This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft File: sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json) Hash identifier: 7k+S8s/q7ZWXhZadwnbLGSmY/WlDGnca20T530aJ+qs= Subject key identifier: B0:52:1F:74:63:7C:01:AD:A1:18:D3:42:B2:87:37:55:D9:B7:ED:7B Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30 Certificate issuer: /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730 Certificate serial: 019B5B6454D19DDBD2099F1C7A99D28E033D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft Manifest number: 14AE Signing time: Fri 26 Dec 2025 16:01:00 +0000 Manifest this update: Fri 26 Dec 2025 16:01:00 +0000 Manifest next update: Sat 27 Dec 2025 16:01:00 +0000 Files and hashes: 1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: ko1qU7EiLmVGT9fakX+Ym+U45vTSM+/Af3yykyPUxtM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:64:54:d1:9d:db:d2:09:9f:1c:7a:99:d2:8e:03:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730 Validity Not Before: Dec 26 16:01:00 2025 GMT Not After : Dec 27 16:01:00 2025 GMT Subject: CN=b0521f74637c01ada118d342b2873755d9b7ed7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c6:85:0b:1b:98:27:d1:63:81:16:41:87:de: 7d:73:8b:48:60:36:8b:72:ac:67:75:b2:4b:ae:f0: fb:7b:46:0a:40:9b:30:88:87:ca:55:3c:43:46:94: 79:d7:54:b9:dd:6d:50:25:34:b5:5a:65:e3:77:5c: d3:eb:2d:9d:62:3f:1f:44:c2:ab:0b:fd:f2:a4:b7: 40:e8:01:33:bc:44:e4:61:d6:8b:96:d2:e9:fd:b3: d7:f5:fb:40:32:68:a0:3c:8e:58:46:11:0a:86:84: 79:c6:5c:23:aa:ed:a8:9d:9b:b1:81:6f:92:03:b1: 0e:53:21:85:f1:50:80:2c:20:c2:42:f9:a9:60:59: 10:52:46:fa:65:fb:7f:db:c4:c0:a4:6b:2c:e5:af: 8c:dd:17:70:a3:3d:eb:d4:29:26:a6:52:13:a1:ff: ec:73:79:2b:10:e6:ec:d6:97:0d:33:f5:74:4a:5f: 6d:d9:5f:50:71:42:54:f2:f6:0c:1e:3b:46:7a:8d: 28:e8:9f:eb:93:95:fc:ca:f0:eb:dc:03:9e:06:ba: 7f:7c:a2:48:1c:07:7f:d5:56:1b:5d:d4:88:05:cb: 13:eb:a6:60:68:ae:69:ee:38:14:54:0e:36:5b:50: 2f:b5:e8:d1:65:10:fc:9e:e2:69:ad:9d:9b:39:de: 29:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:52:1F:74:63:7C:01:AD:A1:18:D3:42:B2:87:37:55:D9:B7:ED:7B X509v3 Authority Key Identifier: keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:5e:ba:90:69:bd:e6:f1:1e:32:83:82:e2:34:f0:fd:d5:42: a4:df:ca:5b:07:63:a5:19:a7:ab:d3:ff:f6:c1:d6:07:77:b3: 5a:d2:35:b8:25:e5:5b:6f:aa:cc:c4:84:96:92:4a:67:3f:be: fe:a1:d3:6d:98:8a:3a:fa:1c:a4:11:f4:15:6e:f5:7f:c7:2d: 63:5e:94:a3:e3:4c:8d:82:0b:16:6d:29:e6:6c:b6:5b:51:5b: c8:9b:c4:cf:8a:e4:7c:06:58:d9:88:23:d1:e1:39:53:19:d4: 0e:35:5f:07:ef:37:18:22:8b:50:ac:93:50:b7:60:1a:93:87: db:a5:0f:9b:34:7a:4a:7a:f8:ae:85:74:c9:6b:e9:e7:22:3b: ca:af:d4:0c:4a:c8:bc:56:11:df:c1:94:c1:4c:c0:b8:19:f9: 48:d0:61:81:a8:f2:34:7c:3d:e0:f5:10:12:3c:bc:ea:70:54: e6:d8:12:6a:e9:1e:f6:88:07:3d:ba:06:07:4f:f0:36:63:7f: 11:54:62:98:cd:ab:86:ea:85:ce:74:f4:6c:44:2a:61:a9:3a: 92:85:78:a5:ff:4f:1c:9d:dc:13:3a:6a:0c:02:36:d1:0f:a1: 21:99:0a:b6:20:d7:b3:06:af:66:69:53:2e:51:15:a7:76:bf: 74:be:c3:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtbZFTRndvSCZ8cepnSjgM9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh MGI3MzAwHhcNMjUxMjI2MTYwMTAwWhcNMjUxMjI3MTYwMTAwWjAzMTEwLwYDVQQD EyhiMDUyMWY3NDYzN2MwMWFkYTExOGQzNDJiMjg3Mzc1NWQ5YjdlZDdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMaFCxuYJ9FjgRZBh959c4tIYDaL cqxndbJLrvD7e0YKQJswiIfKVTxDRpR511S53W1QJTS1WmXjd1zT6y2dYj8fRMKr C/3ypLdA6AEzvETkYdaLltLp/bPX9ftAMmigPI5YRhEKhoR5xlwjqu2onZuxgW+S A7EOUyGF8VCALCDCQvmpYFkQUkb6Zft/28TApGss5a+M3Rdwoz3r1CkmplITof/s c3krEObs1pcNM/V0Sl9t2V9QcUJU8vYMHjtGeo0o6J/rk5X8yvDr3AOeBrp/fKJI HAd/1VYbXdSIBcsT66ZgaK5p7jgUVA42W1AvtejRZRD8nuJprZ2bOd4p4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLBSH3RjfAGtoRjTQrKHN1XZt+17MB8GA1UdIwQY MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3 LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ166kGm9 5vEeMoOC4jTw/dVCpN/KWwdjpRmnq9P/9sHWB3ezWtI1uCXlW2+qzMSElpJKZz++ /qHTbZiKOvocpBH0FW71f8ctY16Uo+NMjYILFm0p5my2W1FbyJvEz4rkfAZY2Ygj 0eE5UxnUDjVfB+83GCKLUKyTULdgGpOH26UPmzR6Snr4roV0yWvp5yI7yq/UDErI vFYR38GUwUzAuBn5SNBhgajyNHw94PUQEjy86nBU5tgSauke9ogHPboGB0/wNmN/ EVRimM2rhuqFznT0bEQqYak6koV4pf9PHJ3cEzpqDAI20Q+hIZkKtiDXswavZmlT LlEVp3a/dL7D3A== -----END CERTIFICATE-----Generated at Fri Dec 26 17:43:32 2025 by rpki-client