This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft
File: r7oQsKZ20-H6tWUoQw-siRoINlI.mft (raw, json)
Hash identifier: 3NI96gY5rXHhZ2RalUlI298nSY7k+QR0ho1F4/vPJKs=
Subject key identifier: 97:F4:44:41:C6:F6:6F:66:FF:6E:43:1B:8B:F7:06:D8:2A:AC:97:3E
Authority key identifier: AF:BA:10:B0:A6:76:D3:E1:FA:B5:65:28:43:0F:AC:89:1A:08:36:52
Certificate issuer: /CN=afba10b0a676d3e1fab56528430fac891a083652
Certificate serial: 019B53AAE18B45894510632E49205A5C5CB7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft
Manifest number: 1794
Signing time: Thu 25 Dec 2025 04:01:06 +0000
Manifest this update: Thu 25 Dec 2025 04:01:06 +0000
Manifest next update: Fri 26 Dec 2025 04:01:06 +0000
Files and hashes: 1: KrPbG6M_7Mm1PtcHhZI4wknQI1M.roa (hash: tjtqRRJLnNhIS/xM5FVWwtZTtirmBRvu7piQDYGy3mE=)
2: r7oQsKZ20-H6tWUoQw-siRoINlI.crl (hash: w4pYj4aBISScmclyUeSWyQ27xGrEIjSXWlWVnnT3Fy8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Dec 2025 01:21:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:53:aa:e1:8b:45:89:45:10:63:2e:49:20:5a:5c:5c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afba10b0a676d3e1fab56528430fac891a083652
Validity
Not Before: Dec 25 04:01:06 2025 GMT
Not After : Dec 26 04:01:06 2025 GMT
Subject: CN=97f44441c6f66f66ff6e431b8bf706d82aac973e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a1:17:8a:64:0f:d0:cf:18:a3:49:22:a6:53:
f7:26:2e:53:7a:fd:33:0c:65:29:ae:c6:93:2b:a6:
d2:de:25:52:0c:da:ff:aa:eb:a6:14:30:ea:3b:45:
b3:db:06:eb:24:d3:08:cf:1f:26:08:15:1a:86:0a:
d2:2c:2e:ea:93:fc:0c:19:0a:33:b4:4d:e1:0d:2a:
33:c3:26:bd:e5:30:91:12:d0:d8:1f:9e:d3:c7:de:
6d:86:03:01:3d:9f:d5:6f:43:8c:2e:4d:c0:ec:83:
73:64:33:8d:85:c0:42:0a:50:36:91:e6:b2:16:40:
5a:aa:2e:9b:5f:45:38:50:30:03:1d:42:33:49:63:
f3:1b:37:ae:d2:3d:57:77:e2:29:96:b8:68:9e:c3:
83:cb:40:26:e2:e4:40:50:21:4a:d5:72:84:a7:4e:
21:9e:58:f8:70:4d:02:5d:be:8a:8b:3c:7f:3f:ea:
e2:13:45:31:d5:ed:b5:45:ef:b9:8f:c5:7b:79:87:
95:62:a9:3a:f4:dc:95:0e:0c:91:89:37:b4:d6:78:
7d:2e:be:13:fb:74:ab:64:56:1a:e7:d6:5b:b3:50:
5d:b7:74:5f:db:5f:f9:2d:bd:e6:2c:84:2c:5d:41:
a8:08:5d:e9:5e:a1:10:01:63:f7:aa:e4:97:9f:7e:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F4:44:41:C6:F6:6F:66:FF:6E:43:1B:8B:F7:06:D8:2A:AC:97:3E
X509v3 Authority Key Identifier:
keyid:AF:BA:10:B0:A6:76:D3:E1:FA:B5:65:28:43:0F:AC:89:1A:08:36:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7oQsKZ20-H6tWUoQw-siRoINlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1a9c9f-0c07-4776-ae65-e027dcb1d186/1/r7oQsKZ20-H6tWUoQw-siRoINlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:79:ef:a4:3d:e4:2f:d1:db:f3:f2:eb:8a:04:f6:2c:ee:10:
10:0b:6c:04:4d:3a:04:7e:83:ff:48:65:83:15:b2:89:95:43:
af:06:7c:5b:0f:a7:b7:60:72:dd:9e:e6:b4:db:9a:f6:55:ee:
44:74:54:fd:fd:1a:cb:9e:fe:5f:57:65:74:f4:be:a4:49:88:
66:a2:ac:41:65:ec:a5:5e:6a:92:49:9b:5a:8d:4b:75:09:13:
02:cc:82:3a:fa:e8:12:1c:56:94:1d:95:67:b9:8b:b6:a3:bf:
26:24:9a:b2:da:ba:64:5b:da:5a:af:2c:63:f6:13:5f:e7:83:
b7:ad:de:71:60:ad:96:a5:34:90:82:87:50:b9:fe:f2:6d:e0:
9a:7e:70:26:54:42:80:f6:24:a2:b2:3f:69:ad:95:54:63:c3:
98:8a:ea:81:24:8e:1f:46:ed:e8:c0:f7:41:63:f5:ec:ce:4b:
4e:a6:70:2c:a2:ea:73:0c:f1:ab:1d:b6:97:93:2d:5f:fb:5b:
1a:80:a2:14:de:6a:95:76:7d:8a:cf:a5:28:9f:97:44:a7:3e:
03:09:6b:bd:19:5d:dc:5b:43:fa:7b:ce:80:cd:88:9e:f9:2e:
85:97:ca:60:63:07:48:af:ed:b6:72:bd:76:67:8b:3a:da:d8:
1a:be:3d:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtTquGLRYlFEGMuSSBaXFy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYmExMGIwYTY3NmQzZTFmYWI1NjUyODQzMGZhYzg5MWEw
ODM2NTIwHhcNMjUxMjI1MDQwMTA2WhcNMjUxMjI2MDQwMTA2WjAzMTEwLwYDVQQD
Eyg5N2Y0NDQ0MWM2ZjY2ZjY2ZmY2ZTQzMWI4YmY3MDZkODJhYWM5NzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqEXimQP0M8Yo0kiplP3Ji5Tev0z
DGUprsaTK6bS3iVSDNr/quumFDDqO0Wz2wbrJNMIzx8mCBUahgrSLC7qk/wMGQoz
tE3hDSozwya95TCREtDYH57Tx95thgMBPZ/Vb0OMLk3A7INzZDONhcBCClA2keay
FkBaqi6bX0U4UDADHUIzSWPzGzeu0j1Xd+IplrhonsODy0Am4uRAUCFK1XKEp04h
nlj4cE0CXb6Kizx/P+riE0Ux1e21Re+5j8V7eYeVYqk69NyVDgyRiTe01nh9Lr4T
+3SrZFYa59Zbs1Bdt3Rf21/5Lb3mLIQsXUGoCF3pXqEQAWP3quSXn37C2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJf0REHG9m9m/25DG4v3BtgqrJc+MB8GA1UdIwQY
MBaAFK+6ELCmdtPh+rVlKEMPrIkaCDZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xYTljOWYtMGMwNy00Nzc2LWFlNjUt
ZTAyN2RjYjFkMTg2LzEvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xYTljOWYtMGMwNy00Nzc2LWFlNjUtZTAyN2RjYjFkMTg2
LzEvcjdvUXNLWjIwLUg2dFdVb1F3LXNpUm9JTmxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ3nvpD3k
L9Hb8/LrigT2LO4QEAtsBE06BH6D/0hlgxWyiZVDrwZ8Ww+nt2By3Z7mtNua9lXu
RHRU/f0ay57+X1dldPS+pEmIZqKsQWXspV5qkkmbWo1LdQkTAsyCOvroEhxWlB2V
Z7mLtqO/JiSastq6ZFvaWq8sY/YTX+eDt63ecWCtlqU0kIKHULn+8m3gmn5wJlRC
gPYkorI/aa2VVGPDmIrqgSSOH0bt6MD3QWP17M5LTqZwLKLqcwzxqx22l5MtX/tb
GoCiFN5qlXZ9is+lKJ+XRKc+AwlrvRld3FtD+nvOgM2InvkuhZfKYGMHSK/ttnK9
dmeLOtrYGr49yw==
-----END CERTIFICATE-----
Generated at Thu Dec 25 05:31:50 2025 by rpki-client