This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft File: cnFQa_q5Ese4FxuWuFoJmxQObNg.mft (raw, json) Hash identifier: 1THIjdF0gZK6ViUPrUkGy83ecZndeQp3gHv+8lcys48= Subject key identifier: 83:ED:40:77:DC:46:10:0C:2A:1B:DD:96:30:76:3E:95:65:A4:89:AC Authority key identifier: 72:71:50:6B:FA:B9:12:C7:B8:17:1B:96:B8:5A:09:9B:14:0E:6C:D8 Certificate issuer: /CN=7271506bfab912c7b8171b96b85a099b140e6cd8 Certificate serial: 019B3C107F7AA55B691E4C366CC806AF112D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnFQa_q5Ese4FxuWuFoJmxQObNg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft Manifest number: 05AB Signing time: Sat 20 Dec 2025 14:01:12 +0000 Manifest this update: Sat 20 Dec 2025 14:01:12 +0000 Manifest next update: Sun 21 Dec 2025 14:01:12 +0000 Files and hashes: 1: 1-t2gcnq_wGKj6Cw9yBTlPkMhqpA.roa (hash: biNGhGH5AKAvuvZqlWI6oNS4u1EhxLRFN8pAccYPS0U=) 2: cnFQa_q5Ese4FxuWuFoJmxQObNg.crl (hash: 7Pr/pGc9m+bXk8gzzQHzHn+j2I8JAN7u28ximyZ2hXw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft rsync://rpki.ripe.net/repository/DEFAULT/cnFQa_q5Ese4FxuWuFoJmxQObNg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:7f:7a:a5:5b:69:1e:4c:36:6c:c8:06:af:11:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7271506bfab912c7b8171b96b85a099b140e6cd8 Validity Not Before: Dec 20 14:01:12 2025 GMT Not After : Dec 21 14:01:12 2025 GMT Subject: CN=83ed4077dc46100c2a1bdd9630763e9565a489ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d5:b5:ca:5b:e6:67:6d:65:c5:81:64:39:38: b5:03:5e:83:6e:2f:2b:38:d8:2b:33:c2:68:60:d0: 87:fb:56:57:b4:ed:14:2b:cb:f0:b5:c7:84:61:2c: 6f:ab:07:7c:91:60:21:b1:ed:8c:91:c0:27:6f:e1: 19:3d:84:bc:d7:88:4e:a4:02:40:ad:e2:90:ef:ac: a2:8b:2a:0d:2d:e8:4b:5d:d6:8c:ab:65:9b:61:4d: cd:c2:50:43:95:3b:77:ef:39:a1:42:25:d2:06:02: a1:1d:1d:2c:f4:ed:42:f6:76:bc:d8:bf:16:5b:89: 6a:57:97:75:0f:d4:66:36:59:27:e0:c3:80:ea:13: 3d:c5:fc:38:d5:4c:07:c4:dc:9f:a8:8a:c2:a3:a9: b4:01:5e:46:f4:e3:db:25:c5:87:ca:bf:c0:d5:91: 53:64:9d:cb:98:fb:c5:0b:6f:9f:dc:fa:ad:27:79: ca:ec:15:d1:71:ba:50:fc:5e:9a:bc:24:f5:95:dc: a6:59:6a:51:7a:a2:f1:0b:62:1a:a0:b9:64:16:e9: d2:36:91:ef:f8:67:35:5e:f7:7c:82:63:6f:9b:45: 9d:a8:93:a4:64:d0:fa:c6:56:44:99:63:d4:60:b8: 6a:07:e5:1a:00:03:8b:a8:a3:67:c7:52:11:93:82: 01:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:ED:40:77:DC:46:10:0C:2A:1B:DD:96:30:76:3E:95:65:A4:89:AC X509v3 Authority Key Identifier: keyid:72:71:50:6B:FA:B9:12:C7:B8:17:1B:96:B8:5A:09:9B:14:0E:6C:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnFQa_q5Ese4FxuWuFoJmxQObNg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/cd5824-2dde-403e-b2c4-d225032d1858/1/cnFQa_q5Ese4FxuWuFoJmxQObNg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:39:ab:80:08:46:9d:f3:7a:c3:d1:d3:33:2d:d0:0d:34:7e: 45:1d:1f:2b:21:e6:fa:49:1f:f7:74:c1:e5:72:ca:6e:e7:77: 2f:e2:83:c0:27:3e:bb:03:51:97:38:7d:b6:70:26:ea:23:65: ba:4a:3f:ed:c8:d0:ca:c0:18:bd:c5:1f:05:7f:66:73:3c:7c: 7a:11:3e:6f:cf:6b:5a:a0:c0:86:0a:b1:86:8c:b5:06:ed:bb: 84:bd:8a:55:19:18:cb:42:cb:b4:13:ce:b0:db:ae:b2:c1:40: ae:3f:ec:f6:34:d7:99:48:d1:b3:80:c2:fc:16:51:6f:9a:fe: bc:5d:34:fd:46:28:bb:e2:4a:1c:e7:2a:7c:c5:13:55:ec:1e: 02:29:1a:0f:35:cb:40:aa:4e:e8:04:2a:0a:5f:6d:da:b8:86: 8c:bf:55:68:41:e8:cc:fd:ee:f1:26:b4:f9:31:e0:1c:20:c3: e6:6a:77:18:32:d8:c0:5f:96:1b:d0:b6:0f:a1:7a:36:db:0a: 8e:e8:a3:1c:3f:50:55:be:5e:d8:9c:2e:90:37:07:99:c6:d0: c8:6d:29:e0:d7:78:6e:23:42:40:b3:11:0f:d4:70:02:c0:59: 06:9d:3f:ef:79:a7:b8:46:86:ce:a7:2c:59:e6:4e:e9:e0:90: b5:1b:97:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EH96pVtpHkw2bMgGrxEtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNzE1MDZiZmFiOTEyYzdiODE3MWI5NmI4NWEwOTliMTQw ZTZjZDgwHhcNMjUxMjIwMTQwMTEyWhcNMjUxMjIxMTQwMTEyWjAzMTEwLwYDVQQD Eyg4M2VkNDA3N2RjNDYxMDBjMmExYmRkOTYzMDc2M2U5NTY1YTQ4OWFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNW1ylvmZ21lxYFkOTi1A16Dbi8r ONgrM8JoYNCH+1ZXtO0UK8vwtceEYSxvqwd8kWAhse2MkcAnb+EZPYS814hOpAJA reKQ76yiiyoNLehLXdaMq2WbYU3NwlBDlTt37zmhQiXSBgKhHR0s9O1C9na82L8W W4lqV5d1D9RmNlkn4MOA6hM9xfw41UwHxNyfqIrCo6m0AV5G9OPbJcWHyr/A1ZFT ZJ3LmPvFC2+f3PqtJ3nK7BXRcbpQ/F6avCT1ldymWWpReqLxC2IaoLlkFunSNpHv +Gc1Xvd8gmNvm0WdqJOkZND6xlZEmWPUYLhqB+UaAAOLqKNnx1IRk4IBlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIPtQHfcRhAMKhvdljB2PpVlpImsMB8GA1UdIwQY MBaAFHJxUGv6uRLHuBcblrhaCZsUDmzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY25GUWFfcTVFc2U0Rnh1V3VGb0pteFFPYk5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jZDU4MjQtMmRkZS00MDNlLWIyYzQt ZDIyNTAzMmQxODU4LzEvY25GUWFfcTVFc2U0Rnh1V3VGb0pteFFPYk5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9jZDU4MjQtMmRkZS00MDNlLWIyYzQtZDIyNTAzMmQxODU4 LzEvY25GUWFfcTVFc2U0Rnh1V3VGb0pteFFPYk5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmjmrgAhG nfN6w9HTMy3QDTR+RR0fKyHm+kkf93TB5XLKbud3L+KDwCc+uwNRlzh9tnAm6iNl uko/7cjQysAYvcUfBX9mczx8ehE+b89rWqDAhgqxhoy1Bu27hL2KVRkYy0LLtBPO sNuussFArj/s9jTXmUjRs4DC/BZRb5r+vF00/UYou+JKHOcqfMUTVeweAikaDzXL QKpO6AQqCl9t2riGjL9VaEHozP3u8Sa0+THgHCDD5mp3GDLYwF+WG9C2D6F6NtsK juijHD9QVb5e2JwukDcHmcbQyG0p4Nd4biNCQLMRD9RwAsBZBp0/73mnuEaGzqcs WeZO6eCQtRuXWA== -----END CERTIFICATE-----Generated at Sat Dec 20 19:46:21 2025 by rpki-client