This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft File: sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json) Hash identifier: qfXCPtJpxzNQKTIK2+wYD0KZqC5+/qcBZdHmKY551nQ= Subject key identifier: C5:5A:67:05:C2:FF:2B:CB:11:D3:CD:BB:7C:6A:46:F1:4D:CF:F1:D2 Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9 Certificate issuer: /CN=b13236c4d068931e0b44c98b290a8faa554a03b9 Certificate serial: 019B3532442DB31D57F5FA531D5643D3E197 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft Manifest number: 054B Signing time: Fri 19 Dec 2025 06:00:45 +0000 Manifest this update: Fri 19 Dec 2025 06:00:45 +0000 Manifest next update: Sat 20 Dec 2025 06:00:45 +0000 Files and hashes: 1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: G1mn7TktDqcGq7iMaid71DS8Md1sqy6q9iHgOR/c/j8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 06:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:32:44:2d:b3:1d:57:f5:fa:53:1d:56:43:d3:e1:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9 Validity Not Before: Dec 19 06:00:45 2025 GMT Not After : Dec 20 06:00:45 2025 GMT Subject: CN=c55a6705c2ff2bcb11d3cdbb7c6a46f14dcff1d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:d5:95:7b:03:74:c5:23:a7:b0:b3:f4:3a:71: f3:41:7e:75:18:66:18:89:b3:cd:59:45:3f:61:5e: 5a:01:3f:16:36:99:bd:33:67:33:2c:66:1f:b7:3d: 6c:21:0a:6e:8a:68:13:8e:45:6b:f9:bb:0d:d2:c9: f7:db:48:f9:36:f0:aa:d5:00:95:85:d8:d4:53:31: 86:d4:34:c5:35:4b:60:ea:d8:ba:43:f0:37:87:e5: 4f:1b:e0:05:a3:5c:99:28:f0:71:d4:39:c8:71:d6: 84:91:fc:28:d9:bc:e0:2b:8c:3d:3a:fd:49:e2:58: 09:07:35:bc:9d:ea:27:3f:e6:3c:fe:13:48:22:71: 14:26:bc:ec:fb:ab:57:94:49:2a:cb:8a:db:9d:a7: 78:de:4a:bf:43:23:e1:41:72:7a:46:b7:71:31:ea: b9:18:a9:e2:23:2a:e9:b1:8b:73:2d:34:6c:fa:d1: 08:10:bc:26:fd:9a:27:df:c9:b3:44:5d:36:b0:5e: 7e:1c:5e:80:10:d6:07:80:ef:33:27:29:06:29:35: 8b:a3:d9:64:b0:7b:0f:4b:a4:82:0f:cf:f5:a4:c1: 48:25:43:05:23:09:d3:c3:83:51:7c:e8:62:8f:58: 31:60:10:96:a1:58:cc:8f:84:77:7e:74:58:08:13: 0a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:5A:67:05:C2:FF:2B:CB:11:D3:CD:BB:7C:6A:46:F1:4D:CF:F1:D2 X509v3 Authority Key Identifier: keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:c3:78:6e:6e:7a:86:6f:e6:0b:2e:02:53:ac:80:c3:13:4b: 01:50:35:63:38:73:d4:b8:85:6f:53:8f:62:9a:cb:97:7f:3a: 7f:f0:1e:46:45:e4:13:48:4e:af:5f:87:b6:f0:70:36:96:fc: dd:e8:3e:f8:b6:66:12:8f:64:13:a1:92:d3:55:9c:dc:ee:f5: 6a:e4:07:f6:7b:97:e9:2e:e0:5e:a3:73:af:7a:11:9a:6b:6e: aa:49:0c:18:cd:19:f4:a5:ec:29:5a:6e:96:c9:7e:d7:9b:69: 6f:df:41:45:15:74:03:bb:6c:a3:43:98:a6:04:43:47:46:db: 4b:6b:4b:09:2e:33:20:69:5a:03:8d:83:ac:5d:d8:95:42:02: 96:58:e6:a7:66:8d:49:4c:8b:fb:07:5d:c3:85:5e:68:7d:5a: 25:08:84:33:56:b9:4a:d8:f5:47:6f:dc:bc:b0:7f:e8:53:21: 5e:22:9a:07:d3:14:c8:80:2a:80:6c:95:43:31:d7:09:31:ed: 30:bb:9d:f7:50:98:99:d6:96:99:d0:1f:96:5f:13:1a:f2:9d: 9b:6e:66:d9:67:15:b6:69:68:23:1a:20:1b:b8:cc:63:f5:f3: a8:95:c2:b5:90:c5:84:44:ad:e2:3c:f7:ad:55:16:5c:59:d6: c2:6e:7e:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1MkQtsx1X9fpTHVZD0+GXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0 YTAzYjkwHhcNMjUxMjE5MDYwMDQ1WhcNMjUxMjIwMDYwMDQ1WjAzMTEwLwYDVQQD EyhjNTVhNjcwNWMyZmYyYmNiMTFkM2NkYmI3YzZhNDZmMTRkY2ZmMWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09WVewN0xSOnsLP0OnHzQX51GGYY ibPNWUU/YV5aAT8WNpm9M2czLGYftz1sIQpuimgTjkVr+bsN0sn320j5NvCq1QCV hdjUUzGG1DTFNUtg6ti6Q/A3h+VPG+AFo1yZKPBx1DnIcdaEkfwo2bzgK4w9Ov1J 4lgJBzW8neonP+Y8/hNIInEUJrzs+6tXlEkqy4rbnad43kq/QyPhQXJ6RrdxMeq5 GKniIyrpsYtzLTRs+tEIELwm/Zon38mzRF02sF5+HF6AENYHgO8zJykGKTWLo9lk sHsPS6SCD8/1pMFIJUMFIwnTw4NRfOhij1gxYBCWoVjMj4R3fnRYCBMKvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMVaZwXC/yvLEdPNu3xqRvFNz/HSMB8GA1UdIwQY MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUcN4bm56 hm/mCy4CU6yAwxNLAVA1Yzhz1LiFb1OPYprLl386f/AeRkXkE0hOr1+HtvBwNpb8 3eg++LZmEo9kE6GS01Wc3O71auQH9nuX6S7gXqNzr3oRmmtuqkkMGM0Z9KXsKVpu lsl+15tpb99BRRV0A7tso0OYpgRDR0bbS2tLCS4zIGlaA42DrF3YlUIClljmp2aN SUyL+wddw4VeaH1aJQiEM1a5Stj1R2/cvLB/6FMhXiKaB9MUyIAqgGyVQzHXCTHt MLud91CYmdaWmdAfll8TGvKdm25m2WcVtmloIxogG7jMY/XzqJXCtZDFhESt4jz3 rVUWXFnWwm5+ZA== -----END CERTIFICATE-----Generated at Fri Dec 19 13:10:53 2025 by rpki-client