This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft File: StFxca6oV2xDHGN0GGkcnB9VdRY.mft (raw, json) Hash identifier: pYU9XsJ75Eg45DHKL4AdpV5yoT+qhkVb7VcD3fsWups= Subject key identifier: AC:16:09:AE:B8:A3:90:AA:16:6E:EC:87:5C:50:8D:59:CA:EC:3B:26 Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16 Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516 Certificate serial: 019B5ABF5A23FAE1C9EE1DB79663E793255F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft Manifest number: 1444 Signing time: Fri 26 Dec 2025 13:00:48 +0000 Manifest this update: Fri 26 Dec 2025 13:00:48 +0000 Manifest next update: Sat 27 Dec 2025 13:00:48 +0000 Files and hashes: 1: SHXTlexCU640W6zbYxhCmQn8Cw4.roa (hash: k2ku6jDV9cI0tnwN43DyJg87QMwSJe7N2AG8yOiDsPE=) 2: StFxca6oV2xDHGN0GGkcnB9VdRY.crl (hash: sWOWfQe/VIvVHibod3C+kr70m1lqpFrEniVUwDIqOMI=) 3: TPLmVhwEw6jgrdMtUuhmz_0dBbo.roa (hash: wGkqaR7oIjPHLb7cXn0PbtIJ1WFfuKuRjd0OcbETY00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:5a:23:fa:e1:c9:ee:1d:b7:96:63:e7:93:25:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516 Validity Not Before: Dec 26 13:00:48 2025 GMT Not After : Dec 27 13:00:48 2025 GMT Subject: CN=ac1609aeb8a390aa166eec875c508d59caec3b26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:03:28:97:4c:26:45:db:12:98:f0:41:ba:d2: 26:09:ef:96:53:64:30:9b:69:d0:cf:55:1e:82:c5: 9b:70:41:94:65:23:29:af:b4:5b:1d:df:ba:24:10: 40:54:a4:f9:da:fc:fa:d1:21:76:ea:30:dd:dc:8a: b3:a9:f5:d7:c2:b8:61:0a:9e:07:b7:0b:46:d1:5d: de:07:01:95:b2:c6:f7:1f:c4:67:43:67:7e:a3:ed: 59:92:2e:59:07:bf:da:9f:d9:da:d7:92:a3:c5:9f: b7:08:04:63:91:bc:33:02:c7:00:46:9d:2f:09:5b: 86:9f:aa:1d:76:61:49:75:f5:8f:41:35:da:46:33: 1b:43:23:f4:82:8a:a0:0a:70:72:20:82:ec:4b:bb: ec:55:72:18:75:7f:2b:e1:92:20:38:2b:fd:c5:83: c5:e9:e8:b8:e4:b9:58:02:c8:c1:fe:72:1e:4c:b1: 6a:d1:b7:e8:96:fe:38:68:4c:0c:e7:a5:34:f6:91: ea:12:24:23:f1:b6:60:ce:77:c3:be:24:28:26:88: c3:43:f4:0c:6c:90:ce:30:cb:dd:7c:2c:26:71:76: 8d:79:73:c5:71:e7:81:aa:bb:7f:cd:7f:60:b4:3b: 7a:4a:db:6e:9d:e4:74:0e:37:42:16:49:66:83:df: 7b:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:16:09:AE:B8:A3:90:AA:16:6E:EC:87:5C:50:8D:59:CA:EC:3B:26 X509v3 Authority Key Identifier: keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:c4:dd:90:d6:c1:76:6f:df:1c:9b:51:be:98:1d:c8:89:1f: 8a:bc:16:c9:2b:6a:4f:53:30:6f:61:b6:3a:03:45:c4:a5:c3: 36:0a:3c:b9:65:79:76:67:b1:db:b0:7d:ee:01:45:83:2f:5e: 80:c2:34:58:61:a7:92:04:b7:97:c0:48:48:0d:84:46:a5:b8: c2:b2:70:83:4c:44:b4:5f:d0:3b:b5:07:2d:ed:12:e8:13:3e: 07:5e:27:eb:b0:36:c0:2a:5e:33:6b:61:fa:cd:4b:66:d9:17: c2:82:74:ec:9e:f3:96:36:3c:a3:50:58:13:f7:64:c3:9b:d6: ec:37:17:91:3b:16:c7:d9:5f:bd:69:c6:d3:5a:f9:2c:8f:aa: 55:96:5e:e5:66:6a:0e:6a:a7:8f:c2:69:fa:86:a9:43:9f:55: c7:c9:38:50:21:00:07:0a:7c:eb:b6:4d:74:98:ef:9f:33:a6: f0:ec:be:ee:f5:1b:cf:26:41:f9:42:34:b2:c9:5d:82:09:e0: 6e:d6:bc:91:a1:c0:c7:7a:13:dc:34:ec:28:7f:71:ec:8e:22: 4e:7b:2b:8e:e7:9e:53:d1:22:bb:a1:36:43:bd:5f:c4:cc:50: ee:87:93:00:91:c9:f1:56:cc:83:22:11:32:8a:c6:a7:16:67: da:9c:a3:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav1oj+uHJ7h23lmPnkyVfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1 NTc1MTYwHhcNMjUxMjI2MTMwMDQ4WhcNMjUxMjI3MTMwMDQ4WjAzMTEwLwYDVQQD EyhhYzE2MDlhZWI4YTM5MGFhMTY2ZWVjODc1YzUwOGQ1OWNhZWMzYjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQMol0wmRdsSmPBButImCe+WU2Qw m2nQz1UegsWbcEGUZSMpr7RbHd+6JBBAVKT52vz60SF26jDd3IqzqfXXwrhhCp4H twtG0V3eBwGVssb3H8RnQ2d+o+1Zki5ZB7/an9na15KjxZ+3CARjkbwzAscARp0v CVuGn6oddmFJdfWPQTXaRjMbQyP0goqgCnByIILsS7vsVXIYdX8r4ZIgOCv9xYPF 6ei45LlYAsjB/nIeTLFq0bfolv44aEwM56U09pHqEiQj8bZgznfDviQoJojDQ/QM bJDOMMvdfCwmcXaNeXPFceeBqrt/zX9gtDt6SttuneR0DjdCFklmg997uwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKwWCa64o5CqFm7sh1xQjVnK7DsmMB8GA1UdIwQY MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt NDgyOGQ2NTEwNGUxLzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVMTdkNbB dm/fHJtRvpgdyIkfirwWyStqT1Mwb2G2OgNFxKXDNgo8uWV5dmex27B97gFFgy9e gMI0WGGnkgS3l8BISA2ERqW4wrJwg0xEtF/QO7UHLe0S6BM+B14n67A2wCpeM2th +s1LZtkXwoJ07J7zljY8o1BYE/dkw5vW7DcXkTsWx9lfvWnG01r5LI+qVZZe5WZq Dmqnj8Jp+oapQ59Vx8k4UCEABwp867ZNdJjvnzOm8Oy+7vUbzyZB+UI0ssldggng bta8kaHAx3oT3DTsKH9x7I4iTnsrjueeU9Eiu6E2Q71fxMxQ7oeTAJHJ8VbMgyIR MorGpxZn2pyjSw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:07:49 2025 by rpki-client