This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.mft File: stsr_PWdmcpwgzcI_TADLyP-9IU.mft (raw, json) Hash identifier: CxOvPhfkMOnEaDHKyMuaEFgMfcxNoC1v/r2rmrw8pE0= Subject key identifier: 33:5B:0F:A2:BF:8B:F9:79:D6:57:F1:8B:16:32:90:F1:37:46:2B:27 Authority key identifier: B2:DB:2B:FC:F5:9D:99:CA:70:83:37:08:FD:30:03:2F:23:FE:F4:85 Certificate issuer: /CN=b2db2bfcf59d99ca70833708fd30032f23fef485 Certificate serial: 019B202B5924A5B24F0AD2EF1EA642142F03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stsr_PWdmcpwgzcI_TADLyP-9IU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.mft Manifest number: 1745 Signing time: Mon 15 Dec 2025 04:01:10 +0000 Manifest this update: Mon 15 Dec 2025 04:01:10 +0000 Manifest next update: Tue 16 Dec 2025 04:01:10 +0000 Files and hashes: 1: 8OSq_me_piuY9aTEESBxQ_Nz1Zc.roa (hash: jli/f4rA8lzODNLo/sC1h2DAhvEwSPZMgYQGoXMtAvM=) 2: stsr_PWdmcpwgzcI_TADLyP-9IU.crl (hash: Nopre7KQzu3i7VvaFNxqrx82+Es0sc0acYjuLAf4mvA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.mft rsync://rpki.ripe.net/repository/DEFAULT/stsr_PWdmcpwgzcI_TADLyP-9IU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 04:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:2b:59:24:a5:b2:4f:0a:d2:ef:1e:a6:42:14:2f:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2db2bfcf59d99ca70833708fd30032f23fef485 Validity Not Before: Dec 15 04:01:10 2025 GMT Not After : Dec 16 04:01:10 2025 GMT Subject: CN=335b0fa2bf8bf979d657f18b163290f137462b27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d2:b7:c8:46:e2:9a:f2:67:05:30:bc:02:9b: 80:4e:4d:83:a4:62:2e:89:6d:bd:ae:e2:37:cd:ba: 75:86:1f:f8:97:16:7e:79:ae:4e:27:7f:8c:35:d4: 13:3a:51:ba:5c:4e:2f:d3:8f:60:0f:3d:53:7a:84: e1:c7:74:0e:de:ff:23:e7:4c:68:ed:73:d0:60:8a: d4:7b:64:a5:4d:df:5c:75:3f:22:7d:d5:48:02:d6: 76:58:d5:23:21:07:70:ed:79:b5:d4:a2:ba:dd:e5: 03:3f:1b:6f:84:88:92:80:55:fa:80:35:b5:ac:c1: 13:e4:0b:d1:98:5f:ba:82:62:49:1b:d7:59:86:df: 24:5a:91:b7:2f:8c:94:db:14:13:ed:c0:4d:2d:fe: c3:b9:c6:3d:2c:35:1f:03:88:10:0b:b3:1f:86:80: 24:c0:9c:30:00:42:ac:30:07:f4:8c:d8:2c:20:b7: f8:35:43:71:81:13:d2:a1:06:76:26:9c:cf:ba:6f: c9:6f:49:ef:2f:97:79:87:f7:f8:e3:b8:61:b7:9b: 1d:af:a5:7f:4f:5c:bb:f8:b0:b2:65:91:6b:d1:ac: 0e:d8:c4:43:cb:67:91:bc:a3:bd:d5:63:c1:25:96: 44:c3:b3:07:4e:4d:3d:4d:3d:fd:0b:5a:60:a2:9a: 6a:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:5B:0F:A2:BF:8B:F9:79:D6:57:F1:8B:16:32:90:F1:37:46:2B:27 X509v3 Authority Key Identifier: keyid:B2:DB:2B:FC:F5:9D:99:CA:70:83:37:08:FD:30:03:2F:23:FE:F4:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stsr_PWdmcpwgzcI_TADLyP-9IU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/39db6c-f23b-4c9b-9f79-734994c52c1f/1/stsr_PWdmcpwgzcI_TADLyP-9IU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:5a:39:f5:92:d2:f7:aa:39:34:d9:f3:f9:f9:d3:0c:ed:e4: 61:02:ec:fe:1a:03:f3:6e:7e:3d:e6:85:ab:08:f3:6c:2a:70: c9:9b:5b:2c:0a:e5:cd:7c:15:ce:a7:35:9c:06:db:9d:b9:0c: a2:a5:85:d0:a8:55:94:3d:68:74:78:e1:b6:87:95:23:33:d0: ae:21:f0:0f:37:30:f8:00:dd:30:69:a7:6e:97:1d:28:29:a4: 3c:8f:99:0e:23:4b:ee:41:bd:e8:ed:87:b1:c4:b3:14:67:fb: 5f:90:32:a0:45:00:39:73:86:2f:60:ca:7b:a9:94:f7:7b:1d: e8:4d:f0:9c:77:32:6e:3c:ef:ec:14:39:db:88:22:5e:b5:70: 5b:b5:6a:59:ff:b0:a1:98:e9:63:74:60:ec:bf:17:02:35:df: ec:90:39:e2:52:57:3d:83:39:f3:cc:ef:a3:b6:9e:23:1f:c8: ef:4a:bc:61:2b:ba:ed:2a:ca:de:5e:97:21:8c:79:61:45:ed: ef:83:fd:86:ec:b0:16:13:0a:00:fc:32:ab:c3:3c:31:e9:23: b9:84:ab:80:b0:f4:a3:0a:9e:ce:9d:9a:cc:22:dc:d8:26:6d: d0:78:66:5b:0b:33:a1:61:1c:f2:9e:a2:db:45:5c:a1:31:00: cc:f0:59:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgK1kkpbJPCtLvHqZCFC8DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyZGIyYmZjZjU5ZDk5Y2E3MDgzMzcwOGZkMzAwMzJmMjNm ZWY0ODUwHhcNMjUxMjE1MDQwMTEwWhcNMjUxMjE2MDQwMTEwWjAzMTEwLwYDVQQD EygzMzViMGZhMmJmOGJmOTc5ZDY1N2YxOGIxNjMyOTBmMTM3NDYyYjI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tK3yEbimvJnBTC8ApuATk2DpGIu iW29ruI3zbp1hh/4lxZ+ea5OJ3+MNdQTOlG6XE4v049gDz1TeoThx3QO3v8j50xo 7XPQYIrUe2SlTd9cdT8ifdVIAtZ2WNUjIQdw7Xm11KK63eUDPxtvhIiSgFX6gDW1 rMET5AvRmF+6gmJJG9dZht8kWpG3L4yU2xQT7cBNLf7DucY9LDUfA4gQC7MfhoAk wJwwAEKsMAf0jNgsILf4NUNxgRPSoQZ2JpzPum/Jb0nvL5d5h/f447hht5sdr6V/ T1y7+LCyZZFr0awO2MRDy2eRvKO91WPBJZZEw7MHTk09TT39C1pgoppqMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDNbD6K/i/l51lfxixYykPE3RisnMB8GA1UdIwQY MBaAFLLbK/z1nZnKcIM3CP0wAy8j/vSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3Rzcl9QV2RtY3B3Z3pjSV9UQURMeVAtOUlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zOWRiNmMtZjIzYi00YzliLTlmNzkt NzM0OTk0YzUyYzFmLzEvc3Rzcl9QV2RtY3B3Z3pjSV9UQURMeVAtOUlVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC8zOWRiNmMtZjIzYi00YzliLTlmNzktNzM0OTk0YzUyYzFm LzEvc3Rzcl9QV2RtY3B3Z3pjSV9UQURMeVAtOUlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYFo59ZLS 96o5NNnz+fnTDO3kYQLs/hoD825+PeaFqwjzbCpwyZtbLArlzXwVzqc1nAbbnbkM oqWF0KhVlD1odHjhtoeVIzPQriHwDzcw+ADdMGmnbpcdKCmkPI+ZDiNL7kG96O2H scSzFGf7X5AyoEUAOXOGL2DKe6mU93sd6E3wnHcybjzv7BQ524giXrVwW7VqWf+w oZjpY3Rg7L8XAjXf7JA54lJXPYM588zvo7aeIx/I70q8YSu67SrK3l6XIYx5YUXt 74P9huywFhMKAPwyq8M8MekjuYSrgLD0owqezp2azCLc2CZt0HhmWwszoWEc8p6i 20VcoTEAzPBZhA== -----END CERTIFICATE-----Generated at Mon Dec 15 12:00:19 2025 by rpki-client