This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/85b463-9870-4549-97de-3cabe94b4356/1/spAqmJWp6izi7CS799ryNABY5JQ.mft File: spAqmJWp6izi7CS799ryNABY5JQ.mft (raw, json) Hash identifier: UUBS9TYoV8+oJt5kUtJVsIrPW9iuQocotwBcgMI3hvo= Subject key identifier: 39:0C:68:07:34:B7:0B:9E:12:D3:C9:A0:3A:D7:5C:F3:EF:7B:43:9C Authority key identifier: B2:90:2A:98:95:A9:EA:2C:E2:EC:24:BB:F7:DA:F2:34:00:58:E4:94 Certificate issuer: /CN=b2902a9895a9ea2ce2ec24bbf7daf2340058e494 Certificate serial: 019B593EECFD33118DC3BBE01327F61251DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/spAqmJWp6izi7CS799ryNABY5JQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/85b463-9870-4549-97de-3cabe94b4356/1/spAqmJWp6izi7CS799ryNABY5JQ.mft Manifest number: 30 Signing time: Fri 26 Dec 2025 06:00:54 +0000 Manifest this update: Fri 26 Dec 2025 06:00:54 +0000 Manifest next update: Sat 27 Dec 2025 06:00:54 +0000 Files and hashes: 1: spAqmJWp6izi7CS799ryNABY5JQ.crl (hash: XYpypuKWPdCTt7mITSwSNmzWSwzsoQlJA05Xp3ECRdc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/85b463-9870-4549-97de-3cabe94b4356/1/spAqmJWp6izi7CS799ryNABY5JQ.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/85b463-9870-4549-97de-3cabe94b4356/1/spAqmJWp6izi7CS799ryNABY5JQ.mft rsync://rpki.ripe.net/repository/DEFAULT/spAqmJWp6izi7CS799ryNABY5JQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:3e:ec:fd:33:11:8d:c3:bb:e0:13:27:f6:12:51:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2902a9895a9ea2ce2ec24bbf7daf2340058e494 Validity Not Before: Dec 26 06:00:54 2025 GMT Not After : Dec 27 06:00:54 2025 GMT Subject: CN=390c680734b70b9e12d3c9a03ad75cf3ef7b439c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:ba:1f:77:bf:29:b1:f1:b1:5f:36:dc:b2:7c: 5c:ef:2b:02:23:e5:0a:ea:33:22:f2:68:1c:83:36: 79:0b:eb:13:26:ab:ab:8f:1f:c2:2b:99:09:2b:3c: 2e:30:4c:1b:a4:a3:29:bc:1d:13:a7:75:26:86:12: e6:e6:53:c7:36:76:1f:a8:cb:32:0c:c3:b9:27:af: fd:82:3b:f8:f1:6b:56:48:e9:da:f3:7b:db:93:0b: 2a:b3:4e:11:62:b8:71:83:39:04:85:5e:f7:59:96: d8:fb:2d:48:bb:9b:13:9f:42:99:bf:b5:b7:6f:77: 87:76:4b:58:eb:4f:64:10:f9:86:f8:97:ec:43:26: 2d:bd:14:69:06:64:fd:9a:be:80:f1:f0:c3:31:0c: c7:ae:16:b2:9a:d3:13:37:f2:a8:0e:51:89:54:a4: 0b:ba:14:9e:ca:d6:e7:72:72:53:9d:d8:99:28:25: 4f:8b:53:9c:42:e5:60:3f:20:04:5d:12:94:0f:ee: f2:ee:ec:2e:e0:b4:f7:b6:86:16:01:4a:85:59:c3: ca:7f:c1:40:a9:c8:40:38:b1:d9:6b:dd:8e:61:74: 3c:5a:3d:1e:22:a4:69:91:fe:e6:98:ca:c0:67:34: d1:2f:af:3d:e6:e9:c5:a5:0c:de:64:4f:82:02:dd: 78:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:0C:68:07:34:B7:0B:9E:12:D3:C9:A0:3A:D7:5C:F3:EF:7B:43:9C X509v3 Authority Key Identifier: keyid:B2:90:2A:98:95:A9:EA:2C:E2:EC:24:BB:F7:DA:F2:34:00:58:E4:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spAqmJWp6izi7CS799ryNABY5JQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/85b463-9870-4549-97de-3cabe94b4356/1/spAqmJWp6izi7CS799ryNABY5JQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/85b463-9870-4549-97de-3cabe94b4356/1/spAqmJWp6izi7CS799ryNABY5JQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:b6:45:79:53:9a:30:8b:08:15:eb:20:6c:0b:c0:9c:86:0f: 01:8e:46:15:1b:48:90:3d:29:6c:f4:40:54:e9:39:66:be:9d: 73:26:06:3b:d8:ff:09:bd:b9:f1:7c:cd:64:7c:d7:c9:aa:2b: e4:d6:bf:a1:1a:88:35:eb:76:75:4d:2c:70:3e:ec:89:04:3a: 5a:c3:9a:a7:23:ec:33:b8:c7:36:f6:a0:1d:98:6c:ae:4b:1e: 5e:f8:45:57:72:6c:df:46:29:60:47:d0:7e:eb:0e:05:ba:d1: ab:f5:4b:b6:72:5c:24:b8:94:87:33:84:29:fe:91:23:50:14: 8c:39:3e:e0:cb:04:aa:4a:e6:be:eb:b7:1c:b3:71:6e:5d:c9: 72:7a:e8:68:ee:44:0d:94:10:fd:27:48:bd:6d:d4:4c:b8:e3: 4d:1c:b1:3b:b8:71:d4:ae:f7:98:62:38:bd:c0:5a:29:dd:6a: ce:5b:f6:6a:43:d9:a3:ba:34:72:cf:2a:50:ab:c1:01:ee:5f: e0:ad:c9:35:83:01:e4:b2:54:76:a2:b4:3c:86:bb:1a:cb:24: f6:fc:5e:0c:fa:58:82:6e:ec:18:8a:7a:35:d2:f9:f6:f4:d8: ae:f6:de:13:50:a6:8b:90:f5:de:51:c1:df:98:e7:dd:b7:10: c9:dd:01:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZPuz9MxGNw7vgEyf2ElHaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyOTAyYTk4OTVhOWVhMmNlMmVjMjRiYmY3ZGFmMjM0MDA1 OGU0OTQwHhcNMjUxMjI2MDYwMDU0WhcNMjUxMjI3MDYwMDU0WjAzMTEwLwYDVQQD EygzOTBjNjgwNzM0YjcwYjllMTJkM2M5YTAzYWQ3NWNmM2VmN2I0MzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLofd78psfGxXzbcsnxc7ysCI+UK 6jMi8mgcgzZ5C+sTJqurjx/CK5kJKzwuMEwbpKMpvB0Tp3UmhhLm5lPHNnYfqMsy DMO5J6/9gjv48WtWSOna83vbkwsqs04RYrhxgzkEhV73WZbY+y1Iu5sTn0KZv7W3 b3eHdktY609kEPmG+JfsQyYtvRRpBmT9mr6A8fDDMQzHrhaymtMTN/KoDlGJVKQL uhSeytbncnJTndiZKCVPi1OcQuVgPyAEXRKUD+7y7uwu4LT3toYWAUqFWcPKf8FA qchAOLHZa92OYXQ8Wj0eIqRpkf7mmMrAZzTRL6895unFpQzeZE+CAt14TQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDkMaAc0twueEtPJoDrXXPPve0OcMB8GA1UdIwQY MBaAFLKQKpiVqeos4uwku/fa8jQAWOSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3BBcW1KV3A2aXppN0NTNzk5cnlOQUJZNUpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC84NWI0NjMtOTg3MC00NTQ5LTk3ZGUt M2NhYmU5NGI0MzU2LzEvc3BBcW1KV3A2aXppN0NTNzk5cnlOQUJZNUpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC84NWI0NjMtOTg3MC00NTQ5LTk3ZGUtM2NhYmU5NGI0MzU2 LzEvc3BBcW1KV3A2aXppN0NTNzk5cnlOQUJZNUpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIrZFeVOa MIsIFesgbAvAnIYPAY5GFRtIkD0pbPRAVOk5Zr6dcyYGO9j/Cb258XzNZHzXyaor 5Na/oRqINet2dU0scD7siQQ6WsOapyPsM7jHNvagHZhsrkseXvhFV3Js30YpYEfQ fusOBbrRq/VLtnJcJLiUhzOEKf6RI1AUjDk+4MsEqkrmvuu3HLNxbl3JcnroaO5E DZQQ/SdIvW3UTLjjTRyxO7hx1K73mGI4vcBaKd1qzlv2akPZo7o0cs8qUKvBAe5f 4K3JNYMB5LJUdqK0PIa7Gssk9vxeDPpYgm7sGIp6NdL59vTYrvbeE1Cmi5D13lHB 35jn3bcQyd0B1g== -----END CERTIFICATE-----Generated at Fri Dec 26 15:43:36 2025 by rpki-client