This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft File: r7oQsKZ20-H6tWUoQw-siRoINlI.mft (raw, json) Hash identifier: 3NI96gY5rXHhZ2RalUlI298nSY7k+QR0ho1F4/vPJKs= Subject key identifier: 97:F4:44:41:C6:F6:6F:66:FF:6E:43:1B:8B:F7:06:D8:2A:AC:97:3E Authority key identifier: AF:BA:10:B0:A6:76:D3:E1:FA:B5:65:28:43:0F:AC:89:1A:08:36:52 Certificate issuer: /CN=afba10b0a676d3e1fab56528430fac891a083652 Certificate serial: 019B53AAE18B45894510632E49205A5C5CB7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft Manifest number: 1794 Signing time: Thu 25 Dec 2025 04:01:06 +0000 Manifest this update: Thu 25 Dec 2025 04:01:06 +0000 Manifest next update: Fri 26 Dec 2025 04:01:06 +0000 Files and hashes: 1: KrPbG6M_7Mm1PtcHhZI4wknQI1M.roa (hash: tjtqRRJLnNhIS/xM5FVWwtZTtirmBRvu7piQDYGy3mE=) 2: r7oQsKZ20-H6tWUoQw-siRoINlI.crl (hash: w4pYj4aBISScmclyUeSWyQ27xGrEIjSXWlWVnnT3Fy8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:aa:e1:8b:45:89:45:10:63:2e:49:20:5a:5c:5c:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afba10b0a676d3e1fab56528430fac891a083652 Validity Not Before: Dec 25 04:01:06 2025 GMT Not After : Dec 26 04:01:06 2025 GMT Subject: CN=97f44441c6f66f66ff6e431b8bf706d82aac973e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:a1:17:8a:64:0f:d0:cf:18:a3:49:22:a6:53: f7:26:2e:53:7a:fd:33:0c:65:29:ae:c6:93:2b:a6: d2:de:25:52:0c:da:ff:aa:eb:a6:14:30:ea:3b:45: b3:db:06:eb:24:d3:08:cf:1f:26:08:15:1a:86:0a: d2:2c:2e:ea:93:fc:0c:19:0a:33:b4:4d:e1:0d:2a: 33:c3:26:bd:e5:30:91:12:d0:d8:1f:9e:d3:c7:de: 6d:86:03:01:3d:9f:d5:6f:43:8c:2e:4d:c0:ec:83: 73:64:33:8d:85:c0:42:0a:50:36:91:e6:b2:16:40: 5a:aa:2e:9b:5f:45:38:50:30:03:1d:42:33:49:63: f3:1b:37:ae:d2:3d:57:77:e2:29:96:b8:68:9e:c3: 83:cb:40:26:e2:e4:40:50:21:4a:d5:72:84:a7:4e: 21:9e:58:f8:70:4d:02:5d:be:8a:8b:3c:7f:3f:ea: e2:13:45:31:d5:ed:b5:45:ef:b9:8f:c5:7b:79:87: 95:62:a9:3a:f4:dc:95:0e:0c:91:89:37:b4:d6:78: 7d:2e:be:13:fb:74:ab:64:56:1a:e7:d6:5b:b3:50: 5d:b7:74:5f:db:5f:f9:2d:bd:e6:2c:84:2c:5d:41: a8:08:5d:e9:5e:a1:10:01:63:f7:aa:e4:97:9f:7e: c2:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:F4:44:41:C6:F6:6F:66:FF:6E:43:1B:8B:F7:06:D8:2A:AC:97:3E X509v3 Authority Key Identifier: keyid:AF:BA:10:B0:A6:76:D3:E1:FA:B5:65:28:43:0F:AC:89:1A:08:36:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:79:ef:a4:3d:e4:2f:d1:db:f3:f2:eb:8a:04:f6:2c:ee:10: 10:0b:6c:04:4d:3a:04:7e:83:ff:48:65:83:15:b2:89:95:43: af:06:7c:5b:0f:a7:b7:60:72:dd:9e:e6:b4:db:9a:f6:55:ee: 44:74:54:fd:fd:1a:cb:9e:fe:5f:57:65:74:f4:be:a4:49:88: 66:a2:ac:41:65:ec:a5:5e:6a:92:49:9b:5a:8d:4b:75:09:13: 02:cc:82:3a:fa:e8:12:1c:56:94:1d:95:67:b9:8b:b6:a3:bf: 26:24:9a:b2:da:ba:64:5b:da:5a:af:2c:63:f6:13:5f:e7:83: b7:ad:de:71:60:ad:96:a5:34:90:82:87:50:b9:fe:f2:6d:e0: 9a:7e:70:26:54:42:80:f6:24:a2:b2:3f:69:ad:95:54:63:c3: 98:8a:ea:81:24:8e:1f:46:ed:e8:c0:f7:41:63:f5:ec:ce:4b: 4e:a6:70:2c:a2:ea:73:0c:f1:ab:1d:b6:97:93:2d:5f:fb:5b: 1a:80:a2:14:de:6a:95:76:7d:8a:cf:a5:28:9f:97:44:a7:3e: 03:09:6b:bd:19:5d:dc:5b:43:fa:7b:ce:80:cd:88:9e:f9:2e: 85:97:ca:60:63:07:48:af:ed:b6:72:bd:76:67:8b:3a:da:d8: 1a:be:3d:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTquGLRYlFEGMuSSBaXFy3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmYmExMGIwYTY3NmQzZTFmYWI1NjUyODQzMGZhYzg5MWEw ODM2NTIwHhcNMjUxMjI1MDQwMTA2WhcNMjUxMjI2MDQwMTA2WjAzMTEwLwYDVQQD Eyg5N2Y0NDQ0MWM2ZjY2ZjY2ZmY2ZTQzMWI4YmY3MDZkODJhYWM5NzNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqEXimQP0M8Yo0kiplP3Ji5Tev0z DGUprsaTK6bS3iVSDNr/quumFDDqO0Wz2wbrJNMIzx8mCBUahgrSLC7qk/wMGQoz tE3hDSozwya95TCREtDYH57Tx95thgMBPZ/Vb0OMLk3A7INzZDONhcBCClA2keay FkBaqi6bX0U4UDADHUIzSWPzGzeu0j1Xd+IplrhonsODy0Am4uRAUCFK1XKEp04h nlj4cE0CXb6Kizx/P+riE0Ux1e21Re+5j8V7eYeVYqk69NyVDgyRiTe01nh9Lr4T +3SrZFYa59Zbs1Bdt3Rf21/5Lb3mLIQsXUGoCF3pXqEQAWP3quSXn37C2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJf0REHG9m9m/25DG4v3BtgqrJc+MB8GA1UdIwQY MBaAFK+6ELCmdtPh+rVlKEMPrIkaCDZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xYTljOWYtMGMwNy00Nzc2LWFlNjUt ZTAyN2RjYjFkMTg2LzEvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8xYTljOWYtMGMwNy00Nzc2LWFlNjUtZTAyN2RjYjFkMTg2 LzEvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ3nvpD3k L9Hb8/LrigT2LO4QEAtsBE06BH6D/0hlgxWyiZVDrwZ8Ww+nt2By3Z7mtNua9lXu RHRU/f0ay57+X1dldPS+pEmIZqKsQWXspV5qkkmbWo1LdQkTAsyCOvroEhxWlB2V Z7mLtqO/JiSastq6ZFvaWq8sY/YTX+eDt63ecWCtlqU0kIKHULn+8m3gmn5wJlRC gPYkorI/aa2VVGPDmIrqgSSOH0bt6MD3QWP17M5LTqZwLKLqcwzxqx22l5MtX/tb GoCiFN5qlXZ9is+lKJ+XRKc+AwlrvRld3FtD+nvOgM2InvkuhZfKYGMHSK/ttnK9 dmeLOtrYGr49yw== -----END CERTIFICATE-----Generated at Thu Dec 25 05:31:50 2025 by rpki-client