This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json) Hash identifier: SPFr3o6vLiIaiygtn0KPCEOAL2MhG93mNvPS3hqwFiU= Subject key identifier: 95:16:28:F4:52:27:4C:B0:29:3B:00:E1:0C:7C:A3:0F:98:FD:52:08 Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124 Certificate serial: 019B59E460A81083E2BF1F6BCC3E1B619787 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft Manifest number: 0A93 Signing time: Fri 26 Dec 2025 09:01:37 +0000 Manifest this update: Fri 26 Dec 2025 09:01:37 +0000 Manifest next update: Sat 27 Dec 2025 09:01:37 +0000 Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: 631S7O5ESEE8pD9zpSx2LysEVuDK1Jo2SR0TyHHMGxI=) 2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e4:60:a8:10:83:e2:bf:1f:6b:cc:3e:1b:61:97:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db42059ce291d49a66920731c767da563ef21124 Validity Not Before: Dec 26 09:01:37 2025 GMT Not After : Dec 27 09:01:37 2025 GMT Subject: CN=951628f452274cb0293b00e10c7ca30f98fd5208 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:74:4d:6a:2e:d8:6e:8a:a8:6e:02:79:cf:94: 83:10:6e:de:be:d8:ff:3d:b0:50:fe:86:87:a1:26: 0d:e6:05:30:0f:06:b4:99:fa:88:33:aa:0a:aa:dd: 95:71:7b:a6:e2:51:50:a8:19:11:6d:61:d7:a3:d6: 0a:a8:60:74:98:7d:03:6c:50:6f:d4:c6:2d:8e:8c: 78:53:dd:27:cd:b2:84:e7:be:57:44:77:d8:46:82: 2b:9b:a4:0d:e1:07:46:fa:da:87:ad:65:e0:26:f6: bb:cd:a5:92:2b:57:38:60:3b:f7:84:63:c6:26:59: ac:e4:ba:a6:93:7c:07:d9:4a:ac:7b:1e:61:47:ad: be:8c:3f:21:bd:30:9d:66:b9:91:1e:36:2d:b1:9a: 60:b3:81:94:52:3b:c7:84:b6:19:c2:df:78:94:e9: 38:eb:8c:c8:74:ba:92:7e:1f:a8:53:a4:7c:61:ce: 18:0f:13:63:4c:0e:19:3d:36:11:06:01:6f:73:76: b6:bd:bd:b7:e6:d8:d2:ac:67:8b:af:0b:c4:bc:fc: 2d:d6:9d:e8:26:c3:9c:52:2f:2e:69:07:2c:63:ca: 51:5c:b5:b8:fa:59:b4:7b:5e:0e:54:2a:4e:f6:9f: 97:9d:d8:95:1c:dc:b5:25:a2:49:92:0b:b4:22:24: a7:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:16:28:F4:52:27:4C:B0:29:3B:00:E1:0C:7C:A3:0F:98:FD:52:08 X509v3 Authority Key Identifier: keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:83:9d:45:f0:95:a4:82:6d:9a:06:f4:3f:4c:de:63:56:fb: a1:fa:d7:58:40:0e:7f:27:5b:69:0d:2b:31:8d:a9:a3:14:1a: 5a:fa:09:73:10:b5:8a:24:03:98:3b:09:ee:a3:10:00:42:d4: 53:c8:0f:87:d7:65:9e:4b:16:e2:67:ca:72:25:5b:ed:86:c7: 8e:23:98:91:56:34:d5:a5:b9:d3:fb:05:01:ac:20:e3:c8:55: 95:64:0d:d0:d9:cd:a0:f4:c2:c5:45:40:16:7e:22:6d:c8:f0: 95:b7:28:be:45:d6:a7:47:29:cd:a9:51:a9:da:28:22:a7:e9: 5a:a9:0c:ee:c7:78:21:df:9d:b0:77:b9:92:6b:57:80:bc:78: fc:61:fe:45:23:1b:e2:be:06:7f:14:d3:36:90:35:94:f8:aa: 3b:e5:9c:40:41:35:5b:79:a3:42:c6:82:fd:56:02:a6:89:54: f8:b9:07:6a:b2:0e:3e:76:64:7e:f0:2d:c1:5b:5a:6e:fe:df: ca:b8:3d:49:f3:c8:ca:48:eb:7e:3e:e1:79:d4:2f:74:fe:b7: e6:6d:b6:43:cc:cf:58:aa:11:d5:a0:24:34:84:6b:78:ab:6e: 1a:ca:00:d3:cb:27:48:3f:23:7e:37:af:2e:0c:1e:eb:cc:a3: ef:71:7a:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ5GCoEIPivx9rzD4bYZeHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm MjExMjQwHhcNMjUxMjI2MDkwMTM3WhcNMjUxMjI3MDkwMTM3WjAzMTEwLwYDVQQD Eyg5NTE2MjhmNDUyMjc0Y2IwMjkzYjAwZTEwYzdjYTMwZjk4ZmQ1MjA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03RNai7YboqobgJ5z5SDEG7evtj/ PbBQ/oaHoSYN5gUwDwa0mfqIM6oKqt2VcXum4lFQqBkRbWHXo9YKqGB0mH0DbFBv 1MYtjox4U90nzbKE575XRHfYRoIrm6QN4QdG+tqHrWXgJva7zaWSK1c4YDv3hGPG Jlms5Lqmk3wH2Uqsex5hR62+jD8hvTCdZrmRHjYtsZpgs4GUUjvHhLYZwt94lOk4 64zIdLqSfh+oU6R8Yc4YDxNjTA4ZPTYRBgFvc3a2vb235tjSrGeLrwvEvPwt1p3o JsOcUi8uaQcsY8pRXLW4+lm0e14OVCpO9p+XndiVHNy1JaJJkgu0IiSnCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJUWKPRSJ0ywKTsA4Qx8ow+Y/VIIMB8GA1UdIwQY MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARYOdRfCV pIJtmgb0P0zeY1b7ofrXWEAOfydbaQ0rMY2poxQaWvoJcxC1iiQDmDsJ7qMQAELU U8gPh9dlnksW4mfKciVb7YbHjiOYkVY01aW50/sFAawg48hVlWQN0NnNoPTCxUVA Fn4ibcjwlbcovkXWp0cpzalRqdooIqfpWqkM7sd4Id+dsHe5kmtXgLx4/GH+RSMb 4r4GfxTTNpA1lPiqO+WcQEE1W3mjQsaC/VYCpolU+LkHarIOPnZkfvAtwVtabv7f yrg9SfPIykjrfj7hedQvdP635m22Q8zPWKoR1aAkNIRreKtuGsoA08snSD8jfjev Lgwe68yj73F66A== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:27 2025 by rpki-client