This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft File: spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json) Hash identifier: ewzPWZYZIWI5efjjzgkRDHNFaq2LOB0n+A90uKznm98= Subject key identifier: E3:A2:79:7C:7B:0A:1B:56:5B:95:9C:54:33:BA:F1:1D:62:54:3A:AA Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD Certificate issuer: /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead Certificate serial: 019B1F87E0CAFA3DAC21E18453F0BC4F4F41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft Manifest number: 0E11 Signing time: Mon 15 Dec 2025 01:02:37 +0000 Manifest this update: Mon 15 Dec 2025 01:02:37 +0000 Manifest next update: Tue 16 Dec 2025 01:02:37 +0000 Files and hashes: 1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: oqnExX7SeUSDoSs7tdXIn26ZJn/RZhmoQxHygHWt2OI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:87:e0:ca:fa:3d:ac:21:e1:84:53:f0:bc:4f:4f:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead Validity Not Before: Dec 15 01:02:37 2025 GMT Not After : Dec 16 01:02:37 2025 GMT Subject: CN=e3a2797c7b0a1b565b959c5433baf11d62543aaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:30:db:c0:85:2a:e7:62:56:10:b2:3e:13:ba: 8c:e8:3b:45:33:41:e7:df:dc:26:47:1c:1b:03:79: 40:32:65:7f:b5:16:c7:5d:b7:36:c2:78:b1:c0:96: c9:3f:e3:20:e6:f1:2f:45:18:2c:36:3c:d2:b0:1b: a5:6f:4b:ad:a2:d3:67:6f:5d:18:bc:aa:1e:3b:5b: 81:31:27:f2:a8:66:93:e2:21:d5:db:fa:56:0a:ce: f3:ec:00:22:38:ac:ba:3c:8f:08:b3:1d:d9:48:3e: ce:16:30:b0:a4:50:9a:98:3d:c9:1b:69:f7:52:38: 6d:d3:8b:1a:fe:58:90:6c:b6:c7:5c:8f:a9:1e:c3: 22:7a:0f:e8:63:56:5f:c8:fa:d1:e9:54:97:79:1c: 13:e4:ac:92:52:e3:29:20:7c:dd:f6:18:b9:06:98: cf:04:6f:7e:a2:bf:cb:82:d1:c1:5d:ac:50:69:ad: 3a:56:5b:8f:5f:da:3d:43:74:55:b6:8a:70:18:11: 46:2d:6e:56:76:5c:3b:47:31:08:91:82:2e:d7:37: cd:fb:8e:71:bc:0c:dd:3e:5e:2a:91:d7:ef:20:85: f0:53:fc:91:19:c9:94:af:e4:0e:d7:7c:ab:87:35: 37:be:4e:ed:9b:60:85:96:1d:a2:54:ba:35:d7:60: 25:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:A2:79:7C:7B:0A:1B:56:5B:95:9C:54:33:BA:F1:1D:62:54:3A:AA X509v3 Authority Key Identifier: keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:47:f8:52:0f:35:69:69:2f:41:df:f9:02:ac:be:48:f2:0d: ec:78:ad:58:ce:2c:96:a9:99:13:a1:6e:b8:35:67:8d:88:80: 1d:83:78:38:09:53:fd:b7:17:ce:10:84:13:37:42:12:bd:74: 7f:a0:dc:4d:37:f7:dd:3b:f0:b5:fc:38:9f:1d:7d:f9:bc:94: 33:ee:0d:e3:81:b9:7e:b2:1e:c5:c8:1a:88:64:49:8d:e5:f3: 55:ce:4d:72:d8:9c:f1:34:ce:b3:3a:c1:c8:56:0b:f6:d2:13: e4:ce:a4:9e:4d:62:98:37:e2:cc:0e:84:c5:0a:07:9b:26:c7: 0f:c2:bf:6d:0b:ae:fe:91:98:86:d6:31:c9:df:de:2d:f2:75: 0a:b4:7e:2c:d8:71:81:60:bb:44:9f:67:aa:15:d9:6c:6c:0a: e7:b1:8c:3b:04:7b:a4:34:54:42:cd:4e:f7:2f:ac:eb:4c:b7: 36:f3:39:16:6e:69:2a:45:7c:43:d9:c8:be:7f:07:74:90:f2: 7c:3b:7d:fc:93:88:23:a1:13:0c:63:2e:d8:93:68:c3:d9:bd: e7:b0:83:81:c9:ed:48:3d:34:6c:0c:da:5b:38:80:4f:35:31: f2:91:a7:b0:f3:78:5d:4b:d3:11:db:e7:75:f9:45:a2:93:1b: 96:3c:88:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsfh+DK+j2sIeGEU/C8T09BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm N2RlYWQwHhcNMjUxMjE1MDEwMjM3WhcNMjUxMjE2MDEwMjM3WjAzMTEwLwYDVQQD EyhlM2EyNzk3YzdiMGExYjU2NWI5NTljNTQzM2JhZjExZDYyNTQzYWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TDbwIUq52JWELI+E7qM6DtFM0Hn 39wmRxwbA3lAMmV/tRbHXbc2wnixwJbJP+Mg5vEvRRgsNjzSsBulb0utotNnb10Y vKoeO1uBMSfyqGaT4iHV2/pWCs7z7AAiOKy6PI8Isx3ZSD7OFjCwpFCamD3JG2n3 Ujht04sa/liQbLbHXI+pHsMieg/oY1ZfyPrR6VSXeRwT5KySUuMpIHzd9hi5BpjP BG9+or/LgtHBXaxQaa06VluPX9o9Q3RVtopwGBFGLW5Wdlw7RzEIkYIu1zfN+45x vAzdPl4qkdfvIIXwU/yRGcmUr+QO13yrhzU3vk7tm2CFlh2iVLo112AluwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOOieXx7ChtWW5WcVDO68R1iVDqqMB8GA1UdIwQY MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEf4Ug81 aWkvQd/5Aqy+SPIN7HitWM4slqmZE6FuuDVnjYiAHYN4OAlT/bcXzhCEEzdCEr10 f6DcTTf33Tvwtfw4nx19+byUM+4N44G5frIexcgaiGRJjeXzVc5Nctic8TTOszrB yFYL9tIT5M6knk1imDfizA6ExQoHmybHD8K/bQuu/pGYhtYxyd/eLfJ1CrR+LNhx gWC7RJ9nqhXZbGwK57GMOwR7pDRUQs1O9y+s60y3NvM5Fm5pKkV8Q9nIvn8HdJDy fDt9/JOII6ETDGMu2JNow9m957CDgcntSD00bAzaWziATzUx8pGnsPN4XUvTEdvn dflFopMbljyIlg== -----END CERTIFICATE-----Generated at Mon Dec 15 04:59:34 2025 by rpki-client