This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft File: sdLmgf8j3d89UXhY4cZKHa0phyk.mft (raw, json) Hash identifier: vvN0Mju6qyKxck8jqWQTtUmT/Y4qPMJZ6s8oZOumOls= Subject key identifier: 03:90:D5:35:A4:8F:81:79:18:A2:73:63:0D:FA:C8:9F:D2:A0:CC:A1 Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29 Certificate issuer: /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729 Certificate serial: 019AF31B1E63FC3DD548647DF0DD9EDF1983 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft Manifest number: 15AF Signing time: Sat 06 Dec 2025 10:00:31 +0000 Manifest this update: Sat 06 Dec 2025 10:00:31 +0000 Manifest next update: Sun 07 Dec 2025 10:00:31 +0000 Files and hashes: 1: hDoqXFR8UibPRuqFY2xn-m_-15I.roa (hash: qknu8HOpVZZ1hKraF3WMV/fgLgKt1U80KJN/d09ixdI=) 2: sdLmgf8j3d89UXhY4cZKHa0phyk.crl (hash: xGasuJofpUg312cOnTkRsMenbUFGUjkSCOsIHaP2kVQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:1e:63:fc:3d:d5:48:64:7d:f0:dd:9e:df:19:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729 Validity Not Before: Dec 6 10:00:31 2025 GMT Not After : Dec 7 10:00:31 2025 GMT Subject: CN=0390d535a48f817918a273630dfac89fd2a0cca1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:00:4f:5d:36:32:e9:8b:99:8d:a1:94:51:e0: 25:4a:82:9b:0c:2c:8b:ac:91:52:59:13:66:57:b7: 1b:ee:0e:6e:93:68:08:af:5e:3f:e9:6a:3e:50:4e: 8e:99:b4:44:6a:0b:09:d0:33:27:bd:9f:51:ff:f6: 17:88:30:da:58:a2:24:df:f5:d9:42:9c:90:8f:eb: 81:1b:bb:56:8d:10:54:a9:c9:c3:9a:59:63:fa:8b: 02:7e:0e:be:8a:32:55:9f:e1:34:e7:2c:49:75:77: 4f:33:05:16:b3:d3:2c:80:1f:3b:d5:1d:a6:eb:46: aa:86:cc:7b:ac:7c:aa:4e:86:b6:ec:80:68:e6:6a: 5d:94:eb:d0:97:ab:5d:e2:a7:ed:e2:0f:8c:e0:9a: 8e:87:c0:7f:36:7f:cc:03:f3:a9:d1:ac:fb:ae:a5: 3a:4a:48:5f:22:1a:43:32:6c:eb:9f:f9:2c:8c:d3: 38:d3:b3:02:19:7b:fd:2d:06:ed:20:6c:34:ca:8c: e2:f6:f6:fc:88:fc:7e:87:d6:98:66:d0:49:38:0d: 0b:a3:7b:b6:50:d2:3b:5c:c9:3c:3c:d2:b8:ae:5e: 91:1c:82:86:1b:78:a6:de:f2:3a:4b:4c:85:5c:bd: c6:33:b0:2f:7a:ff:0f:50:d8:d8:8b:dd:86:69:ad: c8:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:90:D5:35:A4:8F:81:79:18:A2:73:63:0D:FA:C8:9F:D2:A0:CC:A1 X509v3 Authority Key Identifier: keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:60:7e:8f:eb:98:7b:6f:81:ef:65:1b:6a:96:51:e5:ea:f8: 38:79:fe:ad:23:e3:0c:e7:51:0f:ba:ab:6b:2a:d2:86:71:6f: b4:e1:62:35:2f:d9:1a:db:49:b3:3a:71:4a:79:20:34:72:5a: 33:c6:d0:ae:c9:91:3d:7c:aa:fa:a6:f4:ea:ee:e1:40:d2:6a: 2c:f4:ba:96:27:fe:03:88:99:98:bd:92:58:16:35:e3:5f:ee: 23:86:c1:ad:e7:a5:37:ba:72:7e:ce:af:fb:d7:bb:e4:70:55: 5f:c5:99:e9:62:c1:08:bb:87:d6:73:4a:cd:b0:16:1c:b2:f3: b0:7f:80:ff:db:bc:6b:67:37:4e:4a:02:52:ad:78:e3:1d:b8: a0:68:86:96:aa:dd:f4:bd:a0:43:7e:fd:de:a5:64:d7:b1:4e: d2:c5:05:d7:68:6c:e7:fb:cb:95:5f:c4:2d:f7:99:18:48:53: 9f:d8:6f:cf:85:b7:74:60:48:05:9f:95:63:41:ee:d5:1d:fb: 3c:08:e1:95:82:e6:97:e8:fb:d6:a7:f6:a4:e9:b2:ae:97:6c: ed:fb:d3:2a:78:57:4e:b9:ac:08:25:68:69:6d:a2:d4:26:68: 69:da:c0:a3:cb:7a:b5:95:f8:b4:ad:d1:fa:83:15:3e:e3:e4: cc:f9:50:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGx5j/D3VSGR98N2e3xmDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy OTg3MjkwHhcNMjUxMjA2MTAwMDMxWhcNMjUxMjA3MTAwMDMxWjAzMTEwLwYDVQQD EygwMzkwZDUzNWE0OGY4MTc5MThhMjczNjMwZGZhYzg5ZmQyYTBjY2ExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ABPXTYy6YuZjaGUUeAlSoKbDCyL rJFSWRNmV7cb7g5uk2gIr14/6Wo+UE6OmbREagsJ0DMnvZ9R//YXiDDaWKIk3/XZ QpyQj+uBG7tWjRBUqcnDmllj+osCfg6+ijJVn+E05yxJdXdPMwUWs9MsgB871R2m 60aqhsx7rHyqToa27IBo5mpdlOvQl6td4qft4g+M4JqOh8B/Nn/MA/Op0az7rqU6 SkhfIhpDMmzrn/ksjNM407MCGXv9LQbtIGw0yozi9vb8iPx+h9aYZtBJOA0Lo3u2 UNI7XMk8PNK4rl6RHIKGG3im3vI6S0yFXL3GM7Avev8PUNjYi92Gaa3IhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAOQ1TWkj4F5GKJzYw36yJ/SoMyhMB8GA1UdIwQY MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct NWE4MzYwZGVhM2EzLzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARGB+j+uY e2+B72UbapZR5er4OHn+rSPjDOdRD7qrayrShnFvtOFiNS/ZGttJszpxSnkgNHJa M8bQrsmRPXyq+qb06u7hQNJqLPS6lif+A4iZmL2SWBY141/uI4bBreelN7pyfs6v +9e75HBVX8WZ6WLBCLuH1nNKzbAWHLLzsH+A/9u8a2c3TkoCUq144x24oGiGlqrd 9L2gQ3793qVk17FO0sUF12hs5/vLlV/ELfeZGEhTn9hvz4W3dGBIBZ+VY0Hu1R37 PAjhlYLml+j71qf2pOmyrpds7fvTKnhXTrmsCCVoaW2i1CZoadrAo8t6tZX4tK3R +oMVPuPkzPlQAg== -----END CERTIFICATE-----Generated at Sat Dec 6 17:34:01 2025 by rpki-client