This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.mft File: vJldFVAngKzfe25qGGXttaDn3Es.mft (raw, json) Hash identifier: m71Yv7HyAvomNMd1tq8oaS0apNzzLUhu4ES+XTMCxkI= Subject key identifier: A0:CF:D1:BE:6E:66:A3:A8:ED:36:6B:F9:9A:96:04:4E:35:A8:48:EF Authority key identifier: BC:99:5D:15:50:27:80:AC:DF:7B:6E:6A:18:65:ED:B5:A0:E7:DC:4B Certificate issuer: /CN=bc995d15502780acdf7b6e6a1865edb5a0e7dc4b Certificate serial: 019B42B7A710228CF98F073899A4ACF11050 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.mft Manifest number: 0540 Signing time: Sun 21 Dec 2025 21:01:30 +0000 Manifest this update: Sun 21 Dec 2025 21:01:30 +0000 Manifest next update: Mon 22 Dec 2025 21:01:30 +0000 Files and hashes: 1: vJldFVAngKzfe25qGGXttaDn3Es.crl (hash: /HMCsRoYoJ5WgFMnWS35mSfhpKhDWQPLKbB7Wz4YDa8=) 2: ylPOOnSs52DARSEahPLXBl4_KnA.roa (hash: lVDEfOqJ+hS5o1tAWzlyu4ZG8E1RuFvF7CBIziXEhTM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.mft rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b7:a7:10:22:8c:f9:8f:07:38:99:a4:ac:f1:10:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc995d15502780acdf7b6e6a1865edb5a0e7dc4b Validity Not Before: Dec 21 21:01:30 2025 GMT Not After : Dec 22 21:01:30 2025 GMT Subject: CN=a0cfd1be6e66a3a8ed366bf99a96044e35a848ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:c7:8a:c7:96:3b:5d:6b:94:e9:9e:6c:43:9e: d0:52:b2:de:19:52:ab:1e:70:31:87:59:8c:3f:ef: 9b:f3:6a:f0:49:15:a6:19:8e:da:ec:53:6b:b7:94: 87:92:36:58:1a:a8:e9:8f:82:35:ef:33:79:18:e6: 15:4a:8c:68:cb:80:8c:a2:cf:5d:41:6c:b1:1d:18: 47:dc:27:17:15:6e:67:b3:9c:9b:8c:d9:57:2f:14: 13:a1:5a:26:d8:a5:47:1e:ac:f6:6b:9a:fd:45:ae: 4b:06:94:d3:c3:1f:df:fb:17:20:48:86:bf:c2:c0: 0b:0a:d0:50:8f:b0:c0:c6:9b:68:5f:3e:57:87:a8: 50:7a:f0:b6:63:8e:e0:dc:83:a9:a8:cd:65:0f:ae: 2e:dc:d3:be:68:ca:a0:ab:9d:69:55:36:eb:75:e6: 5b:c5:fc:03:dd:e0:7b:dc:52:40:37:b6:fa:86:b8: 7c:d1:d1:4a:d4:c8:11:15:09:3d:72:b1:1d:cc:d7: 93:77:dc:8e:9a:3f:47:35:56:ba:9b:c5:34:0f:d8: c8:ce:70:7b:3c:49:11:5b:e5:21:6e:40:37:91:e5: 32:e3:71:0f:3f:8b:6f:df:cf:f7:b0:61:ec:cd:00: de:ff:27:b6:4e:80:06:c5:64:91:8b:98:fc:d2:6d: ac:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:CF:D1:BE:6E:66:A3:A8:ED:36:6B:F9:9A:96:04:4E:35:A8:48:EF X509v3 Authority Key Identifier: keyid:BC:99:5D:15:50:27:80:AC:DF:7B:6E:6A:18:65:ED:B5:A0:E7:DC:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJldFVAngKzfe25qGGXttaDn3Es.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/044350-8cc9-486d-87c9-572c4e129d32/1/vJldFVAngKzfe25qGGXttaDn3Es.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:54:d4:11:e8:d7:d2:ad:ff:7d:42:5d:6c:a4:48:cc:b9:f5: 38:10:26:4b:c9:c3:b3:33:b3:2d:55:7d:8f:10:8c:37:28:e5: a4:5c:c3:63:14:54:b3:e9:c4:2c:5f:d8:27:0f:7e:b7:8c:37: 30:8c:76:23:7c:32:9b:01:62:06:23:ed:92:48:12:4d:6f:ec: 51:23:50:5b:cf:c3:01:34:e6:e5:c8:39:8a:b0:12:c4:27:3f: 9e:c6:44:d2:c4:bd:88:1f:96:c1:1f:34:40:6b:73:76:37:c1: 3b:06:52:54:d9:e3:e9:59:08:a6:d3:c6:c3:20:4d:3d:49:58: 3c:fb:b3:56:0b:3f:73:c3:98:15:ba:81:c3:19:da:a3:f7:32: 13:63:5e:08:10:c8:61:11:0a:60:b9:76:d1:d4:22:d0:d2:b8: bb:5e:be:ad:04:b2:33:79:d8:30:00:54:5e:a4:d2:12:62:4e: 8f:45:49:44:ba:d8:75:be:b6:3c:1f:5c:9d:df:89:61:75:92: d8:04:b0:39:fb:73:af:fa:93:32:27:cb:6b:ec:4c:88:55:77: 53:0a:c1:5e:d3:fb:3a:42:6c:f3:f0:7f:d1:e5:b1:57:f2:6b: fd:55:3b:3e:85:02:26:52:21:d3:79:8e:c8:50:f2:43:93:91: 9d:54:62:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCt6cQIoz5jwc4maSs8RBQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjOTk1ZDE1NTAyNzgwYWNkZjdiNmU2YTE4NjVlZGI1YTBl N2RjNGIwHhcNMjUxMjIxMjEwMTMwWhcNMjUxMjIyMjEwMTMwWjAzMTEwLwYDVQQD EyhhMGNmZDFiZTZlNjZhM2E4ZWQzNjZiZjk5YTk2MDQ0ZTM1YTg0OGVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtseKx5Y7XWuU6Z5sQ57QUrLeGVKr HnAxh1mMP++b82rwSRWmGY7a7FNrt5SHkjZYGqjpj4I17zN5GOYVSoxoy4CMos9d QWyxHRhH3CcXFW5ns5ybjNlXLxQToVom2KVHHqz2a5r9Ra5LBpTTwx/f+xcgSIa/ wsALCtBQj7DAxptoXz5Xh6hQevC2Y47g3IOpqM1lD64u3NO+aMqgq51pVTbrdeZb xfwD3eB73FJAN7b6hrh80dFK1MgRFQk9crEdzNeTd9yOmj9HNVa6m8U0D9jIznB7 PEkRW+UhbkA3keUy43EPP4tv38/3sGHszQDe/ye2ToAGxWSRi5j80m2sDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKDP0b5uZqOo7TZr+ZqWBE41qEjvMB8GA1UdIwQY MBaAFLyZXRVQJ4Cs33tuahhl7bWg59xLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkpsZEZWQW5nS3pmZTI1cUdHWHR0YURuM0VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNDQzNTAtOGNjOS00ODZkLTg3Yzkt NTcyYzRlMTI5ZDMyLzEvdkpsZEZWQW5nS3pmZTI1cUdHWHR0YURuM0VzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8wNDQzNTAtOGNjOS00ODZkLTg3YzktNTcyYzRlMTI5ZDMy LzEvdkpsZEZWQW5nS3pmZTI1cUdHWHR0YURuM0VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmVTUEejX 0q3/fUJdbKRIzLn1OBAmS8nDszOzLVV9jxCMNyjlpFzDYxRUs+nELF/YJw9+t4w3 MIx2I3wymwFiBiPtkkgSTW/sUSNQW8/DATTm5cg5irASxCc/nsZE0sS9iB+WwR80 QGtzdjfBOwZSVNnj6VkIptPGwyBNPUlYPPuzVgs/c8OYFbqBwxnao/cyE2NeCBDI YREKYLl20dQi0NK4u16+rQSyM3nYMABUXqTSEmJOj0VJRLrYdb62PB9cnd+JYXWS 2ASwOftzr/qTMifLa+xMiFV3UwrBXtP7OkJs8/B/0eWxV/Jr/VU7PoUCJlIh03mO yFDyQ5ORnVRi+A== -----END CERTIFICATE-----Generated at Mon Dec 22 01:53:01 2025 by rpki-client