This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/282cb0-91be-422a-95d3-24f20f9675ec/1/vYUnKkCAkE914jWkevC0EmbipgM.mft File: vYUnKkCAkE914jWkevC0EmbipgM.mft (raw, json) Hash identifier: 33QA9JzQJJHmEaCp9ikTV+JXnamItp7gEygvDGlMgTg= Subject key identifier: 6E:72:17:4E:7C:37:5C:D4:96:44:F4:8A:6E:05:CA:0F:A3:67:EE:35 Authority key identifier: BD:85:27:2A:40:80:90:4F:75:E2:35:A4:7A:F0:B4:12:66:E2:A6:03 Certificate issuer: /CN=bd85272a4080904f75e235a47af0b41266e2a603 Certificate serial: 019B4A028F011A5EC11A898FB1C9175B3B7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vYUnKkCAkE914jWkevC0EmbipgM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/282cb0-91be-422a-95d3-24f20f9675ec/1/vYUnKkCAkE914jWkevC0EmbipgM.mft Manifest number: 0AB9 Signing time: Tue 23 Dec 2025 07:00:40 +0000 Manifest this update: Tue 23 Dec 2025 07:00:40 +0000 Manifest next update: Wed 24 Dec 2025 07:00:40 +0000 Files and hashes: 1: qUq_q62qYu3qxVOMe_F0xihpmUw.roa (hash: SovqRJc4ePvthgrrsQXCalBtYnWMU+TdM7o0xgmwIiE=) 2: vYUnKkCAkE914jWkevC0EmbipgM.crl (hash: 40n7tjgaBp2Vd5Uc3OdhRP9UH71+dVTnJyq3C3RfOlg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/282cb0-91be-422a-95d3-24f20f9675ec/1/vYUnKkCAkE914jWkevC0EmbipgM.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/282cb0-91be-422a-95d3-24f20f9675ec/1/vYUnKkCAkE914jWkevC0EmbipgM.mft rsync://rpki.ripe.net/repository/DEFAULT/vYUnKkCAkE914jWkevC0EmbipgM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:02:8f:01:1a:5e:c1:1a:89:8f:b1:c9:17:5b:3b:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd85272a4080904f75e235a47af0b41266e2a603 Validity Not Before: Dec 23 07:00:40 2025 GMT Not After : Dec 24 07:00:40 2025 GMT Subject: CN=6e72174e7c375cd49644f48a6e05ca0fa367ee35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:02:39:ab:9c:f6:d7:ed:d6:3c:4f:9a:7c:4a: 5a:5e:ae:ef:9c:7b:52:af:c1:6b:d8:63:9d:a0:a0: 6d:cd:37:34:07:34:50:9c:cc:1a:0e:97:1f:20:85: 1d:1a:66:e8:b9:ba:36:2b:07:3c:48:c2:18:4d:b6: c5:7d:5f:06:42:6a:85:37:a7:b1:71:33:9c:4c:82: 97:47:cc:f6:e1:a5:62:0e:bf:75:26:cb:c8:c4:06: 1a:dc:5c:df:19:0c:d1:96:a6:30:c3:87:0b:0c:44: c7:d6:60:e2:e1:30:dd:c4:5a:15:19:8e:e6:6c:ec: bd:3f:50:0e:75:17:e4:8f:9d:99:28:ea:9d:db:ad: 2a:b4:f8:ea:6d:6a:1e:b4:fe:82:75:64:ab:7b:aa: 06:7a:32:ee:03:26:0d:e0:31:9f:d1:0a:51:63:8f: 27:e0:65:5b:21:8e:98:54:73:41:73:ce:6f:86:44: f4:74:f0:b0:64:a7:34:c2:2b:10:55:d0:ae:3d:e2: fc:fe:78:c1:e4:1b:8b:e1:b3:41:f0:fd:30:98:ce: c0:83:41:0b:82:0b:9d:18:23:6a:02:3a:2b:e4:43: 1c:72:3c:7d:5b:a0:ec:1d:13:7a:48:61:ce:ee:a4: 79:49:d0:dc:e2:3b:cc:ee:f6:45:52:4d:75:2c:ba: 2b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:72:17:4E:7C:37:5C:D4:96:44:F4:8A:6E:05:CA:0F:A3:67:EE:35 X509v3 Authority Key Identifier: keyid:BD:85:27:2A:40:80:90:4F:75:E2:35:A4:7A:F0:B4:12:66:E2:A6:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vYUnKkCAkE914jWkevC0EmbipgM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/282cb0-91be-422a-95d3-24f20f9675ec/1/vYUnKkCAkE914jWkevC0EmbipgM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/282cb0-91be-422a-95d3-24f20f9675ec/1/vYUnKkCAkE914jWkevC0EmbipgM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:8a:8a:25:df:13:da:5a:a9:b9:65:0b:c9:c6:11:e4:b3:89: 78:1a:a2:4a:9b:f0:1a:b8:55:f8:f3:fc:7f:53:1e:6c:3a:e0: 11:f7:d3:d3:72:e5:58:e7:46:b7:5e:e9:ee:7c:fc:d8:15:0c: f6:e2:0c:a9:2e:3e:2c:45:e7:e9:b8:16:f3:05:47:0b:9f:6a: 9c:e0:c4:43:fc:26:77:db:78:b8:cf:ac:6a:f6:ed:97:80:a0: 6c:aa:14:32:92:2c:02:5f:52:43:36:7f:c5:40:9a:59:c8:ee: b8:8f:b4:5c:bd:e7:7f:3c:bf:76:78:39:48:9a:3c:c7:1c:47: 0e:ea:0e:b6:bc:1c:36:3b:21:7c:e9:f4:e7:fa:34:da:2d:6f: 2f:52:00:f3:ce:14:dd:7f:7e:5b:ce:ea:40:d7:c9:86:f2:d1: 3a:2c:6a:ab:4e:d6:a0:b6:46:d8:a3:ac:cf:bd:8c:bf:f0:1f: b6:d4:16:87:f8:e9:ac:cc:c6:37:55:90:c0:57:b9:01:4b:c7: 3b:c5:0b:fd:43:62:7d:5e:58:d2:4c:79:26:1c:1a:19:c8:34: 1b:0c:31:73:09:4b:49:e7:1d:66:32:8e:d2:90:84:ad:8c:11: df:90:87:c9:05:51:c0:1f:1d:21:a8:53:71:37:f9:bf:83:30: 85:65:c7:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKAo8BGl7BGomPsckXWzt7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkODUyNzJhNDA4MDkwNGY3NWUyMzVhNDdhZjBiNDEyNjZl MmE2MDMwHhcNMjUxMjIzMDcwMDQwWhcNMjUxMjI0MDcwMDQwWjAzMTEwLwYDVQQD Eyg2ZTcyMTc0ZTdjMzc1Y2Q0OTY0NGY0OGE2ZTA1Y2EwZmEzNjdlZTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwI5q5z21+3WPE+afEpaXq7vnHtS r8Fr2GOdoKBtzTc0BzRQnMwaDpcfIIUdGmboubo2Kwc8SMIYTbbFfV8GQmqFN6ex cTOcTIKXR8z24aViDr91JsvIxAYa3FzfGQzRlqYww4cLDETH1mDi4TDdxFoVGY7m bOy9P1AOdRfkj52ZKOqd260qtPjqbWoetP6CdWSre6oGejLuAyYN4DGf0QpRY48n 4GVbIY6YVHNBc85vhkT0dPCwZKc0wisQVdCuPeL8/njB5BuL4bNB8P0wmM7Ag0EL ggudGCNqAjor5EMccjx9W6DsHRN6SGHO7qR5SdDc4jvM7vZFUk11LLorPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG5yF058N1zUlkT0im4Fyg+jZ+41MB8GA1UdIwQY MBaAFL2FJypAgJBPdeI1pHrwtBJm4qYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdllVbktrQ0FrRTkxNGpXa2V2QzBFbWJpcGdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yODJjYjAtOTFiZS00MjJhLTk1ZDMt MjRmMjBmOTY3NWVjLzEvdllVbktrQ0FrRTkxNGpXa2V2QzBFbWJpcGdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8yODJjYjAtOTFiZS00MjJhLTk1ZDMtMjRmMjBmOTY3NWVj LzEvdllVbktrQ0FrRTkxNGpXa2V2QzBFbWJpcGdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtIqKJd8T 2lqpuWULycYR5LOJeBqiSpvwGrhV+PP8f1MebDrgEffT03LlWOdGt17p7nz82BUM 9uIMqS4+LEXn6bgW8wVHC59qnODEQ/wmd9t4uM+savbtl4CgbKoUMpIsAl9SQzZ/ xUCaWcjuuI+0XL3nfzy/dng5SJo8xxxHDuoOtrwcNjshfOn05/o02i1vL1IA884U 3X9+W87qQNfJhvLROixqq07WoLZG2KOsz72Mv/AfttQWh/jprMzGN1WQwFe5AUvH O8UL/UNifV5Y0kx5JhwaGcg0GwwxcwlLSecdZjKO0pCErYwR35CHyQVRwB8dIahT cTf5v4MwhWXHQg== -----END CERTIFICATE-----Generated at Tue Dec 23 16:48:15 2025 by rpki-client