This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft File: rXz7zh1tOmok8lZSBl0xV1go7bU.mft (raw, json) Hash identifier: v6NOVYiXT8AVu974h8qQl6X5reNTrFEL9VIBWfrqbMs= Subject key identifier: 98:4A:7F:DC:F4:7F:72:91:DC:70:F8:BC:F8:DD:68:B4:68:7B:0B:AD Authority key identifier: AD:7C:FB:CE:1D:6D:3A:6A:24:F2:56:52:06:5D:31:57:58:28:ED:B5 Certificate issuer: /CN=ad7cfbce1d6d3a6a24f25652065d31575828edb5 Certificate serial: 019B4FCDFCD0085B68334C744CBECBD69CFE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rXz7zh1tOmok8lZSBl0xV1go7bU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft Manifest number: 0EA3 Signing time: Wed 24 Dec 2025 10:00:58 +0000 Manifest this update: Wed 24 Dec 2025 10:00:58 +0000 Manifest next update: Thu 25 Dec 2025 10:00:58 +0000 Files and hashes: 1: Im3NuoFQdX7egdBojqG76hMiXq0.roa (hash: MBZCzXbY6/6xAtTJ9sYOEhNyw2Jnz8TgfEJHylhcfdM=) 2: rXz7zh1tOmok8lZSBl0xV1go7bU.crl (hash: M1/ROihrLFi2/AGjDJ6H96nFx/6/7hhCmQGqi1zm/h0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft rsync://rpki.ripe.net/repository/DEFAULT/rXz7zh1tOmok8lZSBl0xV1go7bU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:cd:fc:d0:08:5b:68:33:4c:74:4c:be:cb:d6:9c:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad7cfbce1d6d3a6a24f25652065d31575828edb5 Validity Not Before: Dec 24 10:00:58 2025 GMT Not After : Dec 25 10:00:58 2025 GMT Subject: CN=984a7fdcf47f7291dc70f8bcf8dd68b4687b0bad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6b:45:92:44:b2:35:b3:ef:30:09:ac:c7:34: 31:ce:b4:9a:a6:2b:e9:59:6a:4c:58:b0:04:bd:a3: d6:d5:08:d0:de:1f:20:3b:f3:48:99:b4:c2:81:4d: 2d:7e:ff:7f:9b:01:71:47:2c:fb:46:ee:78:2b:90: 9a:21:e0:08:96:f1:44:ce:3f:a4:2a:db:27:87:f9: bf:a0:48:b4:5f:2e:c4:b9:ed:89:b2:74:b7:b9:0f: c5:52:b8:f9:28:03:3c:49:30:d3:cc:26:1c:83:71: b7:fc:79:cb:46:0e:fb:58:87:86:1b:05:d2:5e:eb: 83:97:b0:69:73:ec:e8:07:b5:30:26:31:fe:0e:f3: 0a:85:38:c2:90:34:43:c5:cd:b2:46:99:4a:a9:0e: 95:ce:f9:7f:8e:4a:b4:90:0f:c3:51:5c:4f:2f:fc: 86:5e:8c:f5:15:ee:43:aa:c7:ec:54:ab:0f:64:01: a2:26:48:7d:cf:b3:06:56:98:e6:5f:a9:c2:10:8e: a7:d9:04:9b:21:47:51:af:e6:54:aa:e8:64:96:8c: 72:cf:35:67:7b:e7:d0:68:2c:cc:ae:12:0a:6d:2a: 72:63:33:c4:f6:63:40:a8:1a:1c:ac:1f:12:52:f9: d2:c4:b6:1a:d3:97:40:9d:0e:6a:e8:30:c0:4c:7e: 20:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:4A:7F:DC:F4:7F:72:91:DC:70:F8:BC:F8:DD:68:B4:68:7B:0B:AD X509v3 Authority Key Identifier: keyid:AD:7C:FB:CE:1D:6D:3A:6A:24:F2:56:52:06:5D:31:57:58:28:ED:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rXz7zh1tOmok8lZSBl0xV1go7bU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/114340-2c70-41fc-abe7-2fa7c9b111b1/1/rXz7zh1tOmok8lZSBl0xV1go7bU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:13:5e:28:da:21:ea:9b:be:96:49:e1:e7:3f:8d:72:c2:a7: 2a:bd:fc:53:38:7a:37:3d:0d:fe:f8:39:25:67:a2:c2:03:b5: fb:fa:bd:cd:77:0c:b4:e3:c7:18:f5:73:7e:74:12:c1:90:06: d5:fc:d1:37:a5:29:f0:32:d5:10:c7:d1:66:89:46:95:eb:e1: 69:a5:a0:82:cb:83:ce:c8:4f:e6:87:32:6a:fd:97:a3:8b:49: 2f:c1:5e:66:5e:24:56:aa:e1:24:e6:e8:95:16:89:1d:68:71: 38:86:9d:8c:94:63:f5:32:da:db:6a:8f:3e:1a:6c:53:5c:b4: 79:1e:39:63:5d:0e:fd:08:1b:ac:45:e9:21:dd:be:b6:e9:24: fa:3a:fc:d6:54:f9:a8:2a:e7:e4:11:d6:f3:16:c8:e8:27:4b: 81:3b:fc:df:0f:f2:3e:5f:bb:09:55:40:82:5e:11:6b:57:2a: dd:00:2f:83:2f:eb:2c:7d:bb:a1:81:a3:52:9e:41:ca:5e:79: 31:41:8a:47:c4:1b:88:28:d1:24:00:61:99:bb:fa:5e:45:eb: 9f:93:18:b0:39:98:6e:16:0a:51:ee:39:90:f9:14:c3:80:3a: 46:0e:b4:49:58:83:0f:e4:84:f1:ac:a6:3f:87:79:de:2c:b8: 5c:d2:fb:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzfzQCFtoM0x0TL7L1pz+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkN2NmYmNlMWQ2ZDNhNmEyNGYyNTY1MjA2NWQzMTU3NTgy OGVkYjUwHhcNMjUxMjI0MTAwMDU4WhcNMjUxMjI1MTAwMDU4WjAzMTEwLwYDVQQD Eyg5ODRhN2ZkY2Y0N2Y3MjkxZGM3MGY4YmNmOGRkNjhiNDY4N2IwYmFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWtFkkSyNbPvMAmsxzQxzrSapivp WWpMWLAEvaPW1QjQ3h8gO/NImbTCgU0tfv9/mwFxRyz7Ru54K5CaIeAIlvFEzj+k Ktsnh/m/oEi0Xy7Eue2JsnS3uQ/FUrj5KAM8STDTzCYcg3G3/HnLRg77WIeGGwXS XuuDl7Bpc+zoB7UwJjH+DvMKhTjCkDRDxc2yRplKqQ6Vzvl/jkq0kA/DUVxPL/yG Xoz1Fe5DqsfsVKsPZAGiJkh9z7MGVpjmX6nCEI6n2QSbIUdRr+ZUquhkloxyzzVn e+fQaCzMrhIKbSpyYzPE9mNAqBocrB8SUvnSxLYa05dAnQ5q6DDATH4guwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJhKf9z0f3KR3HD4vPjdaLRoewutMB8GA1UdIwQY MBaAFK18+84dbTpqJPJWUgZdMVdYKO21MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclh6N3poMXRPbW9rOGxaU0JsMHhWMWdvN2JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xMTQzNDAtMmM3MC00MWZjLWFiZTct MmZhN2M5YjExMWIxLzEvclh6N3poMXRPbW9rOGxaU0JsMHhWMWdvN2JVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8xMTQzNDAtMmM3MC00MWZjLWFiZTctMmZhN2M5YjExMWIx LzEvclh6N3poMXRPbW9rOGxaU0JsMHhWMWdvN2JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABRNeKNoh 6pu+lknh5z+NcsKnKr38Uzh6Nz0N/vg5JWeiwgO1+/q9zXcMtOPHGPVzfnQSwZAG 1fzRN6Up8DLVEMfRZolGlevhaaWggsuDzshP5ocyav2Xo4tJL8FeZl4kVqrhJObo lRaJHWhxOIadjJRj9TLa22qPPhpsU1y0eR45Y10O/QgbrEXpId2+tukk+jr81lT5 qCrn5BHW8xbI6CdLgTv83w/yPl+7CVVAgl4Ra1cq3QAvgy/rLH27oYGjUp5Byl55 MUGKR8QbiCjRJABhmbv6XkXrn5MYsDmYbhYKUe45kPkUw4A6Rg60SViDD+SE8aym P4d53iy4XNL7uQ== -----END CERTIFICATE-----Generated at Wed Dec 24 14:46:43 2025 by rpki-client