This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft File: s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json) Hash identifier: T6sUNW293gDL26QCBoMKBHArhdSQjXsH9U1KBucR4t0= Subject key identifier: 9B:B9:59:2E:E1:00:50:06:CA:DD:B5:47:4A:01:41:0B:CC:8F:CB:1A Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64 Certificate issuer: /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64 Certificate serial: 019B3720DB37584EE62FB0F1127D44CDD8E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft Manifest number: 0E2A Signing time: Fri 19 Dec 2025 15:00:58 +0000 Manifest this update: Fri 19 Dec 2025 15:00:58 +0000 Manifest next update: Sat 20 Dec 2025 15:00:58 +0000 Files and hashes: 1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: DaSN1+RDqbKDjmhast60VduvF4Q1oN7S3vyv6+uBUs0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:20:db:37:58:4e:e6:2f:b0:f1:12:7d:44:cd:d8:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64 Validity Not Before: Dec 19 15:00:58 2025 GMT Not After : Dec 20 15:00:58 2025 GMT Subject: CN=9bb9592ee1005006caddb5474a01410bcc8fcb1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c8:45:0e:44:e0:a7:ca:9e:e8:20:68:50:45: 71:a0:3f:c8:24:35:a7:62:82:bb:d2:7b:b1:57:a4: 31:b6:fc:8a:0d:10:00:16:8a:9d:a6:73:57:49:6c: 3b:3f:64:dd:1c:b8:39:36:4c:e3:d1:d9:9e:6c:c6: e6:97:99:b6:2d:f5:c0:ed:95:f2:e5:f5:dc:4b:e1: d8:28:0b:11:29:45:25:a7:c1:95:2a:b4:77:8f:fe: fa:73:fb:7d:b8:e0:4a:90:e0:24:bc:ca:c6:c3:d1: 91:89:1c:38:8a:ff:b0:89:87:66:5d:ac:85:49:fc: 04:98:fb:d2:ac:63:74:a4:93:c6:2c:97:f2:b7:1d: 72:6a:61:f5:30:b0:ea:d9:cb:cc:83:f1:89:83:36: f7:f4:5a:34:62:80:6b:7e:b1:76:76:af:21:7d:84: 67:bc:c0:e0:32:ee:bc:b6:63:0f:e2:0a:ae:3f:6f: 63:b9:3b:e8:f8:8b:dc:96:8e:b3:a2:ab:37:ef:99: f3:40:b7:f5:29:c2:92:95:c1:1e:fa:c7:21:9a:db: 06:ba:9b:b0:bf:58:06:fc:28:a3:b9:3c:9d:7a:92: 25:6f:f8:ca:a5:15:d9:16:e8:94:d3:b2:76:71:ea: c2:3e:7a:94:f4:92:2b:18:9f:c4:10:d5:0e:2e:20: 56:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:B9:59:2E:E1:00:50:06:CA:DD:B5:47:4A:01:41:0B:CC:8F:CB:1A X509v3 Authority Key Identifier: keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:72:7e:61:a1:bf:3e:e0:77:c7:f4:af:f4:35:df:42:b6:63: f9:c5:35:a2:b8:c5:b1:38:86:7c:96:09:1b:62:0c:17:40:55: f8:81:ab:5d:e7:31:98:07:8a:cc:07:5c:cd:37:0f:9e:08:e7: 4a:2e:32:bb:94:28:29:05:17:78:35:e0:75:2e:55:a6:27:1c: 80:28:31:b8:d0:22:da:17:0a:bb:20:1c:54:ae:78:90:14:30: 15:0f:4c:79:d7:6f:2d:2a:ef:16:62:9c:0c:9e:68:ce:63:a1: 2c:8f:ff:0e:65:f3:f7:f3:73:06:85:f0:7f:59:0c:07:24:73: c2:ec:60:ed:f8:7d:dc:2c:8e:7a:4b:65:fd:ed:ca:2b:c7:df: 90:ff:50:f4:f7:ad:c1:8d:e9:85:9e:61:ee:f9:69:41:b0:ca: 50:f7:07:f3:65:d3:8e:78:6b:30:f9:23:cc:7a:7a:04:6a:ba: af:68:d9:33:68:f8:fa:b8:8c:64:60:37:ab:b5:52:18:4f:24: 5c:e0:96:99:5c:f3:be:52:07:3f:b8:df:fa:d2:53:d6:00:02: 81:7f:b9:1a:32:c7:74:83:0e:c5:d1:65:8b:68:f1:16:6a:26: 41:69:77:cb:be:42:5c:fb:0a:88:1a:65:ae:d0:3f:67:60:19: 14:b5:ce:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3INs3WE7mL7DxEn1EzdjlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz YjJmNjQwHhcNMjUxMjE5MTUwMDU4WhcNMjUxMjIwMTUwMDU4WjAzMTEwLwYDVQQD Eyg5YmI5NTkyZWUxMDA1MDA2Y2FkZGI1NDc0YTAxNDEwYmNjOGZjYjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMhFDkTgp8qe6CBoUEVxoD/IJDWn YoK70nuxV6QxtvyKDRAAFoqdpnNXSWw7P2TdHLg5Nkzj0dmebMbml5m2LfXA7ZXy 5fXcS+HYKAsRKUUlp8GVKrR3j/76c/t9uOBKkOAkvMrGw9GRiRw4iv+wiYdmXayF SfwEmPvSrGN0pJPGLJfytx1yamH1MLDq2cvMg/GJgzb39Fo0YoBrfrF2dq8hfYRn vMDgMu68tmMP4gquP29juTvo+Ivclo6zoqs375nzQLf1KcKSlcEe+schmtsGupuw v1gG/CijuTydepIlb/jKpRXZFuiU07J2cerCPnqU9JIrGJ/EENUOLiBWpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJu5WS7hAFAGyt21R0oBQQvMj8saMB8GA1UdIwQY MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGHJ+YaG/ PuB3x/Sv9DXfQrZj+cU1orjFsTiGfJYJG2IMF0BV+IGrXecxmAeKzAdczTcPngjn Si4yu5QoKQUXeDXgdS5VpiccgCgxuNAi2hcKuyAcVK54kBQwFQ9MeddvLSrvFmKc DJ5ozmOhLI//DmXz9/NzBoXwf1kMByRzwuxg7fh93CyOektl/e3KK8ffkP9Q9Pet wY3phZ5h7vlpQbDKUPcH82XTjnhrMPkjzHp6BGq6r2jZM2j4+riMZGA3q7VSGE8k XOCWmVzzvlIHP7jf+tJT1gACgX+5GjLHdIMOxdFli2jxFmomQWl3y75CXPsKiBpl rtA/Z2AZFLXOiA== -----END CERTIFICATE-----Generated at Fri Dec 19 16:27:07 2025 by rpki-client