This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft File: St2XYC4ZGOerwfYtz9TaynNJmz4.mft (raw, json) Hash identifier: pJHhGqOShNkduoiaAe71mnWJZ1LVJEaI0PsH6AxPh1Q= Subject key identifier: DD:BF:E6:E8:C1:CC:B9:2A:B9:34:2F:83:85:B6:37:2D:53:F9:08:10 Authority key identifier: 4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E Certificate issuer: /CN=4add97602e1918e7abc1f62dcfd4daca73499b3e Certificate serial: 019B59E426BB1633CD0143818FA22EE4E073 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft Manifest number: 0303 Signing time: Fri 26 Dec 2025 09:01:22 +0000 Manifest this update: Fri 26 Dec 2025 09:01:22 +0000 Manifest next update: Sat 27 Dec 2025 09:01:22 +0000 Files and hashes: 1: St2XYC4ZGOerwfYtz9TaynNJmz4.crl (hash: mgFdNdBobDJ+azewancu1XhmwHG8847brnVvtEw6aJw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:26:bb:16:33:cd:01:43:81:8f:a2:2e:e4:e0:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4add97602e1918e7abc1f62dcfd4daca73499b3e Validity Not Before: Dec 26 09:01:22 2025 GMT Not After : Dec 27 09:01:22 2025 GMT Subject: CN=ddbfe6e8c1ccb92ab9342f8385b6372d53f90810 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9a:8a:df:96:04:86:b8:c5:af:ce:91:77:80: 7c:7d:67:b6:50:79:f2:40:c1:8b:6e:00:11:a1:82: 35:b6:97:0e:17:25:4c:3a:62:13:3d:fa:67:92:40: 27:f8:75:07:3b:fb:65:6e:df:93:2e:70:1d:65:77: cf:92:84:23:db:ad:cc:d1:0d:46:ed:48:7e:38:15: 99:31:2f:55:5e:4a:3d:08:10:21:d4:17:2d:d5:d8: 82:70:74:99:ea:ac:1f:a4:3d:fa:e7:79:ce:8a:31: 09:38:4a:47:a1:4a:86:08:d2:4e:75:15:46:4e:01: 01:5c:ca:ea:f8:26:c7:eb:61:91:28:b6:02:41:6c: 25:44:14:8a:e8:a2:70:7f:f0:90:ec:90:5a:55:37: 0f:96:1a:b0:22:2e:c1:1e:52:b1:ba:d4:45:91:b8: 03:7b:77:8a:83:33:2b:29:91:13:41:11:1f:ad:32: 60:c4:b2:16:71:60:bd:31:a6:47:ff:48:a9:38:89: 7c:f6:66:20:12:f5:b4:35:ad:9e:03:0d:09:19:6c: 9c:aa:d7:ac:99:ce:af:13:51:1e:87:56:29:e1:94: 85:8e:81:9b:7f:d3:8a:13:95:48:56:5f:bd:09:3b: e9:e5:e3:65:55:08:70:74:ee:e3:3e:af:63:c7:c2: ed:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:BF:E6:E8:C1:CC:B9:2A:B9:34:2F:83:85:B6:37:2D:53:F9:08:10 X509v3 Authority Key Identifier: keyid:4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:b6:48:8e:08:e3:f3:64:9f:d5:33:4a:b7:cd:e4:19:c0:d4: 93:36:d8:fa:b7:cf:49:78:a6:d4:53:78:cf:83:ef:1f:d0:d8: 13:ab:56:d2:8c:4d:aa:02:c5:c3:a4:27:ec:fc:a0:c7:71:53: a9:21:81:24:3d:f7:c3:bf:c2:48:a6:6f:58:62:cf:b0:02:00: 91:c5:4b:2f:3e:71:91:44:f0:71:e1:6c:93:79:51:e6:19:18: 0c:83:6e:5b:78:94:d7:11:7e:85:58:7d:3e:55:40:5c:30:b2: 19:a7:16:b5:2c:19:c5:e4:eb:7e:4d:29:e6:bb:e7:e6:50:10: 19:b9:10:10:00:de:0d:3a:2b:dd:72:b6:bd:87:c2:1c:84:da: 0f:72:17:37:bd:4d:88:f6:23:fd:b7:c2:84:5d:39:84:b0:92: aa:42:82:c2:39:d8:c7:38:f0:83:26:78:98:f2:91:08:32:58: bb:95:91:66:e3:86:1c:dd:bc:ae:4f:3a:69:c0:17:65:98:d8: e6:2d:6a:13:13:ac:3a:7b:4e:7e:c9:99:75:8e:9e:a9:a7:7d: 7b:28:cc:4b:e6:bb:e7:b1:c3:87:e4:33:05:95:dd:8c:18:c0: b6:29:3c:5e:cd:25:10:25:01:e1:3c:29:2c:d7:a1:e3:53:38: 95:ee:d2:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5Ca7FjPNAUOBj6Iu5OBzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhZGQ5NzYwMmUxOTE4ZTdhYmMxZjYyZGNmZDRkYWNhNzM0 OTliM2UwHhcNMjUxMjI2MDkwMTIyWhcNMjUxMjI3MDkwMTIyWjAzMTEwLwYDVQQD EyhkZGJmZTZlOGMxY2NiOTJhYjkzNDJmODM4NWI2MzcyZDUzZjkwODEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJqK35YEhrjFr86Rd4B8fWe2UHny QMGLbgARoYI1tpcOFyVMOmITPfpnkkAn+HUHO/tlbt+TLnAdZXfPkoQj263M0Q1G 7Uh+OBWZMS9VXko9CBAh1Bct1diCcHSZ6qwfpD3653nOijEJOEpHoUqGCNJOdRVG TgEBXMrq+CbH62GRKLYCQWwlRBSK6KJwf/CQ7JBaVTcPlhqwIi7BHlKxutRFkbgD e3eKgzMrKZETQREfrTJgxLIWcWC9MaZH/0ipOIl89mYgEvW0Na2eAw0JGWycqtes mc6vE1Eeh1Yp4ZSFjoGbf9OKE5VIVl+9CTvp5eNlVQhwdO7jPq9jx8LtTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN2/5ujBzLkquTQvg4W2Ny1T+QgQMB8GA1UdIwQY MBaAFErdl2AuGRjnq8H2Lc/U2spzSZs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUt MTJlNWU4MTczMjAxLzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUtMTJlNWU4MTczMjAx LzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqbZIjgjj 82Sf1TNKt83kGcDUkzbY+rfPSXim1FN4z4PvH9DYE6tW0oxNqgLFw6Qn7Pygx3FT qSGBJD33w7/CSKZvWGLPsAIAkcVLLz5xkUTwceFsk3lR5hkYDINuW3iU1xF+hVh9 PlVAXDCyGacWtSwZxeTrfk0p5rvn5lAQGbkQEADeDTor3XK2vYfCHITaD3IXN71N iPYj/bfChF05hLCSqkKCwjnYxzjwgyZ4mPKRCDJYu5WRZuOGHN28rk86acAXZZjY 5i1qExOsOntOfsmZdY6eqad9eyjMS+a757HDh+QzBZXdjBjAtik8Xs0lECUB4Twp LNeh41M4le7Szw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:25 2025 by rpki-client