This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft File: rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft (raw, json) Hash identifier: hJaqIFhrNrGWEA3vf/UwLzEJJcLxGwDmxRc4N/caNEs= Subject key identifier: E2:BB:98:97:85:45:7D:BF:B8:2C:E4:36:68:A9:9B:50:ED:1E:C1:00 Authority key identifier: AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C Certificate issuer: /CN=acebf396c9adf94f84dc901656e255ce6d50660c Certificate serial: 019B4023E87465C7A9E2A2A45275F4AD94F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft Manifest number: 0400 Signing time: Sun 21 Dec 2025 09:00:53 +0000 Manifest this update: Sun 21 Dec 2025 09:00:53 +0000 Manifest next update: Mon 22 Dec 2025 09:00:53 +0000 Files and hashes: 1: C4fkDspID27_2W7uJ0bDWTiMbsI.roa (hash: IPmvbCiP1dYquC+xxAe/aHEwDNf0L9S57sM644oyMl8=) 2: rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl (hash: bzhSmsT8kpjZOeqjdnmbEneyvRftHK7/HUdn0iqZuDU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:23:e8:74:65:c7:a9:e2:a2:a4:52:75:f4:ad:94:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=acebf396c9adf94f84dc901656e255ce6d50660c Validity Not Before: Dec 21 09:00:53 2025 GMT Not After : Dec 22 09:00:53 2025 GMT Subject: CN=e2bb989785457dbfb82ce43668a99b50ed1ec100 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:8b:a4:6f:e0:79:13:61:66:c1:48:b2:b7:b7: 80:72:b3:7d:e4:b7:46:34:79:77:0e:95:a0:67:2c: 44:8d:8a:7d:d5:a0:29:88:61:2b:de:c2:20:2c:c8: 72:9c:0e:f2:86:95:e1:e1:81:38:39:74:8b:b2:60: f1:77:73:61:ca:5a:33:d7:17:84:14:42:5b:e7:8a: 4a:00:49:92:48:85:70:35:12:cf:a8:46:d8:69:a1: fb:67:74:7c:c5:9c:c8:5f:4b:37:4e:9f:ca:14:bd: 8a:18:51:b7:33:5b:a4:b2:6a:88:aa:e5:71:c5:0b: be:06:8d:af:70:b9:ba:ff:c8:db:1e:b5:c8:35:b0: 51:c3:b9:74:ba:56:56:27:28:56:3d:7d:28:a9:91: ab:04:71:e8:37:c4:9d:57:00:c4:18:c9:68:00:ad: 47:e1:8b:04:7a:53:de:72:62:a4:5f:b7:4d:9d:7e: aa:a7:8b:fd:96:16:c8:ad:ab:d9:d9:6c:17:21:33: 51:b6:7a:0f:2a:76:1a:0c:72:81:44:08:7e:ee:16: cb:31:bc:d1:c1:6c:da:c3:e1:57:e6:b3:1c:eb:38: 53:29:36:88:18:6e:3b:20:09:7a:87:cd:bc:59:77: 5c:23:3b:07:5c:59:f9:31:ac:96:cb:47:a2:f9:71: eb:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:BB:98:97:85:45:7D:BF:B8:2C:E4:36:68:A9:9B:50:ED:1E:C1:00 X509v3 Authority Key Identifier: keyid:AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:0a:bc:6f:98:0a:2b:f9:c1:2f:7c:a9:d7:92:42:fb:0a:f1: 51:32:b6:78:23:ce:fb:9b:a6:90:0c:8b:db:f7:e5:5a:fb:c8: b4:fc:3e:f0:a0:e5:a7:41:53:c3:cf:7d:25:c3:3a:6e:da:28: 75:a6:77:53:bb:7f:a9:7e:2b:fe:55:c1:1e:9b:36:6b:56:d8: bc:84:b0:c6:f2:7c:c5:01:65:33:40:12:63:ac:97:1f:10:59: 48:77:1f:ae:92:3d:4f:cc:2c:4f:a4:d2:1d:de:bb:ac:cb:c7: 7b:bf:c4:0c:29:f6:7d:4b:23:0e:1d:f9:d6:d2:12:f5:df:35: 99:fe:42:ac:f9:48:1d:ce:17:25:3a:d9:26:67:30:33:91:bf: 86:91:80:8b:6c:16:6c:87:df:4f:7d:8b:13:74:8c:de:03:5a: 25:8a:54:b1:1f:3b:20:a4:be:d5:4a:8c:b7:24:8a:a7:24:76: 60:a4:d0:fa:9d:fe:4d:60:2e:bf:43:a9:e6:92:3b:46:8a:5d: 1e:bb:8b:56:77:19:41:9c:48:47:22:7a:4d:0d:48:1e:31:6d: 52:84:90:2a:de:d1:77:3c:50:53:6e:d7:06:da:ab:8e:53:14: 53:96:e6:c3:6e:fd:92:d1:b3:e4:d1:66:c8:e5:ea:63:1d:50: c8:2d:9d:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAI+h0Zcep4qKkUnX0rZTzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjZWJmMzk2YzlhZGY5NGY4NGRjOTAxNjU2ZTI1NWNlNmQ1 MDY2MGMwHhcNMjUxMjIxMDkwMDUzWhcNMjUxMjIyMDkwMDUzWjAzMTEwLwYDVQQD EyhlMmJiOTg5Nzg1NDU3ZGJmYjgyY2U0MzY2OGE5OWI1MGVkMWVjMTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4ukb+B5E2FmwUiyt7eAcrN95LdG NHl3DpWgZyxEjYp91aApiGEr3sIgLMhynA7yhpXh4YE4OXSLsmDxd3Nhyloz1xeE FEJb54pKAEmSSIVwNRLPqEbYaaH7Z3R8xZzIX0s3Tp/KFL2KGFG3M1uksmqIquVx xQu+Bo2vcLm6/8jbHrXINbBRw7l0ulZWJyhWPX0oqZGrBHHoN8SdVwDEGMloAK1H 4YsEelPecmKkX7dNnX6qp4v9lhbIravZ2WwXITNRtnoPKnYaDHKBRAh+7hbLMbzR wWzaw+FX5rMc6zhTKTaIGG47IAl6h828WXdcIzsHXFn5MayWy0ei+XHrowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOK7mJeFRX2/uCzkNmipm1DtHsEAMB8GA1UdIwQY MBaAFKzr85bJrflPhNyQFlbiVc5tUGYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQt NDg0N2QzOTNhYjU1LzEvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQtNDg0N2QzOTNhYjU1 LzEvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQq8b5gK K/nBL3yp15JC+wrxUTK2eCPO+5umkAyL2/flWvvItPw+8KDlp0FTw899JcM6btoo daZ3U7t/qX4r/lXBHps2a1bYvISwxvJ8xQFlM0ASY6yXHxBZSHcfrpI9T8wsT6TS Hd67rMvHe7/EDCn2fUsjDh351tIS9d81mf5CrPlIHc4XJTrZJmcwM5G/hpGAi2wW bIffT32LE3SM3gNaJYpUsR87IKS+1UqMtySKpyR2YKTQ+p3+TWAuv0Op5pI7Ropd HruLVncZQZxIRyJ6TQ1IHjFtUoSQKt7RdzxQU27XBtqrjlMUU5bmw279ktGz5NFm yOXqYx1QyC2d8Q== -----END CERTIFICATE-----Generated at Sun Dec 21 13:03:49 2025 by rpki-client