This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft File: S2T4wOGznYqO-OjItaD_7itTtYc.mft (raw, json) Hash identifier: YsOjfYZ6/kIE1YGi1r4XVLSG2ci9nIZYi5753xu8Lss= Subject key identifier: 92:6F:EF:60:20:A8:CE:66:F6:8C:2C:39:44:DD:92:01:1A:40:52:6F Authority key identifier: 4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87 Certificate issuer: /CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587 Certificate serial: 019B21751FFB5093E623644ECB901F23AC46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft Manifest number: 08A4 Signing time: Mon 15 Dec 2025 10:01:22 +0000 Manifest this update: Mon 15 Dec 2025 10:01:22 +0000 Manifest next update: Tue 16 Dec 2025 10:01:22 +0000 Files and hashes: 1: S2T4wOGznYqO-OjItaD_7itTtYc.crl (hash: 3IHOxSbqC5FZLtMYQzgtDd9ntngUzbYy/bEGzyqshDE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:1f:fb:50:93:e6:23:64:4e:cb:90:1f:23:ac:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587 Validity Not Before: Dec 15 10:01:22 2025 GMT Not After : Dec 16 10:01:22 2025 GMT Subject: CN=926fef6020a8ce66f68c2c3944dd92011a40526f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:2e:88:cb:80:77:46:de:e4:80:21:f5:c4:93: 94:37:44:f1:a5:a9:84:ba:6f:a1:1c:07:53:20:a8: 1c:b7:53:f9:82:69:5e:17:0b:96:96:f3:60:37:10: 9a:e2:6b:68:8d:65:ae:ba:c7:e0:ba:32:23:a1:a2: 16:24:c8:64:f2:dd:48:df:03:bb:11:c4:d1:5d:05: 0d:e9:6b:ed:f1:a2:9b:d0:1a:7c:e3:09:15:97:db: b3:61:04:0c:05:37:e8:68:1a:57:a9:ff:5e:40:5d: d0:e1:60:ce:3a:88:67:51:ce:ca:85:1e:81:fe:a1: 2c:45:ea:aa:19:05:66:87:4f:a9:1a:8f:e2:01:98: e0:a1:bd:0e:36:80:df:e6:60:6d:ee:14:27:d0:20: 7e:1f:e9:b1:9b:5f:7e:8d:c1:22:91:cf:81:b8:7c: 95:ae:2d:c0:44:dd:b4:08:23:4c:f3:74:fc:ad:77: 63:c4:9f:06:30:0f:6c:67:85:0b:de:cf:9c:1b:dc: 61:4e:e4:21:46:c7:18:75:dc:72:d2:70:f1:89:1f: 59:71:5e:37:93:9c:7d:4d:6c:d7:9d:39:11:ea:2a: 89:2d:7f:e2:f3:c5:e9:72:2d:7c:b6:d2:db:55:29: cd:d0:89:72:8a:5b:d5:aa:87:48:7e:44:4a:77:18: bc:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:6F:EF:60:20:A8:CE:66:F6:8C:2C:39:44:DD:92:01:1A:40:52:6F X509v3 Authority Key Identifier: keyid:4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:a6:8c:5a:a9:67:4f:67:de:e3:5f:9d:6e:c0:fa:04:26:80: 57:88:2a:e5:37:b9:de:ca:58:f9:60:d2:c0:8d:b7:92:cd:2e: 94:a5:cc:22:fe:15:bd:da:cf:aa:71:8a:70:e6:d3:04:75:99: 94:36:31:32:bb:51:65:0f:58:cf:f0:fd:36:3f:3f:9a:7f:cb: d1:5c:3f:a0:5f:7b:f9:c5:fb:68:c1:dc:07:e7:1a:fb:ab:2e: 87:6c:b2:b7:b4:7e:57:41:9a:be:59:c7:04:c1:be:c3:a4:e8: f5:cf:fe:7e:54:c3:e3:1b:cd:11:3e:23:9d:3e:01:68:93:37: 9b:91:15:39:eb:b2:71:af:52:65:85:b5:61:b9:3c:e7:1f:93: 93:52:70:19:50:51:04:21:06:cc:87:ea:70:b8:0a:d1:95:ec: 03:05:df:0c:1f:f6:f3:b9:c9:df:10:fe:d6:a0:8c:9c:98:80: a9:74:5d:20:7f:f9:4f:32:cd:78:4a:b8:b1:7e:a6:06:5c:4d: 90:d5:96:f1:5d:3f:a8:93:5f:c9:31:33:e1:f8:95:21:ac:cf: 49:fd:28:01:bd:a4:92:7c:ef:46:93:bf:6e:75:a9:9d:75:a0: c0:ec:c9:68:de:91:15:27:58:a8:aa:c2:49:3b:a2:31:98:1e: 7a:40:ff:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdR/7UJPmI2ROy5AfI6xGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNjRmOGMwZTFiMzlkOGE4ZWY4ZThjOGI1YTBmZmVlMmI1 M2I1ODcwHhcNMjUxMjE1MTAwMTIyWhcNMjUxMjE2MTAwMTIyWjAzMTEwLwYDVQQD Eyg5MjZmZWY2MDIwYThjZTY2ZjY4YzJjMzk0NGRkOTIwMTFhNDA1MjZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti6Iy4B3Rt7kgCH1xJOUN0TxpamE um+hHAdTIKgct1P5gmleFwuWlvNgNxCa4mtojWWuusfgujIjoaIWJMhk8t1I3wO7 EcTRXQUN6Wvt8aKb0Bp84wkVl9uzYQQMBTfoaBpXqf9eQF3Q4WDOOohnUc7KhR6B /qEsReqqGQVmh0+pGo/iAZjgob0ONoDf5mBt7hQn0CB+H+mxm19+jcEikc+BuHyV ri3ARN20CCNM83T8rXdjxJ8GMA9sZ4UL3s+cG9xhTuQhRscYddxy0nDxiR9ZcV43 k5x9TWzXnTkR6iqJLX/i88Xpci18ttLbVSnN0IlyilvVqodIfkRKdxi8hwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJJv72AgqM5m9owsOUTdkgEaQFJvMB8GA1UdIwQY MBaAFEtk+MDhs52KjvjoyLWg/+4rU7WHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUt OTVkNWUxNmNkZGVmLzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUtOTVkNWUxNmNkZGVm LzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfKaMWqln T2fe41+dbsD6BCaAV4gq5Te53spY+WDSwI23ks0ulKXMIv4VvdrPqnGKcObTBHWZ lDYxMrtRZQ9Yz/D9Nj8/mn/L0Vw/oF97+cX7aMHcB+ca+6suh2yyt7R+V0GavlnH BMG+w6To9c/+flTD4xvNET4jnT4BaJM3m5EVOeuyca9SZYW1Ybk85x+Tk1JwGVBR BCEGzIfqcLgK0ZXsAwXfDB/287nJ3xD+1qCMnJiAqXRdIH/5TzLNeEq4sX6mBlxN kNWW8V0/qJNfyTEz4fiVIazPSf0oAb2kknzvRpO/bnWpnXWgwOzJaN6RFSdYqKrC STuiMZgeekD/DA== -----END CERTIFICATE-----Generated at Mon Dec 15 13:13:18 2025 by rpki-client