This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft File: rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft (raw, json) Hash identifier: mlXpwA+VlghU84saS5eVMT5+ngVSD+iTc7FBpeyk7Cc= Subject key identifier: E6:32:37:A0:34:58:FE:0E:EC:9D:C3:C5:53:C8:F2:54:AE:75:63:DC Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00 Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900 Certificate serial: 019B3E355CD6A8EB5F24942671A1BDA08A0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft Manifest number: 17A3 Signing time: Sun 21 Dec 2025 00:00:43 +0000 Manifest this update: Sun 21 Dec 2025 00:00:43 +0000 Manifest next update: Mon 22 Dec 2025 00:00:43 +0000 Files and hashes: 1: 1xef8JB14kgVdYbFNM-Oq6W7NWA.roa (hash: 2TgMpFsN8snCYIhnDbb3K1R/JLwOpv09B4vLRv33njY=) 2: ToMuWHyiRaajps4vDuhQJOslyAU.roa (hash: ke6Ja8Xs3dkfS5WPMbYkREYjZOPIsKYiNDdqbTUvm8g=) 3: mG-NGr5UJw8Bdsm31xr0LARp3LM.roa (hash: Ez+x2KZ41CLnIqO9c7EUA1U/u9pzX46TWaq6peZ65/4=) 4: nqdZW8VS3cJABsENIPnwko2Hihc.roa (hash: IhzETIut1wHzF58gkob1Irj0rHur1kgwouWb5+riuAI=) 5: nrBcJclJWWQmSFgHdkkN2rl4iMo.roa (hash: LHzeWYsmA5iX5RkIBuodpJrYuHeqFeRrX4/36Bp1azQ=) 6: rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl (hash: vOJedNUc6pVDX/ZicodX27TyxDoND6lSq/Jcaib0biw=) 7: s_aKE2fwvI0TlJb7EYHJTZWCW7w.roa (hash: fh6F14UFEi/72CmWgxdS2ArW4727YK4EYnZc6mj0zIE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:35:5c:d6:a8:eb:5f:24:94:26:71:a1:bd:a0:8a:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900 Validity Not Before: Dec 21 00:00:43 2025 GMT Not After : Dec 22 00:00:43 2025 GMT Subject: CN=e63237a03458fe0eec9dc3c553c8f254ae7563dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:3b:86:45:42:d4:f3:28:11:62:c9:ea:db:03: ca:6a:e4:f0:3a:a3:d7:7f:7d:c7:08:99:1d:5d:b2: 59:e0:ec:5d:21:a8:5c:45:bf:73:79:21:53:97:a1: 10:9e:40:28:97:c9:9f:49:f0:74:2a:34:c6:46:78: 0e:8a:d1:5d:71:9d:47:6f:fe:a2:6e:3b:e7:76:4f: d7:e2:c8:d6:06:c3:34:e8:86:f3:c4:d4:be:0e:41: 0e:71:03:26:ee:47:25:70:f5:9f:07:55:19:5d:eb: 7e:9d:0a:bc:bc:79:db:31:14:0e:d2:b1:a6:ad:aa: 7e:b4:fc:4e:e2:e8:ca:45:7f:44:9b:6c:70:45:ad: f3:8a:ff:e2:98:09:75:05:b3:d4:01:78:f3:d4:53: f6:e9:b9:f3:77:0a:88:f4:b5:80:cc:6c:dc:80:a6: 4c:c9:51:af:f2:5b:37:6f:59:3d:d3:a5:46:59:9a: da:41:40:ae:a6:0d:54:3a:90:fa:1c:43:5d:b5:b0: a5:e3:35:27:e5:05:4f:6e:65:4b:d8:46:fb:60:31: 94:b2:5c:d0:e6:00:43:06:a2:92:56:81:86:8e:d2: 01:c3:49:bf:e7:b2:d9:61:42:8f:78:8b:e2:05:9b: 5d:d8:13:68:05:33:2e:57:d8:cc:7a:16:97:7d:e8: 20:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:32:37:A0:34:58:FE:0E:EC:9D:C3:C5:53:C8:F2:54:AE:75:63:DC X509v3 Authority Key Identifier: keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:e1:00:02:a9:80:c5:df:ad:2b:76:c5:c2:31:5e:5e:bc:f7: 93:80:8c:64:25:12:df:b9:d6:f8:a5:61:df:85:5a:01:83:55: c4:0d:2c:5f:59:a2:b9:a5:75:a7:9d:53:b2:21:e9:3c:73:0c: 7f:86:5e:a6:95:eb:c9:35:94:a9:1a:11:b3:ff:a9:41:72:8d: a0:1d:1c:a4:36:21:04:73:eb:f8:f6:46:ae:f1:ec:84:63:bd: f0:72:a2:bb:2c:78:e1:b9:34:4c:91:6f:94:b0:12:55:80:e2: c9:e6:c5:c9:e6:86:31:fe:e7:73:29:36:24:db:d0:11:77:af: f7:92:40:de:b4:97:59:e8:9a:2a:d7:29:7c:34:4d:1d:99:50: c9:f5:60:f2:eb:d0:c0:9f:ab:c1:94:53:44:52:a3:80:46:10: 5f:4c:29:99:d8:76:2c:c8:79:4a:ec:11:9d:ce:c8:18:45:79: 95:95:9f:1a:89:35:01:e5:05:79:c9:ba:74:3d:70:b7:86:17: 01:af:8c:09:a4:eb:8e:ca:57:2e:cc:b1:75:c6:f1:1c:dc:dd: b6:9c:a1:11:0e:af:18:be:3e:80:38:61:9d:a1:13:34:a9:02: 86:1b:08:45:97:2a:5d:50:78:2c:ad:f3:66:e3:3a:d1:ff:dc: 6f:a7:b0:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+NVzWqOtfJJQmcaG9oIoMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1 M2U5MDAwHhcNMjUxMjIxMDAwMDQzWhcNMjUxMjIyMDAwMDQzWjAzMTEwLwYDVQQD EyhlNjMyMzdhMDM0NThmZTBlZWM5ZGMzYzU1M2M4ZjI1NGFlNzU2M2RjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjuGRULU8ygRYsnq2wPKauTwOqPX f33HCJkdXbJZ4OxdIahcRb9zeSFTl6EQnkAol8mfSfB0KjTGRngOitFdcZ1Hb/6i bjvndk/X4sjWBsM06IbzxNS+DkEOcQMm7kclcPWfB1UZXet+nQq8vHnbMRQO0rGm rap+tPxO4ujKRX9Em2xwRa3ziv/imAl1BbPUAXjz1FP26bnzdwqI9LWAzGzcgKZM yVGv8ls3b1k906VGWZraQUCupg1UOpD6HENdtbCl4zUn5QVPbmVL2Eb7YDGUslzQ 5gBDBqKSVoGGjtIBw0m/57LZYUKPeIviBZtd2BNoBTMuV9jMehaXfeggSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOYyN6A0WP4O7J3DxVPI8lSudWPcMB8GA1UdIwQY MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et YzZmMWU2YWM5YmE5LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5 LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkeEAAqmA xd+tK3bFwjFeXrz3k4CMZCUS37nW+KVh34VaAYNVxA0sX1miuaV1p51TsiHpPHMM f4ZeppXryTWUqRoRs/+pQXKNoB0cpDYhBHPr+PZGrvHshGO98HKiuyx44bk0TJFv lLASVYDiyebFyeaGMf7ncyk2JNvQEXev95JA3rSXWeiaKtcpfDRNHZlQyfVg8uvQ wJ+rwZRTRFKjgEYQX0wpmdh2LMh5SuwRnc7IGEV5lZWfGok1AeUFecm6dD1wt4YX Aa+MCaTrjspXLsyxdcbxHNzdtpyhEQ6vGL4+gDhhnaETNKkChhsIRZcqXVB4LK3z ZuM60f/cb6ewbQ== -----END CERTIFICATE-----Generated at Sun Dec 21 08:42:04 2025 by rpki-client