This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft File: sdLmgf8j3d89UXhY4cZKHa0phyk.mft (raw, json) Hash identifier: qz77YmDLULXHEnbJAs9yxLddvOaPYGKfFvA/0pX6WO4= Subject key identifier: 2A:11:00:6C:06:70:21:B4:D6:A7:A9:14:1E:17:AF:32:65:5D:C7:22 Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29 Certificate issuer: /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729 Certificate serial: 019B19BBED338D7D55D7763AF2927942E2C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft Manifest number: 15C3 Signing time: Sat 13 Dec 2025 22:01:44 +0000 Manifest this update: Sat 13 Dec 2025 22:01:44 +0000 Manifest next update: Sun 14 Dec 2025 22:01:44 +0000 Files and hashes: 1: hDoqXFR8UibPRuqFY2xn-m_-15I.roa (hash: qknu8HOpVZZ1hKraF3WMV/fgLgKt1U80KJN/d09ixdI=) 2: sdLmgf8j3d89UXhY4cZKHa0phyk.crl (hash: Ftz+4t8VvAtuiel2jPuhX6+nZV/r7PUML9ET7a9PSw8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 22:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bb:ed:33:8d:7d:55:d7:76:3a:f2:92:79:42:e2:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729 Validity Not Before: Dec 13 22:01:44 2025 GMT Not After : Dec 14 22:01:44 2025 GMT Subject: CN=2a11006c067021b4d6a7a9141e17af32655dc722 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d9:71:1a:ae:b2:e6:ef:27:70:02:69:84:b3: 8c:19:b7:aa:ef:26:c6:e3:86:7b:95:69:86:19:f1: 94:ec:ee:05:cd:13:4e:c5:3c:92:4a:3f:83:e2:a0: d0:2a:69:c6:1b:f6:96:ab:11:61:17:48:ed:33:8d: c9:7f:68:ce:6c:4c:a8:ae:3d:c5:79:6b:b2:e4:dc: 8e:5b:f8:f1:4c:d0:e0:92:eb:ff:7d:d9:33:70:c3: 4d:07:b6:c9:5b:38:f3:3b:6c:1c:be:01:97:6f:19: a5:bf:83:23:d7:a2:17:d9:48:c7:5b:8c:3c:f9:53: 77:18:d7:2d:f0:90:6a:ab:12:e3:a7:ac:cb:eb:3d: cb:df:66:74:df:f4:30:f0:ae:63:cd:eb:27:50:4c: d3:04:3c:75:5d:0e:fa:4e:24:0d:88:53:3a:e7:57: 4b:ef:51:ee:18:d0:26:56:7b:b2:0f:0a:22:dd:31: 50:71:4e:1c:ef:90:c5:ca:4b:98:64:22:8b:b9:96: 4d:c5:98:af:12:c9:49:6c:c0:82:8e:c3:ea:a7:4d: 14:5d:0e:db:ca:b6:a1:31:17:c6:6c:35:24:b4:7a: 09:f3:bd:dc:e3:02:09:9e:cf:92:fa:d1:8c:61:54: e5:5d:eb:cf:91:bd:8e:65:c7:91:0f:61:6a:c4:00: ed:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:11:00:6C:06:70:21:B4:D6:A7:A9:14:1E:17:AF:32:65:5D:C7:22 X509v3 Authority Key Identifier: keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:af:1d:06:37:bd:ba:b3:c6:e4:60:86:c8:11:26:1c:b7:a2: 41:87:ec:0e:4d:84:70:47:76:33:34:9a:b3:aa:fe:63:50:da: 47:38:26:b6:78:cb:37:e7:6b:37:b8:a0:f1:36:83:b4:c8:7e: 33:6d:56:d2:27:48:08:c1:51:c4:9f:e2:2d:58:b6:55:5a:eb: e8:69:27:58:6d:27:de:7f:94:19:ea:df:b9:6d:74:8a:96:49: 47:d4:fd:bd:b3:13:5a:37:cd:f4:a6:61:22:1d:c2:f0:43:eb: 1e:13:2d:75:13:4d:0c:3f:a9:4f:a6:bf:25:46:1d:46:a5:84: 94:e4:c3:d6:2c:50:69:fd:01:1f:ff:b7:59:3b:4b:81:01:fa: 2d:5c:e9:c4:39:cb:00:d5:69:f4:2a:a7:ad:1b:92:b1:6e:3e: b0:9e:0a:21:ac:48:c0:8b:32:be:ed:c6:06:9c:50:21:5d:c9: 02:59:63:5c:07:7d:61:95:16:f5:65:87:ab:c6:f0:a5:e6:50: 00:ef:17:09:04:00:e8:ba:01:54:ac:19:44:5e:4d:bf:aa:1d: 80:70:44:6f:95:e2:6a:ec:da:91:20:3d:39:6e:e5:cd:d1:9a: 31:54:5f:6b:98:47:c0:a1:c1:26:c2:04:d2:4b:6c:c2:29:b9: 08:41:10:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZu+0zjX1V13Y68pJ5QuLGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy OTg3MjkwHhcNMjUxMjEzMjIwMTQ0WhcNMjUxMjE0MjIwMTQ0WjAzMTEwLwYDVQQD EygyYTExMDA2YzA2NzAyMWI0ZDZhN2E5MTQxZTE3YWYzMjY1NWRjNzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNlxGq6y5u8ncAJphLOMGbeq7ybG 44Z7lWmGGfGU7O4FzRNOxTySSj+D4qDQKmnGG/aWqxFhF0jtM43Jf2jObEyorj3F eWuy5NyOW/jxTNDgkuv/fdkzcMNNB7bJWzjzO2wcvgGXbxmlv4Mj16IX2UjHW4w8 +VN3GNct8JBqqxLjp6zL6z3L32Z03/Qw8K5jzesnUEzTBDx1XQ76TiQNiFM651dL 71HuGNAmVnuyDwoi3TFQcU4c75DFykuYZCKLuZZNxZivEslJbMCCjsPqp00UXQ7b yrahMRfGbDUktHoJ873c4wIJns+S+tGMYVTlXevPkb2OZceRD2FqxADt0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCoRAGwGcCG01qepFB4XrzJlXcciMB8GA1UdIwQY MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct NWE4MzYwZGVhM2EzLzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdK8dBje9 urPG5GCGyBEmHLeiQYfsDk2EcEd2MzSas6r+Y1DaRzgmtnjLN+drN7ig8TaDtMh+ M21W0idICMFRxJ/iLVi2VVrr6GknWG0n3n+UGerfuW10ipZJR9T9vbMTWjfN9KZh Ih3C8EPrHhMtdRNNDD+pT6a/JUYdRqWElOTD1ixQaf0BH/+3WTtLgQH6LVzpxDnL ANVp9CqnrRuSsW4+sJ4KIaxIwIsyvu3GBpxQIV3JAlljXAd9YZUW9WWHq8bwpeZQ AO8XCQQA6LoBVKwZRF5Nv6odgHBEb5XiauzakSA9OW7lzdGaMVRfa5hHwKHBJsIE 0ktswim5CEEQrQ== -----END CERTIFICATE-----Generated at Sun Dec 14 07:43:44 2025 by rpki-client