This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json) Hash identifier: 5zKeAnjraL7QgdDtYOQf5n/N9dqYPknOOuF7gkIOHRw= Subject key identifier: 2C:F3:8C:12:D4:FF:63:37:63:A6:7C:D0:46:69:FD:C7:BE:ED:B7:77 Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd Certificate serial: 019B51BD7F6092D507504C55C45F3FA374C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft Manifest number: 1798 Signing time: Wed 24 Dec 2025 19:02:11 +0000 Manifest this update: Wed 24 Dec 2025 19:02:11 +0000 Manifest next update: Thu 25 Dec 2025 19:02:11 +0000 Files and hashes: 1: Q-bsBachBMtwcvzNA3WxdmDQJE4.roa (hash: Z4u+RuGIS4q5UGPThpBHI1wSGtrQyiFyAijCmbYDh84=) 2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: a2QBot8EyNnLDyefMZgqn6UvwExhaz5PjPafqK16lc0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bd:7f:60:92:d5:07:50:4c:55:c4:5f:3f:a3:74:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd Validity Not Before: Dec 24 19:02:11 2025 GMT Not After : Dec 25 19:02:11 2025 GMT Subject: CN=2cf38c12d4ff633763a67cd04669fdc7beedb777 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:a6:10:64:54:42:87:08:9d:c2:07:58:11:60: 05:6a:f9:2b:82:34:56:14:49:9e:88:ab:56:95:7b: be:d0:05:fd:f2:09:ab:21:9a:e8:d7:8e:8f:df:71: ba:2b:33:e2:4f:3a:0d:d3:1e:41:75:c9:90:2c:80: 91:1a:14:82:0e:1c:0e:29:64:22:5b:ea:12:5e:49: bb:18:dc:40:eb:d9:c5:d1:ba:3a:58:83:2f:0d:e5: 28:b0:40:2f:de:d9:f4:30:53:e4:fc:5e:ef:1c:9c: bc:5d:5b:87:12:35:e0:9d:fa:97:5d:71:0f:03:26: 1d:c0:40:e4:11:e9:d1:bb:7e:33:3d:d3:02:88:54: ae:b7:2a:d4:6e:77:17:b8:74:63:54:36:95:df:95: 46:78:68:85:64:af:e8:c0:06:0e:9e:74:1c:89:a5: fd:f3:bd:fb:dc:c7:10:77:ad:63:09:8b:8f:d6:d6: 27:c9:a8:08:0e:95:25:e2:8c:fd:c0:1d:b8:e5:ac: 1e:f9:52:f0:cc:bb:0d:c7:86:c9:4a:a1:f3:32:3d: e3:d5:87:f7:7a:49:57:cc:f8:6e:b1:28:a1:5d:19: bc:fc:5d:6a:62:87:d1:9a:62:a9:44:17:ae:86:25: b0:55:1d:ea:6a:76:61:a1:bc:fc:17:a6:55:6f:66: 74:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:F3:8C:12:D4:FF:63:37:63:A6:7C:D0:46:69:FD:C7:BE:ED:B7:77 X509v3 Authority Key Identifier: keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:90:1c:a6:10:09:12:61:f1:31:b3:87:2c:f9:42:d6:26:70: b8:16:08:92:85:1f:a7:60:31:ac:7a:e0:d4:7f:42:3b:a6:63: a8:0f:6d:82:ec:79:39:62:df:2f:1e:dd:25:a4:69:05:ce:73: 96:3b:e4:04:42:eb:63:b3:16:f9:c2:10:ae:a5:8e:0a:f2:4a: 1b:b8:86:fe:9c:d2:56:02:9a:ed:60:69:0f:38:04:87:6d:73: c9:00:e3:09:04:90:d0:e6:71:47:bf:31:ea:1e:b1:be:1f:2b: 1d:39:cc:14:3e:a8:18:75:1b:af:c7:39:43:8a:ae:ff:48:11: 02:fe:ca:fc:05:49:8f:0b:1c:6b:b6:0a:12:7e:5f:3f:8b:30: 35:8e:45:3f:00:2c:7f:9f:15:90:a3:d3:c7:c1:19:d5:03:6d: d9:1f:6e:3f:3b:01:bd:25:d0:2b:a7:84:33:68:f7:1d:76:e8: 35:2e:08:93:ae:ca:bc:84:2f:c3:31:27:22:09:b9:a9:97:2f: d0:f7:3e:ef:29:87:8b:18:cd:79:11:73:7b:c5:5f:6a:f1:1b: 48:7c:75:88:c2:c3:9c:c5:90:a3:51:db:d3:c9:05:59:0f:6a: d0:86:55:21:13:9e:db:a9:4c:0f:ad:8d:e4:43:2e:21:61:90: b0:ea:d3:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvX9gktUHUExVxF8/o3THMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw OGYyY2QwHhcNMjUxMjI0MTkwMjExWhcNMjUxMjI1MTkwMjExWjAzMTEwLwYDVQQD EygyY2YzOGMxMmQ0ZmY2MzM3NjNhNjdjZDA0NjY5ZmRjN2JlZWRiNzc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaYQZFRChwidwgdYEWAFavkrgjRW FEmeiKtWlXu+0AX98gmrIZro146P33G6KzPiTzoN0x5BdcmQLICRGhSCDhwOKWQi W+oSXkm7GNxA69nF0bo6WIMvDeUosEAv3tn0MFPk/F7vHJy8XVuHEjXgnfqXXXEP AyYdwEDkEenRu34zPdMCiFSutyrUbncXuHRjVDaV35VGeGiFZK/owAYOnnQciaX9 87373McQd61jCYuP1tYnyagIDpUl4oz9wB245awe+VLwzLsNx4bJSqHzMj3j1Yf3 eklXzPhusSihXRm8/F1qYofRmmKpRBeuhiWwVR3qanZhobz8F6ZVb2Z0lwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCzzjBLU/2M3Y6Z80EZp/ce+7bd3MB8GA1UdIwQY MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMpAcphAJ EmHxMbOHLPlC1iZwuBYIkoUfp2AxrHrg1H9CO6ZjqA9tgux5OWLfLx7dJaRpBc5z ljvkBELrY7MW+cIQrqWOCvJKG7iG/pzSVgKa7WBpDzgEh21zyQDjCQSQ0OZxR78x 6h6xvh8rHTnMFD6oGHUbr8c5Q4qu/0gRAv7K/AVJjwsca7YKEn5fP4swNY5FPwAs f58VkKPTx8EZ1QNt2R9uPzsBvSXQK6eEM2j3HXboNS4Ik67KvIQvwzEnIgm5qZcv 0Pc+7ymHixjNeRFze8VfavEbSHx1iMLDnMWQo1Hb08kFWQ9q0IZVIROe26lMD62N 5EMuIWGQsOrTYA== -----END CERTIFICATE-----Generated at Thu Dec 25 03:00:22 2025 by rpki-client