This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft File: sszaHFSHy5ONV-phzC1i0xBw21E.mft (raw, json) Hash identifier: DFDdUXKoYWY/i6FMzJ5LI25Q9BK5RoJcdBC1h3bvvaI= Subject key identifier: F6:30:3D:08:FE:E9:8C:6A:09:FC:32:3A:A4:8C:CC:68:3D:67:D8:19 Authority key identifier: B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51 Certificate issuer: /CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51 Certificate serial: 019B38A14F59781964669035461CDE559497 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft Manifest number: 0D8D Signing time: Fri 19 Dec 2025 22:00:54 +0000 Manifest this update: Fri 19 Dec 2025 22:00:54 +0000 Manifest next update: Sat 20 Dec 2025 22:00:54 +0000 Files and hashes: 1: 3_xmC1ho9_8ZqNCvSg_4Ci-eALc.roa (hash: F7LfywH9mxXY2KxRJjRgggVLiwyV5wwnZqXcnTIZ+/Y=) 2: sszaHFSHy5ONV-phzC1i0xBw21E.crl (hash: CwMZiM35ukg1A0JMFRyG7GxK4omaELz8GiNntSV7E/Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 22:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a1:4f:59:78:19:64:66:90:35:46:1c:de:55:94:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2ccda1c5487cb938d57ea61cc2d62d31070db51 Validity Not Before: Dec 19 22:00:54 2025 GMT Not After : Dec 20 22:00:54 2025 GMT Subject: CN=f6303d08fee98c6a09fc323aa48ccc683d67d819 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:86:13:40:02:80:c9:5f:5f:51:19:7f:26:7d: 1f:5c:c7:1a:b4:03:e6:1a:a6:c0:e7:91:13:d2:8f: e7:f3:c4:1a:80:c8:88:dd:ed:4b:57:aa:7c:7b:e6: a5:1c:57:e5:00:31:84:82:d8:1c:2e:37:26:ef:42: ab:de:00:02:d7:17:4a:1a:13:b8:06:77:7c:b8:2b: cc:7c:11:66:bd:05:9e:17:4d:36:63:b6:11:f3:47: 00:49:48:ba:ad:f9:99:69:2e:04:17:6b:58:72:22: cd:19:1d:73:6b:c6:d8:f2:8d:a9:73:73:44:94:b4: 47:fe:56:12:c1:e7:ee:41:cb:1c:52:7e:5a:bc:cb: 0f:d1:77:14:bb:5b:dc:8b:33:c2:69:7b:36:c6:d5: 90:0d:d1:50:bd:fa:7e:30:d2:6c:a6:d5:4b:10:82: d2:d5:30:f6:cd:f3:a0:53:e4:88:66:96:51:94:e5: 1d:12:42:1c:0b:e7:64:79:2a:0c:12:e2:7a:70:9b: 29:84:22:79:00:27:98:1b:94:de:5f:ec:cb:39:c6: 8f:ac:dc:75:34:55:59:67:e4:68:9a:1c:da:4f:93: e2:b9:1c:64:3f:ba:73:59:ad:66:f4:e4:4d:10:ba: 9f:96:e1:05:55:e4:ff:87:8e:a1:9c:e6:8b:69:83: 8e:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:30:3D:08:FE:E9:8C:6A:09:FC:32:3A:A4:8C:CC:68:3D:67:D8:19 X509v3 Authority Key Identifier: keyid:B2:CC:DA:1C:54:87:CB:93:8D:57:EA:61:CC:2D:62:D3:10:70:DB:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sszaHFSHy5ONV-phzC1i0xBw21E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/e6b77f-40e6-4c93-ac32-3db961703ea9/1/sszaHFSHy5ONV-phzC1i0xBw21E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:a1:01:d1:d6:66:8b:f8:f5:ed:4a:4f:9e:bf:49:d9:7b:c6: 9d:2f:d5:d1:db:d8:26:a2:d5:38:85:aa:95:46:a9:15:42:ac: 01:5d:f7:07:07:b0:09:d0:73:27:8e:58:a7:6d:bc:98:4e:c4: cb:98:26:e5:14:53:17:f2:c9:2e:77:aa:14:4e:ea:dd:97:50: d7:79:1a:e6:6a:82:28:85:6f:06:59:2c:a3:61:95:f0:f7:6f: 3e:5f:d0:6d:3d:c6:66:82:f5:ec:02:70:48:06:22:40:05:35: 00:f3:6e:23:b7:ed:4b:15:e9:4a:99:2a:bb:db:10:45:0f:16: 9d:e1:69:1a:26:f6:66:44:b6:2c:00:83:5d:06:32:d6:3d:d8: e9:4c:23:e2:bb:16:97:7a:9c:63:73:2c:03:73:5a:0e:8a:fe: e5:8c:31:fb:96:f7:cd:42:7b:b5:e5:78:7c:04:9d:89:45:91: 9f:54:dc:cc:a0:4d:37:b8:2e:e6:fb:0b:66:6d:54:ca:1d:e7: 24:1a:ee:9a:f9:f8:de:42:7d:34:d4:81:dd:57:ee:53:fa:0d: 1c:e3:ed:55:e1:37:02:14:a5:a9:35:22:37:bf:46:da:8e:5a: d7:e3:8b:01:49:db:c7:f5:62:c9:5f:d4:b9:b8:35:b2:fe:66: 12:ec:d2:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4oU9ZeBlkZpA1RhzeVZSXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyY2NkYTFjNTQ4N2NiOTM4ZDU3ZWE2MWNjMmQ2MmQzMTA3 MGRiNTEwHhcNMjUxMjE5MjIwMDU0WhcNMjUxMjIwMjIwMDU0WjAzMTEwLwYDVQQD EyhmNjMwM2QwOGZlZTk4YzZhMDlmYzMyM2FhNDhjY2M2ODNkNjdkODE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYYTQAKAyV9fURl/Jn0fXMcatAPm GqbA55ET0o/n88QagMiI3e1LV6p8e+alHFflADGEgtgcLjcm70Kr3gAC1xdKGhO4 Bnd8uCvMfBFmvQWeF002Y7YR80cASUi6rfmZaS4EF2tYciLNGR1za8bY8o2pc3NE lLRH/lYSwefuQcscUn5avMsP0XcUu1vcizPCaXs2xtWQDdFQvfp+MNJsptVLEILS 1TD2zfOgU+SIZpZRlOUdEkIcC+dkeSoMEuJ6cJsphCJ5ACeYG5TeX+zLOcaPrNx1 NFVZZ+RomhzaT5PiuRxkP7pzWa1m9ORNELqfluEFVeT/h46hnOaLaYOOPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPYwPQj+6YxqCfwyOqSMzGg9Z9gZMB8GA1UdIwQY MBaAFLLM2hxUh8uTjVfqYcwtYtMQcNtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzIt M2RiOTYxNzAzZWE5LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9lNmI3N2YtNDBlNi00YzkzLWFjMzItM2RiOTYxNzAzZWE5 LzEvc3N6YUhGU0h5NU9OVi1waHpDMWkweEJ3MjFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACKEB0dZm i/j17UpPnr9J2XvGnS/V0dvYJqLVOIWqlUapFUKsAV33BwewCdBzJ45Yp228mE7E y5gm5RRTF/LJLneqFE7q3ZdQ13ka5mqCKIVvBlkso2GV8PdvPl/QbT3GZoL17AJw SAYiQAU1APNuI7ftSxXpSpkqu9sQRQ8WneFpGib2ZkS2LACDXQYy1j3Y6Uwj4rsW l3qcY3MsA3NaDor+5Ywx+5b3zUJ7teV4fASdiUWRn1TczKBNN7gu5vsLZm1Uyh3n JBrumvn43kJ9NNSB3VfuU/oNHOPtVeE3AhSlqTUiN79G2o5a1+OLAUnbx/ViyV/U ubg1sv5mEuzSaw== -----END CERTIFICATE-----Generated at Sat Dec 20 05:32:17 2025 by rpki-client