd:b1:65:07:61:01:a1:26:1d:f2:0c:77:b9: 8d:fa:44:f1:1b:06:c0:01:9d:37:dd:02:27:9a:69:52:3d:39: f8:69:0d:dd:6f:64:b5:d1:d7:9a:17:5e:3e:ff:00:0f:af:74: 40:62:c0:f9:db:1c:fb:77:7e:dc:16:7b:d0:21:78:77:a5:05: 41:9a:a4:59 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NFkORmTWXbx34rMN3D6RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OWQ4YTQzMjg5MzBiOTM4ZmE4NjAxOGIxZTQ0N2VlNGQ4 ZGE4ZjkwHhcNMjUxMjIwMTAwMDQ0WhcNMjUxMjIxMTAwMDQ0WjAzMTEwLwYDVQQD EyhmYTk0ZjIzOWFhODNhZjNmNmFhN2Q0MWY1ZGI0NTVjY2Y0MWVmZmUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XsTkpLPk4ncQiBeywt5fo1kFhhH xh7ROkwwRCIW1V2xEisbLFcb/ZXrpyQuRg6Iwl+Fa3cbQ0D78iHrieICgueYeeex Bk4dfa2B0FCvSLe7uUHbbdo1l1cMKei/VcWytKgaSTYGpZ3rday+/GsBYA3r/VPi Qs2wJMTUlrlyTxSkswVG4laO9WC4NaTLEi0SaNW4NNlD4mjcjXgInA9As204OhOv WFtEhFQPDhUFqdJLEoY0OJczNWMbfEFTpuqSjZpQfa2YP071dwx+ytW8wNa8FFxe mCU7QeYwf5oqogJixiRLkloe7iy2/aEh3sYZ7OY0/CnDFgvFJHex/0RmNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPqU8jmqg68/aqfUH120Vcz0Hv/iMB8GA1UdIwQY MBaAFHSdikMokwuTj6hgGLHkR+5Njaj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUt MDg4OWUzZWNkMWY2LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUtMDg4OWUzZWNkMWY2 LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJSR1K7SF aaBwJ4bjH0Naeyvp0Obn7CiYPmH6xl9W+PMosoU8ZbDOnOJG4/J/iQri+FLYZoob ZjP4F5AYt8045Mrpp+MwBJc+9lZ5+F88HOKCu9cpSLuoOe++nDIEXAs2Z/kidyK9 KXX273ssumbqkzh15NL3bpRLSR0SP+BB11TZrqROxtXcRzWHusda+n2ZgDbe9GOH 0VFSbhPI+54itkS3Z4Md76yLS1L2SypzWOueMqdHS/IhlXPdsWUHYQGhJh3yDHe5 jfpE8RsGwAGdN90CJ5ppUj05+GkN3W9ktdHXmhdePv8AD690QGLA+dsc+3d+3BZ7 0CF4d6UFQZqkWQ== -----END CERTIFICATE-----Generated at Sat Dec 20 16:16:31 2025 by rpki-client