This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft File: shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json) Hash identifier: qJr0cVJ7s9EoWGf8H5puT60aiQS3YbvXlHMacBdjjiM= Subject key identifier: 2B:40:8F:61:F3:26:4E:8F:2E:6F:57:2C:D9:7D:05:F6:F8:D4:3E:40 Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75 Certificate issuer: /CN=b215270e3b5976b44f3adece57047d1e0787ba75 Certificate serial: 019B5ABF2A9736F53E30DA2F33D8B7CDB4E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft Manifest number: 1797 Signing time: Fri 26 Dec 2025 13:00:36 +0000 Manifest this update: Fri 26 Dec 2025 13:00:36 +0000 Manifest next update: Sat 27 Dec 2025 13:00:36 +0000 Files and hashes: 1: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: I8j0K1go+NHmFGj869AYfWIN9FRQZLYJDaSbf3+T4cg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:2a:97:36:f5:3e:30:da:2f:33:d8:b7:cd:b4:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75 Validity Not Before: Dec 26 13:00:36 2025 GMT Not After : Dec 27 13:00:36 2025 GMT Subject: CN=2b408f61f3264e8f2e6f572cd97d05f6f8d43e40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:24:51:4d:1c:5b:bc:80:c6:e9:bd:ac:a8:00: b1:5e:65:12:50:26:28:54:01:39:9c:4a:b7:63:a6: 3c:6b:a0:bd:9d:c5:b7:c5:ce:34:36:78:2f:2d:c8: 93:7a:d7:d2:2a:ea:b3:96:3d:25:30:68:f6:c6:d3: c7:b2:ab:f5:5d:76:70:4f:56:0b:05:f7:19:95:3c: d5:63:57:e7:99:b0:29:0d:1a:14:99:fd:64:99:75: 80:b0:36:83:88:78:6e:cb:d7:b1:17:2d:36:90:38: 21:c0:10:67:66:cc:09:01:fe:77:77:c6:73:59:de: 7d:9c:69:d2:27:c2:54:a9:3f:93:6a:7d:ab:87:06: a5:e3:47:0b:97:15:f0:84:f1:6b:6f:72:5f:8d:fc: 0b:f3:63:ad:1b:d3:33:f8:62:9b:bb:5e:f3:c2:3f: 8b:3a:02:2c:ab:55:f6:4a:1f:88:e0:f7:dc:98:6d: 7b:a1:80:b4:7e:22:04:76:3e:3a:af:92:a9:86:41: a1:c9:13:37:4a:07:c7:74:4c:47:67:43:19:f4:81: 83:c3:98:af:b7:6b:e6:e6:95:93:46:1a:22:ec:4c: 0b:3e:4b:0b:cb:03:c1:71:c2:48:49:2e:58:0a:ae: b5:f5:47:d9:c5:5f:c7:3b:e6:ee:5f:85:01:67:8e: 41:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:40:8F:61:F3:26:4E:8F:2E:6F:57:2C:D9:7D:05:F6:F8:D4:3E:40 X509v3 Authority Key Identifier: keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:e1:54:fe:40:a2:d5:12:5f:bf:2f:c7:7b:78:5d:80:2a:34: ff:5d:56:28:67:f1:04:87:cc:04:b2:8a:01:6b:05:a6:0a:9e: 69:67:21:81:d0:ab:b8:04:65:f7:f6:85:4e:39:0a:d9:81:dc: 9a:6c:d6:0b:12:9d:e5:6a:d3:9d:fd:d6:80:ba:66:32:de:8d: 27:08:7d:77:20:fe:2b:16:4a:c3:ef:af:bd:a6:10:8d:11:37: 06:c2:1a:59:78:8c:1f:53:36:58:25:8d:63:99:42:ac:f9:c4: d5:56:ff:5e:c6:24:7d:f0:22:cc:8d:f4:f2:79:a7:30:a1:0b: 3d:a7:50:b6:03:bc:83:fb:dd:ba:78:54:17:15:4c:1f:72:f2: 2c:fc:6e:aa:72:1e:5c:07:21:37:8e:02:05:bb:ae:0b:44:fb: 9b:56:74:be:fd:f3:91:01:4e:f7:bc:c0:5b:aa:16:79:82:5b: f8:68:4a:74:30:68:c6:a6:b1:7b:e6:2d:9d:38:32:da:c9:52: a8:77:7c:fd:c7:eb:96:7d:7a:56:d7:e9:1b:bb:a9:fd:54:66: 2a:a4:84:17:42:48:30:89:81:93:01:bb:a1:4f:83:1e:8d:1e: 57:d9:31:09:e0:3d:8c:aa:25:3d:79:96:8b:c4:84:b4:6d:69: a9:1c:0f:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtavyqXNvU+MNovM9i3zbTnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4 N2JhNzUwHhcNMjUxMjI2MTMwMDM2WhcNMjUxMjI3MTMwMDM2WjAzMTEwLwYDVQQD EygyYjQwOGY2MWYzMjY0ZThmMmU2ZjU3MmNkOTdkMDVmNmY4ZDQzZTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriRRTRxbvIDG6b2sqACxXmUSUCYo VAE5nEq3Y6Y8a6C9ncW3xc40NngvLciTetfSKuqzlj0lMGj2xtPHsqv1XXZwT1YL BfcZlTzVY1fnmbApDRoUmf1kmXWAsDaDiHhuy9exFy02kDghwBBnZswJAf53d8Zz Wd59nGnSJ8JUqT+Tan2rhwal40cLlxXwhPFrb3JfjfwL82OtG9Mz+GKbu17zwj+L OgIsq1X2Sh+I4PfcmG17oYC0fiIEdj46r5KphkGhyRM3SgfHdExHZ0MZ9IGDw5iv t2vm5pWTRhoi7EwLPksLywPBccJISS5YCq619UfZxV/HO+buX4UBZ45BuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCtAj2HzJk6PLm9XLNl9Bfb41D5AMB8GA1UdIwQY MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1 LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg+FU/kCi 1RJfvy/He3hdgCo0/11WKGfxBIfMBLKKAWsFpgqeaWchgdCruARl9/aFTjkK2YHc mmzWCxKd5WrTnf3WgLpmMt6NJwh9dyD+KxZKw++vvaYQjRE3BsIaWXiMH1M2WCWN Y5lCrPnE1Vb/XsYkffAizI308nmnMKELPadQtgO8g/vdunhUFxVMH3LyLPxuqnIe XAchN44CBbuuC0T7m1Z0vv3zkQFO97zAW6oWeYJb+GhKdDBoxqaxe+YtnTgy2slS qHd8/cfrln16VtfpG7up/VRmKqSEF0JIMImBkwG7oU+DHo0eV9kxCeA9jKolPXmW i8SEtG1pqRwP3g== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:20 2025 by rpki-client