This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft File: EsShfSBma32NKx_-GKRoevkmIY8.mft (raw, json) Hash identifier: 5MEem/kfbHsdgaDddCoEfk04dhFEclcD5a9lUE/Xlwc= Subject key identifier: 1A:76:57:2B:EA:75:0D:B4:D6:33:C7:4A:0F:CC:EC:EF:8C:0C:F0:B4 Authority key identifier: 12:C4:A1:7D:20:66:6B:7D:8D:2B:1F:FE:18:A4:68:7A:F9:26:21:8F Certificate issuer: /CN=12c4a17d20666b7d8d2b1ffe18a4687af926218f Certificate serial: 019B3644F4806100AD99FAF09B0A744FAB63 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft Manifest number: 1784 Signing time: Fri 19 Dec 2025 11:00:47 +0000 Manifest this update: Fri 19 Dec 2025 11:00:47 +0000 Manifest next update: Sat 20 Dec 2025 11:00:47 +0000 Files and hashes: 1: EsShfSBma32NKx_-GKRoevkmIY8.crl (hash: qkN+zGocqL8FNL4gjaZ3zXEkSuLd6puPt3ik7pWP13s=) 2: nfi8L76Q0CcXdXMuyopjIwMNN1s.roa (hash: yyBzF5vSH0UZ1Eb70mzyyMArzuUjMy9cXtif0oEgNm8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:44:f4:80:61:00:ad:99:fa:f0:9b:0a:74:4f:ab:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=12c4a17d20666b7d8d2b1ffe18a4687af926218f Validity Not Before: Dec 19 11:00:47 2025 GMT Not After : Dec 20 11:00:47 2025 GMT Subject: CN=1a76572bea750db4d633c74a0fccecef8c0cf0b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:c5:16:33:07:e0:fc:37:2f:1f:cb:e8:25:d2: dc:68:3c:d2:4e:27:77:39:3b:c2:ae:37:31:93:df: 40:64:89:05:ea:74:f2:d9:08:b7:29:77:94:52:d9: 85:66:7c:f7:49:48:b2:2e:ea:36:dd:3e:cf:4f:6a: 10:cb:fe:04:f5:0c:09:7e:c0:06:ff:22:95:a0:34: c2:e4:c9:d0:a6:07:76:43:22:67:43:d6:28:0a:b8: 39:f1:fa:02:24:45:1d:46:86:0c:7f:6e:ba:5a:a7: 36:09:3d:3c:9e:ab:cb:f0:cc:3b:e4:20:55:7f:1f: d1:c0:d0:22:e4:1e:ba:7a:db:f8:99:da:74:06:8d: e3:28:bb:89:cc:4e:a0:5b:a7:bb:2b:be:d3:98:77: 7d:eb:07:3e:4a:5d:c8:04:40:58:49:78:24:49:5b: dc:10:9d:f5:19:28:bd:3d:44:21:f7:5f:15:9f:4e: 16:da:02:ff:59:ea:9c:78:a9:95:44:19:c1:28:27: be:69:28:11:9c:ff:e1:f6:bb:e1:20:c0:dc:b6:76: 8f:51:60:8b:b5:b9:09:94:ca:05:b8:7f:e9:f6:3c: 87:47:12:5a:ad:11:f4:5d:c7:8b:26:23:d8:3d:fe: 20:24:19:f1:86:28:a9:39:55:d8:82:8a:05:38:e6: 6e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:76:57:2B:EA:75:0D:B4:D6:33:C7:4A:0F:CC:EC:EF:8C:0C:F0:B4 X509v3 Authority Key Identifier: keyid:12:C4:A1:7D:20:66:6B:7D:8D:2B:1F:FE:18:A4:68:7A:F9:26:21:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:f5:f7:65:e4:47:91:14:5c:ed:0c:13:13:b1:e2:a7:76:1a: b5:4c:72:99:84:27:de:70:ba:7f:72:97:0b:65:5f:e9:39:be: 2b:a0:44:30:b0:b9:06:c8:b1:44:f2:26:d9:b5:21:31:07:7e: 87:14:92:c9:ca:ed:f4:6a:e9:84:f3:ad:f4:b3:95:90:4f:4d: b4:d9:ad:dd:a7:c0:3e:09:8d:60:d2:17:48:3a:63:d6:e7:87: d9:22:bb:02:ab:5f:4d:e3:c9:3b:ae:1c:a6:4f:2c:0e:9b:81: bb:86:0c:6e:5a:4a:97:33:09:23:05:f6:ac:ca:1f:bb:2d:9e: fa:4d:49:a5:e8:07:0b:fd:b8:c0:5a:b9:f4:e0:1d:af:21:fe: 19:5a:80:9c:a1:bd:53:1a:d4:d6:64:d0:19:3e:6f:85:45:57: ba:22:08:56:a5:b5:2c:24:50:77:c4:bf:23:d1:35:1e:c4:67: 12:4c:de:9d:0e:b0:b5:60:71:b6:8d:4c:da:d1:dc:16:7f:9d: 59:fd:87:6d:24:02:5f:30:78:20:78:c0:b7:e8:f9:57:c5:76: 53:bb:93:15:a2:c2:8e:91:6e:12:e3:1d:a3:de:36:a6:d6:c3: 96:92:a2:9e:31:ac:12:a6:74:17:22:53:7d:59:70:f6:33:90: 55:39:3d:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2RPSAYQCtmfrwmwp0T6tjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyYzRhMTdkMjA2NjZiN2Q4ZDJiMWZmZTE4YTQ2ODdhZjky NjIxOGYwHhcNMjUxMjE5MTEwMDQ3WhcNMjUxMjIwMTEwMDQ3WjAzMTEwLwYDVQQD EygxYTc2NTcyYmVhNzUwZGI0ZDYzM2M3NGEwZmNjZWNlZjhjMGNmMGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8UWMwfg/DcvH8voJdLcaDzSTid3 OTvCrjcxk99AZIkF6nTy2Qi3KXeUUtmFZnz3SUiyLuo23T7PT2oQy/4E9QwJfsAG /yKVoDTC5MnQpgd2QyJnQ9YoCrg58foCJEUdRoYMf266Wqc2CT08nqvL8Mw75CBV fx/RwNAi5B66etv4mdp0Bo3jKLuJzE6gW6e7K77TmHd96wc+Sl3IBEBYSXgkSVvc EJ31GSi9PUQh918Vn04W2gL/WeqceKmVRBnBKCe+aSgRnP/h9rvhIMDctnaPUWCL tbkJlMoFuH/p9jyHRxJarRH0XceLJiPYPf4gJBnxhiipOVXYgooFOOZutwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBp2VyvqdQ201jPHSg/M7O+MDPC0MB8GA1UdIwQY MBaAFBLEoX0gZmt9jSsf/hikaHr5JiGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS84MzExODEtYjBiMy00YjJlLTg4ZGMt NDlhOTZhODIyMTRlLzEvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS84MzExODEtYjBiMy00YjJlLTg4ZGMtNDlhOTZhODIyMTRl LzEvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACfX3ZeRH kRRc7QwTE7Hip3YatUxymYQn3nC6f3KXC2Vf6Tm+K6BEMLC5BsixRPIm2bUhMQd+ hxSSycrt9GrphPOt9LOVkE9NtNmt3afAPgmNYNIXSDpj1ueH2SK7AqtfTePJO64c pk8sDpuBu4YMblpKlzMJIwX2rMofuy2e+k1JpegHC/24wFq59OAdryH+GVqAnKG9 UxrU1mTQGT5vhUVXuiIIVqW1LCRQd8S/I9E1HsRnEkzenQ6wtWBxto1M2tHcFn+d Wf2HbSQCXzB4IHjAt+j5V8V2U7uTFaLCjpFuEuMdo942ptbDlpKinjGsEqZ0FyJT fVlw9jOQVTk9Tw== -----END CERTIFICATE-----Generated at Fri Dec 19 13:13:20 2025 by rpki-client