This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft File: sd-OADfxroL3viI1rmEsQBD2_pE.mft (raw, json) Hash identifier: VEqfm5XsK9DACbjCW3mugR6LJOPQkgoQm9sjyP9r+pc= Subject key identifier: D3:1F:08:E3:00:26:50:F0:B6:1E:8D:90:6B:8F:FB:51:BA:F7:00:AF Authority key identifier: B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91 Certificate issuer: /CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91 Certificate serial: 019B4136BE0AE5C6D5F1BDC6B8671F293889 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft Manifest number: 02A0 Signing time: Sun 21 Dec 2025 14:01:05 +0000 Manifest this update: Sun 21 Dec 2025 14:01:05 +0000 Manifest next update: Mon 22 Dec 2025 14:01:05 +0000 Files and hashes: 1: GdRMKH6WdmmVubPmURRtVnS8GV8.roa (hash: gQYTKVfews/6lfRAQlloM0LgEpj91iqOXwXozcwIpNc=) 2: sd-OADfxroL3viI1rmEsQBD2_pE.crl (hash: 6a00fa/q3MKPuyj5ej+9+467jbweI3vz7RGUFGDYQcI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:be:0a:e5:c6:d5:f1:bd:c6:b8:67:1f:29:38:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91 Validity Not Before: Dec 21 14:01:05 2025 GMT Not After : Dec 22 14:01:05 2025 GMT Subject: CN=d31f08e3002650f0b61e8d906b8ffb51baf700af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:9b:64:8c:32:d9:0e:d9:50:cd:af:16:8d:cf: ff:37:e0:48:42:a0:a7:f8:b7:9f:76:2a:0a:ee:80: d5:92:63:1f:2c:15:df:b6:28:75:16:eb:03:a0:7f: 9a:08:b3:9e:ea:ea:4b:77:67:8f:36:02:dd:50:73: 45:78:6a:c0:71:a5:ea:58:18:38:07:97:cd:f1:a3: 99:90:78:4c:0d:9e:55:23:e2:e5:94:91:8c:a9:a7: 74:53:6e:72:36:ae:2f:1e:27:9f:c9:fd:ad:05:da: f1:1d:7b:b5:c9:61:c2:8d:27:60:e0:47:eb:ad:1e: 64:6d:2d:af:5d:9e:60:01:eb:f3:6e:09:54:c0:46: b9:47:c3:0c:c6:26:de:74:48:84:7c:cc:18:89:29: 42:b9:2d:53:15:b4:e6:d8:5d:de:a3:bd:01:97:be: 0c:46:3c:f9:ac:6a:45:4c:35:1c:89:bb:ae:6a:5a: bc:f3:94:29:5e:bc:1b:79:20:e1:55:a4:cd:b8:8d: eb:be:f4:41:ea:95:36:21:7e:52:e7:e5:c2:e2:0d: 0b:11:61:d7:c6:39:fb:54:71:dc:67:b2:c2:5a:06: ca:79:7c:d1:96:c0:97:7a:09:40:2d:e0:63:09:8f: 45:67:45:33:f7:b5:9f:2e:31:18:d0:54:2d:8c:42: 36:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:1F:08:E3:00:26:50:F0:B6:1E:8D:90:6B:8F:FB:51:BA:F7:00:AF X509v3 Authority Key Identifier: keyid:B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:6f:ef:c9:0a:1c:67:ab:69:d4:e8:5c:d5:60:46:07:12:85: 45:fe:3e:44:b6:32:ea:a2:6b:1c:f7:6b:2c:ba:61:1f:0c:f9: 95:4e:a0:91:09:b1:cb:48:07:91:22:d1:d8:f1:37:d8:61:16: 5c:70:b4:0a:9d:3f:0b:27:9b:35:b7:d8:5d:56:c4:a0:17:b4: 8c:df:75:44:14:9d:9f:bb:18:19:3f:81:e4:80:57:e2:fd:f8: 6b:09:f5:ef:63:23:f3:a0:2b:01:4e:ce:af:28:ce:20:67:0c: a2:e7:22:ee:d5:4f:95:ec:d0:a3:3f:b2:ad:a2:52:69:9d:76: 50:a6:09:b6:b9:3e:6f:90:ea:8c:f9:ab:db:60:56:4e:09:76: 57:bb:44:13:60:43:82:ac:51:ac:39:ac:2d:49:fc:f5:ae:cf: f4:f9:93:26:2f:b2:8b:84:d9:4d:54:1d:a6:17:52:33:6b:ae: d8:7b:83:d0:35:bd:b8:9a:d2:18:c6:1e:d2:6a:ff:95:9d:55: f0:3b:05:2e:5e:6c:4f:9e:eb:d1:b4:76:fa:e1:4d:f4:2f:1d: a7:8b:9f:69:a1:8e:ef:0d:cf:04:3f:32:cb:69:fb:e5:93:5c: 2f:bb:ac:ac:c0:dc:94:14:43:5a:d5:d3:19:54:18:96:f4:0c: 52:2a:a7:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNr4K5cbV8b3GuGcfKTiJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZGY4ZTAwMzdmMWFlODJmN2JlMjIzNWFlNjEyYzQwMTBm NmZlOTEwHhcNMjUxMjIxMTQwMTA1WhcNMjUxMjIyMTQwMTA1WjAzMTEwLwYDVQQD EyhkMzFmMDhlMzAwMjY1MGYwYjYxZThkOTA2YjhmZmI1MWJhZjcwMGFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuptkjDLZDtlQza8Wjc//N+BIQqCn +LefdioK7oDVkmMfLBXftih1FusDoH+aCLOe6upLd2ePNgLdUHNFeGrAcaXqWBg4 B5fN8aOZkHhMDZ5VI+LllJGMqad0U25yNq4vHiefyf2tBdrxHXu1yWHCjSdg4Efr rR5kbS2vXZ5gAevzbglUwEa5R8MMxibedEiEfMwYiSlCuS1TFbTm2F3eo70Bl74M Rjz5rGpFTDUcibuualq885QpXrwbeSDhVaTNuI3rvvRB6pU2IX5S5+XC4g0LEWHX xjn7VHHcZ7LCWgbKeXzRlsCXeglALeBjCY9FZ0Uz97WfLjEY0FQtjEI21QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNMfCOMAJlDwth6NkGuP+1G69wCvMB8GA1UdIwQY MBaAFLHfjgA38a6C974iNa5hLEAQ9v6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEt MTljYTUwY2YzNGFiLzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEtMTljYTUwY2YzNGFi LzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnm/vyQoc Z6tp1Ohc1WBGBxKFRf4+RLYy6qJrHPdrLLphHwz5lU6gkQmxy0gHkSLR2PE32GEW XHC0Cp0/CyebNbfYXVbEoBe0jN91RBSdn7sYGT+B5IBX4v34awn172Mj86ArAU7O ryjOIGcMouci7tVPlezQoz+yraJSaZ12UKYJtrk+b5DqjPmr22BWTgl2V7tEE2BD gqxRrDmsLUn89a7P9PmTJi+yi4TZTVQdphdSM2uu2HuD0DW9uJrSGMYe0mr/lZ1V 8DsFLl5sT57r0bR2+uFN9C8dp4ufaaGO7w3PBD8yy2n75ZNcL7usrMDclBRDWtXT GVQYlvQMUiqn0Q== -----END CERTIFICATE-----Generated at Sun Dec 21 23:00:19 2025 by rpki-client