This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft File: S21-pBAzg38IwoxHQphLgrj0Q98.mft (raw, json) Hash identifier: LGbC6KXns0nNF2AIgZ0xBmP02MLqJyU8V1Qo7fj2meY= Subject key identifier: 96:54:DB:D5:95:06:04:2D:A1:37:40:5C:84:80:85:92:4B:C3:21:81 Authority key identifier: 4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF Certificate issuer: /CN=4b6d7ea41033837f08c28c4742984b82b8f443df Certificate serial: 019B24AD157FCC376B3BFD207874887CB1E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft Manifest number: 13AC Signing time: Tue 16 Dec 2025 01:01:21 +0000 Manifest this update: Tue 16 Dec 2025 01:01:21 +0000 Manifest next update: Wed 17 Dec 2025 01:01:21 +0000 Files and hashes: 1: R0-_LF6KU0ufBdJHLr5D2OsCZsM.roa (hash: 9atL02W0zWCgguNUrFQhgbOUdRY0kP2jIZbv6fAlg2k=) 2: S21-pBAzg38IwoxHQphLgrj0Q98.crl (hash: BRkS1sVFE2OzffGreNUQRvEZYK+pA6mUjxJbiomwuuI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:ad:15:7f:cc:37:6b:3b:fd:20:78:74:88:7c:b1:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b6d7ea41033837f08c28c4742984b82b8f443df Validity Not Before: Dec 16 01:01:21 2025 GMT Not After : Dec 17 01:01:21 2025 GMT Subject: CN=9654dbd59506042da137405c848085924bc32181 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:29:ef:d0:12:17:45:b2:39:59:ca:9a:57:9d: cc:0c:1b:71:23:e0:65:31:a6:79:19:b0:d1:09:91: 4a:e0:4c:95:69:f7:e2:f0:d8:14:6d:72:7f:3e:3f: 4a:0b:45:db:d3:11:17:5c:60:27:86:82:56:49:a9: db:dc:bb:c4:4d:f8:48:f2:19:54:9c:63:32:9e:5c: 6a:81:9d:71:a5:d9:5c:bf:57:48:d0:6b:2c:6e:ac: f9:8a:d4:98:da:f4:a8:af:48:71:bf:29:c6:c2:e1: 0a:c5:a3:c5:d2:01:2f:31:7f:c4:4a:f8:3d:3b:38: 35:ed:4c:63:2f:4d:ac:48:ae:74:a5:4c:1e:45:b9: 9d:48:de:87:4a:60:06:f5:c5:6b:0b:e5:03:cb:ea: 3c:28:30:42:f8:e5:23:47:40:f2:67:c1:79:a2:7d: 0e:16:bc:bc:ad:0d:91:e5:71:1d:56:c3:9c:64:c6: fc:6b:65:db:01:13:b7:40:08:40:7c:a4:8a:c4:4d: a6:ea:de:74:a7:5b:28:6d:b6:9a:57:8d:c8:bf:6e: 44:b7:e3:d9:4a:72:e6:ac:c1:83:05:46:3f:a1:7c: 67:d6:e5:81:0a:c3:54:65:43:76:38:b2:09:07:00: fd:61:27:65:a6:ae:5b:8e:c2:cb:23:ca:18:e3:e8: eb:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:54:DB:D5:95:06:04:2D:A1:37:40:5C:84:80:85:92:4B:C3:21:81 X509v3 Authority Key Identifier: keyid:4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:52:65:d4:7f:f7:3d:c1:4a:67:ab:7e:f5:73:16:24:e2:cf: 36:3d:bd:27:32:53:ce:4e:12:95:23:ba:c0:41:ed:8e:2f:b3: c8:6a:32:36:f9:ae:4d:87:7f:a2:a6:5c:f7:07:3e:a1:ce:1a: 02:88:9e:c8:8b:c3:50:61:07:1b:49:ea:21:48:be:02:0d:34: 60:3a:1a:c0:62:28:03:b0:19:a6:36:8c:dc:8c:df:4a:72:56: 52:f3:c2:8b:82:c1:04:26:9c:f5:55:7c:bd:50:65:14:fa:50: 02:23:57:ad:2a:f1:94:42:a4:57:04:b5:cf:73:7b:ed:2b:04: 19:cc:78:36:71:36:c8:b7:27:b2:06:79:36:4c:65:7c:9a:ee: 09:fc:67:83:46:c9:c0:93:2f:d8:59:dc:8b:a8:ae:89:60:cd: 64:b6:2f:d1:39:d0:ff:63:49:a8:36:19:28:8b:f0:ab:56:58: f5:14:7a:ea:ee:7d:ac:90:bf:aa:c8:a7:67:f5:62:ee:61:01: 24:05:94:0f:f9:6a:d9:98:e3:43:73:ec:64:cc:9b:c8:cd:7b: 24:82:c6:a7:3a:97:65:cd:9e:03:46:5f:eb:ce:98:aa:d7:e1: 70:76:5f:ba:c6:b5:d6:0e:b0:4c:9d:e0:4d:59:83:0f:56:bf: f0:90:af:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskrRV/zDdrO/0geHSIfLHiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNmQ3ZWE0MTAzMzgzN2YwOGMyOGM0NzQyOTg0YjgyYjhm NDQzZGYwHhcNMjUxMjE2MDEwMTIxWhcNMjUxMjE3MDEwMTIxWjAzMTEwLwYDVQQD Eyg5NjU0ZGJkNTk1MDYwNDJkYTEzNzQwNWM4NDgwODU5MjRiYzMyMTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCnv0BIXRbI5WcqaV53MDBtxI+Bl MaZ5GbDRCZFK4EyVaffi8NgUbXJ/Pj9KC0Xb0xEXXGAnhoJWSanb3LvETfhI8hlU nGMynlxqgZ1xpdlcv1dI0Gssbqz5itSY2vSor0hxvynGwuEKxaPF0gEvMX/ESvg9 Ozg17UxjL02sSK50pUweRbmdSN6HSmAG9cVrC+UDy+o8KDBC+OUjR0DyZ8F5on0O Fry8rQ2R5XEdVsOcZMb8a2XbARO3QAhAfKSKxE2m6t50p1sobbaaV43Iv25Et+PZ SnLmrMGDBUY/oXxn1uWBCsNUZUN2OLIJBwD9YSdlpq5bjsLLI8oY4+jrXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJZU29WVBgQtoTdAXISAhZJLwyGBMB8GA1UdIwQY MBaAFEttfqQQM4N/CMKMR0KYS4K49EPfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYt NWVlODcyMWMxY2ZjLzEvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYtNWVlODcyMWMxY2Zj LzEvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABVJl1H/3 PcFKZ6t+9XMWJOLPNj29JzJTzk4SlSO6wEHtji+zyGoyNvmuTYd/oqZc9wc+oc4a AoieyIvDUGEHG0nqIUi+Ag00YDoawGIoA7AZpjaM3IzfSnJWUvPCi4LBBCac9VV8 vVBlFPpQAiNXrSrxlEKkVwS1z3N77SsEGcx4NnE2yLcnsgZ5NkxlfJruCfxng0bJ wJMv2Fnci6iuiWDNZLYv0TnQ/2NJqDYZKIvwq1ZY9RR66u59rJC/qsinZ/Vi7mEB JAWUD/lq2ZjjQ3PsZMybyM17JILGpzqXZc2eA0Zf686YqtfhcHZfusa11g6wTJ3g TVmDD1a/8JCvtQ== -----END CERTIFICATE-----Generated at Tue Dec 16 04:40:19 2025 by rpki-client