This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft File: _stf432FEfZ6YFMW6wlTU4_P6ec.mft (raw, json) Hash identifier: RCGdZa9CMfXAFVdNuvPpSmE1ti99HyUBmBJ+eMwxdv8= Subject key identifier: 9E:D8:0B:06:F1:9F:D5:25:48:B6:D1:F2:AD:7B:75:CB:39:6E:F2:B3 Authority key identifier: FE:CB:5F:E3:7D:85:11:F6:7A:60:53:16:EB:09:53:53:8F:CF:E9:E7 Certificate issuer: /CN=fecb5fe37d8511f67a605316eb0953538fcfe9e7 Certificate serial: 019B3231C2AADE6F1C74F8E9EFE7AC1DBFC9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_stf432FEfZ6YFMW6wlTU4_P6ec.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft Manifest number: 115D Signing time: Thu 18 Dec 2025 16:01:20 +0000 Manifest this update: Thu 18 Dec 2025 16:01:20 +0000 Manifest next update: Fri 19 Dec 2025 16:01:20 +0000 Files and hashes: 1: _stf432FEfZ6YFMW6wlTU4_P6ec.crl (hash: 8JF+QKDrIxaj/J8aCx9JWp+cHNqzW7xn+7yhvwRA0sc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.crl rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft rsync://rpki.ripe.net/repository/DEFAULT/_stf432FEfZ6YFMW6wlTU4_P6ec.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 16:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:c2:aa:de:6f:1c:74:f8:e9:ef:e7:ac:1d:bf:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fecb5fe37d8511f67a605316eb0953538fcfe9e7 Validity Not Before: Dec 18 16:01:20 2025 GMT Not After : Dec 19 16:01:20 2025 GMT Subject: CN=9ed80b06f19fd52548b6d1f2ad7b75cb396ef2b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5d:ed:81:5f:ba:e2:d1:ce:71:3b:62:17:fd: 5e:77:82:3b:7f:97:9d:70:9f:7c:bf:e5:20:8a:9f: 05:d7:19:2f:88:ed:20:ce:53:dd:a1:4f:1b:b5:66: 1f:b8:67:91:0f:b2:93:93:6f:ee:26:f4:8c:29:e3: 7d:0c:38:2f:23:6d:c2:3c:a1:ff:55:74:2e:5b:01: 02:01:c3:31:3e:7c:11:43:c5:ec:fb:52:90:35:cd: 61:9c:e0:18:5e:9c:04:9f:ae:7a:7c:4b:66:b2:85: 9e:4c:df:e8:8c:b7:56:6c:68:cd:9b:4c:9a:fe:82: a4:f5:c9:76:8e:df:53:fb:b6:20:1d:33:55:1a:05: 16:f0:69:c3:ed:3e:e0:c3:b3:45:42:d1:e5:d5:38: ff:37:e2:f3:d6:5a:3c:b6:79:39:3b:b1:ec:99:ca: 25:c5:8b:72:82:43:5b:c9:83:30:18:9e:7e:c2:d6: 2b:8e:c7:e3:8f:94:b2:85:84:9c:4e:71:95:54:a2: 32:61:6b:80:f6:77:30:d3:4e:93:d9:33:a2:dc:60: b4:5b:12:16:38:d0:fa:51:7e:ae:71:93:44:fd:9b: d2:10:e0:48:2b:30:0e:bc:1d:4d:b7:a6:2d:4a:18: 18:02:ce:67:c7:29:47:e5:a9:aa:73:f9:c8:20:0d: 87:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:D8:0B:06:F1:9F:D5:25:48:B6:D1:F2:AD:7B:75:CB:39:6E:F2:B3 X509v3 Authority Key Identifier: keyid:FE:CB:5F:E3:7D:85:11:F6:7A:60:53:16:EB:09:53:53:8F:CF:E9:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_stf432FEfZ6YFMW6wlTU4_P6ec.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8273b5-279c-4323-82dc-c257607317f3/1/_stf432FEfZ6YFMW6wlTU4_P6ec.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:51:df:04:27:83:57:34:49:03:d6:0b:cf:f9:d8:fe:f0:52: e8:3b:6a:8a:d3:db:ff:71:0e:bd:a6:cb:77:99:87:22:47:ad: c1:0d:4b:31:e3:90:a9:49:be:16:e1:d6:c9:f5:ce:62:05:80: 8e:f5:0a:a1:7c:41:44:04:eb:f6:21:46:2f:78:ac:d7:b7:7b: 80:09:82:6c:5f:50:60:1e:ec:17:d2:bd:29:40:33:95:8b:55: 01:4d:c3:99:64:74:72:27:80:a2:b6:8b:41:c6:4a:4e:99:31: 68:06:4d:65:2c:55:4a:e8:9c:e3:58:2b:41:16:90:e0:0c:35: c8:de:28:fc:51:a6:fa:ff:79:c4:d0:81:d8:85:23:cb:05:e2: d8:df:87:2e:3c:b2:ab:84:52:0b:b2:33:fa:43:b7:b5:1e:25: a6:8f:cb:48:7e:fe:34:60:95:d9:70:24:f8:d2:d7:a5:2b:6d: 3a:36:79:ea:a5:54:46:c1:cf:08:a5:a5:f2:2f:a6:5c:30:14: 6b:7e:d6:05:dd:2b:b0:0a:8d:62:7f:93:7c:c4:e1:4d:e1:c0: ee:34:67:2e:9a:05:7b:de:29:18:6d:2f:29:9e:c5:30:74:a0: 33:85:29:12:63:7c:f7:66:6b:57:26:2a:ae:88:43:13:93:d0: cc:ee:d0:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMcKq3m8cdPjp7+esHb/JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlY2I1ZmUzN2Q4NTExZjY3YTYwNTMxNmViMDk1MzUzOGZj ZmU5ZTcwHhcNMjUxMjE4MTYwMTIwWhcNMjUxMjE5MTYwMTIwWjAzMTEwLwYDVQQD Eyg5ZWQ4MGIwNmYxOWZkNTI1NDhiNmQxZjJhZDdiNzVjYjM5NmVmMmIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw13tgV+64tHOcTtiF/1ed4I7f5ed cJ98v+Ugip8F1xkviO0gzlPdoU8btWYfuGeRD7KTk2/uJvSMKeN9DDgvI23CPKH/ VXQuWwECAcMxPnwRQ8Xs+1KQNc1hnOAYXpwEn656fEtmsoWeTN/ojLdWbGjNm0ya /oKk9cl2jt9T+7YgHTNVGgUW8GnD7T7gw7NFQtHl1Tj/N+Lz1lo8tnk5O7Hsmcol xYtygkNbyYMwGJ5+wtYrjsfjj5SyhYScTnGVVKIyYWuA9ncw006T2TOi3GC0WxIW OND6UX6ucZNE/ZvSEOBIKzAOvB1Nt6YtShgYAs5nxylH5amqc/nIIA2HYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ7YCwbxn9UlSLbR8q17dcs5bvKzMB8GA1UdIwQY MBaAFP7LX+N9hRH2emBTFusJU1OPz+nnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3N0ZjQzMkZFZlo2WUZNVzZ3bFRVNF9QNmVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84MjczYjUtMjc5Yy00MzIzLTgyZGMt YzI1NzYwNzMxN2YzLzEvX3N0ZjQzMkZFZlo2WUZNVzZ3bFRVNF9QNmVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC84MjczYjUtMjc5Yy00MzIzLTgyZGMtYzI1NzYwNzMxN2Yz LzEvX3N0ZjQzMkZFZlo2WUZNVzZ3bFRVNF9QNmVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEFHfBCeD VzRJA9YLz/nY/vBS6DtqitPb/3EOvabLd5mHIketwQ1LMeOQqUm+FuHWyfXOYgWA jvUKoXxBRATr9iFGL3is17d7gAmCbF9QYB7sF9K9KUAzlYtVAU3DmWR0cieAoraL QcZKTpkxaAZNZSxVSuic41grQRaQ4Aw1yN4o/FGm+v95xNCB2IUjywXi2N+HLjyy q4RSC7Iz+kO3tR4lpo/LSH7+NGCV2XAk+NLXpSttOjZ56qVURsHPCKWl8i+mXDAU a37WBd0rsAqNYn+TfMThTeHA7jRnLpoFe94pGG0vKZ7FMHSgM4UpEmN892ZrVyYq rohDE5PQzO7QRQ== -----END CERTIFICATE-----Generated at Fri Dec 19 00:11:29 2025 by rpki-client