This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json) Hash identifier: R+J/1qnRQuUkXeedZqE+fkYS0gjv+mhJrib/0ka2n3A= Subject key identifier: DB:7E:F1:2F:AB:E0:30:0B:45:7A:F2:FB:C7:69:5E:04:11:09:13:FB Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Certificate serial: 019B59E38CE22C08C5449D172E6DCF82F3A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft Manifest number: 07DA Signing time: Fri 26 Dec 2025 09:00:43 +0000 Manifest this update: Fri 26 Dec 2025 09:00:43 +0000 Manifest next update: Sat 27 Dec 2025 09:00:43 +0000 Files and hashes: 1: 1-zGyc8-sNFoNd9jrRwy0ohv-lr8.roa (hash: X6damPmptp3XphV2HfGbEnZgUQ5Ok8UVDdDjwWdsAA0=) 2: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: SXHxmRQdnWih9mOH0XtbmqxtZjPcz5Hvq0KCu0qgIeE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:8c:e2:2c:08:c5:44:9d:17:2e:6d:cf:82:f3:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa Validity Not Before: Dec 26 09:00:43 2025 GMT Not After : Dec 27 09:00:43 2025 GMT Subject: CN=db7ef12fabe0300b457af2fbc7695e04110913fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:78:80:8e:78:d4:cd:65:ec:25:ac:b5:81:c0: d9:c9:67:89:1b:ff:1c:23:ba:8a:48:42:82:bb:c4: f6:54:ec:4c:2b:d3:9d:b3:27:5d:73:a4:92:30:05: b5:00:76:31:8d:d1:39:bc:d9:c3:e5:b4:fc:ee:0e: 64:4b:dc:5e:8d:6a:a2:2a:4f:b7:2f:48:47:53:54: 39:ea:ad:3e:c8:2a:c4:92:d0:61:67:f1:36:43:3a: 01:2b:9d:e9:60:eb:db:36:17:c6:72:18:c1:34:73: bd:45:52:3c:3a:a4:b5:6e:02:a6:df:34:94:22:b0: 22:93:5a:8f:01:c7:f5:c3:57:fd:43:a1:6a:e3:fd: c8:39:cb:3f:e6:06:17:54:4f:f9:61:16:cd:e4:9c: cb:37:2b:17:65:94:6a:e6:c3:70:09:18:28:0a:ca: a5:3a:dd:2f:14:16:13:a0:62:3b:45:d6:14:90:a4: f3:66:ba:a6:12:91:5f:10:80:bd:d6:53:f5:ab:aa: 80:a5:14:b9:08:07:80:ec:39:80:63:26:7b:5c:68: e7:e1:29:2c:4a:25:12:a2:8f:92:ad:f4:2d:d6:99: a7:3b:39:bc:42:91:9b:5f:69:76:f3:ea:83:a8:45: 01:a0:bc:b5:fe:29:73:a0:57:66:3f:12:0b:a6:73: 34:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:7E:F1:2F:AB:E0:30:0B:45:7A:F2:FB:C7:69:5E:04:11:09:13:FB X509v3 Authority Key Identifier: keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:88:9f:50:5d:df:88:b3:9a:a0:b6:62:7f:e7:28:30:d7:51: 1e:cc:f5:8c:4b:e7:7b:4f:9c:9a:71:7d:72:39:c7:da:63:70: c1:0c:ef:bf:e9:c3:3e:14:cc:4c:c2:ad:63:a8:f7:15:c3:5a: 1e:8f:89:f3:1e:24:5b:8c:b4:e7:1d:07:d1:15:cc:0d:4a:85: 73:7f:6e:bd:33:e5:ae:53:55:02:a6:95:e8:95:31:ce:8b:96: a9:c2:da:c9:80:d7:61:6e:5a:20:05:ab:54:25:19:39:9f:ce: f9:31:02:54:9b:db:11:06:90:ac:a6:24:a4:85:b3:f1:de:4f: 9f:87:3b:06:cc:00:43:02:b6:8c:88:df:40:e7:b5:0a:f3:a5: b0:7f:87:4a:a0:1b:7d:44:3b:dd:42:be:4d:7b:e9:7a:5c:7f: 89:b7:f9:53:95:1a:2e:8e:a4:2f:0d:df:b3:98:42:17:8d:2f: a6:17:9e:a8:70:26:ea:59:39:7f:99:4b:55:31:38:c7:62:60: 0e:75:29:47:5f:6e:07:2b:ca:ca:29:3e:6e:50:0e:51:7d:49: 8c:62:ee:36:8f:d7:74:0f:0c:5d:19:89:3e:74:df:57:d2:8d: 9f:7d:0a:56:67:12:6d:cb:3e:ec:1d:2d:42:43:6c:10:a7:62: 89:2e:06:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ44ziLAjFRJ0XLm3PgvOhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk MmI5YWEwHhcNMjUxMjI2MDkwMDQzWhcNMjUxMjI3MDkwMDQzWjAzMTEwLwYDVQQD EyhkYjdlZjEyZmFiZTAzMDBiNDU3YWYyZmJjNzY5NWUwNDExMDkxM2ZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XiAjnjUzWXsJay1gcDZyWeJG/8c I7qKSEKCu8T2VOxMK9Odsyddc6SSMAW1AHYxjdE5vNnD5bT87g5kS9xejWqiKk+3 L0hHU1Q56q0+yCrEktBhZ/E2QzoBK53pYOvbNhfGchjBNHO9RVI8OqS1bgKm3zSU IrAik1qPAcf1w1f9Q6Fq4/3IOcs/5gYXVE/5YRbN5JzLNysXZZRq5sNwCRgoCsql Ot0vFBYToGI7RdYUkKTzZrqmEpFfEIC91lP1q6qApRS5CAeA7DmAYyZ7XGjn4Sks SiUSoo+SrfQt1pmnOzm8QpGbX2l28+qDqEUBoLy1/ilzoFdmPxILpnM0jwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNt+8S+r4DALRXry+8dpXgQRCRP7MB8GA1UdIwQY MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4 LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYYifUF3f iLOaoLZif+coMNdRHsz1jEvne0+cmnF9cjnH2mNwwQzvv+nDPhTMTMKtY6j3FcNa Ho+J8x4kW4y05x0H0RXMDUqFc39uvTPlrlNVAqaV6JUxzouWqcLayYDXYW5aIAWr VCUZOZ/O+TECVJvbEQaQrKYkpIWz8d5Pn4c7BswAQwK2jIjfQOe1CvOlsH+HSqAb fUQ73UK+TXvpelx/ibf5U5UaLo6kLw3fs5hCF40vpheeqHAm6lk5f5lLVTE4x2Jg DnUpR19uByvKyik+blAOUX1JjGLuNo/XdA8MXRmJPnTfV9KNn30KVmcSbcs+7B0t QkNsEKdiiS4GGg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:04 2025 by rpki-client