This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json) Hash identifier: 5+jBhChl2zU1RhLo8406/TShijI8sK5Up8F/ogkCbOk= Subject key identifier: BE:24:94:DD:67:7D:BB:48:96:85:FF:12:C9:AA:3D:C8:B5:B4:E9:2A Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3 Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3 Certificate serial: 019AF57812FE19461993D03BABBCA7F23C12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft Manifest number: 11B2 Signing time: Sat 06 Dec 2025 21:01:18 +0000 Manifest this update: Sat 06 Dec 2025 21:01:18 +0000 Manifest next update: Sun 07 Dec 2025 21:01:18 +0000 Files and hashes: 1: U8GRHKScYdSNdnB2mr1xryjNCyA.roa (hash: gCSVLFeQA2Qb3RyGGtdWNAIaM4Y9u0sDXVDglP6HH5k=) 2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: m6W0+0J80wbTB9OkLWP0LdrhL+0YtXGJhryI0P71Sj4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:12:fe:19:46:19:93:d0:3b:ab:bc:a7:f2:3c:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3 Validity Not Before: Dec 6 21:01:18 2025 GMT Not After : Dec 7 21:01:18 2025 GMT Subject: CN=be2494dd677dbb489685ff12c9aa3dc8b5b4e92a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:bc:87:be:8b:a9:6d:67:2d:25:a6:60:9f:39: bc:41:ca:e7:92:f3:c9:51:b5:fc:6f:95:4e:5f:68: a7:ae:b8:05:64:b1:15:7c:4e:f8:6e:e7:8a:75:8c: 30:47:90:34:01:42:91:63:97:49:8a:4b:ae:55:5c: 78:a8:12:de:af:dd:a8:36:ce:c3:ce:9d:98:7e:5b: eb:99:62:c1:ef:aa:41:98:f5:ec:7e:b5:c9:dd:28: 8a:60:e8:2f:f3:b4:7f:0a:8e:7e:60:aa:97:c0:62: f5:ee:2e:4b:27:9f:de:b7:3c:75:0f:59:86:f1:1c: e7:67:c8:1e:fe:ab:ef:9a:a1:53:ec:bf:3a:59:b4: 4b:a2:d3:1c:c3:a0:75:7d:33:46:86:ce:da:cd:5a: fb:54:54:b6:17:ea:08:ff:27:2b:df:6a:be:60:65: cf:a4:00:0c:4a:bc:bf:ad:fe:c0:9f:eb:67:39:b5: 83:0b:78:49:f9:9d:74:45:00:33:e3:57:17:d3:a0: 73:d4:23:be:21:0f:ac:bc:82:06:f6:e0:ed:87:56: 05:81:7b:7e:0c:40:4a:fc:6b:3b:3f:2f:97:3b:c1: b6:af:0a:e0:84:20:ad:cd:ca:fc:b7:cb:a8:e8:61: 30:b3:99:9a:bb:03:c7:d4:0e:a9:e0:09:a8:e4:b6: bd:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:24:94:DD:67:7D:BB:48:96:85:FF:12:C9:AA:3D:C8:B5:B4:E9:2A X509v3 Authority Key Identifier: keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ca:5a:ad:d5:c4:63:79:00:14:7c:67:45:30:f8:a6:11:33:fa: 1d:02:e4:3f:f1:3d:ba:e5:93:61:88:e4:c5:91:2a:f7:c0:59: cc:c6:b9:bc:7a:3c:62:29:2b:ed:c7:61:a7:40:75:5b:ea:df: 17:01:3f:84:bb:2f:e2:f9:9f:02:1f:5d:9a:a6:c6:90:a2:2d: 75:b0:5d:71:94:e6:55:59:94:9c:9c:d8:0d:e5:b9:22:79:2b: f5:9a:42:11:62:89:96:1a:52:cb:4a:45:d4:ea:42:6a:1b:de: ec:b2:bf:4e:0c:f6:1c:d4:5a:be:66:e8:ce:bf:cd:6e:d7:68: 2b:3d:ef:50:5b:c1:3e:97:f9:a2:63:ac:11:37:b3:6e:a7:44: e4:16:6a:34:6b:d8:20:72:20:cb:80:cf:dd:cf:4c:73:c0:f2: db:9f:4a:cb:50:57:aa:4e:93:f9:73:71:8c:c0:b2:aa:d4:0d: 50:d4:1f:99:e0:ef:1d:ea:28:5c:b1:8f:b6:96:0d:bd:ab:07: 49:6d:b7:d6:66:15:ae:4a:eb:fb:21:9a:c6:ca:27:bd:e5:41: 36:87:1c:74:aa:e1:5e:6e:4d:87:bb:dc:e9:da:ee:65:c1:71: be:19:ab:d2:84:5e:e4:7e:4f:2c:38:25:af:8e:86:54:c9:90: 2b:01:b4:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eBL+GUYZk9A7q7yn8jwSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0 NTI0ZjMwHhcNMjUxMjA2MjEwMTE4WhcNMjUxMjA3MjEwMTE4WjAzMTEwLwYDVQQD EyhiZTI0OTRkZDY3N2RiYjQ4OTY4NWZmMTJjOWFhM2RjOGI1YjRlOTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvryHvoupbWctJaZgnzm8QcrnkvPJ UbX8b5VOX2inrrgFZLEVfE74bueKdYwwR5A0AUKRY5dJikuuVVx4qBLer92oNs7D zp2YflvrmWLB76pBmPXsfrXJ3SiKYOgv87R/Co5+YKqXwGL17i5LJ5/etzx1D1mG 8RznZ8ge/qvvmqFT7L86WbRLotMcw6B1fTNGhs7azVr7VFS2F+oI/ycr32q+YGXP pAAMSry/rf7An+tnObWDC3hJ+Z10RQAz41cX06Bz1CO+IQ+svIIG9uDth1YFgXt+ DEBK/Gs7Py+XO8G2rwrghCCtzcr8t8uo6GEws5mauwPH1A6p4Amo5La9qwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL4klN1nfbtIloX/EsmqPci1tOkqMB8GA1UdIwQY MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAylqt1cRj eQAUfGdFMPimETP6HQLkP/E9uuWTYYjkxZEq98BZzMa5vHo8Yikr7cdhp0B1W+rf FwE/hLsv4vmfAh9dmqbGkKItdbBdcZTmVVmUnJzYDeW5Inkr9ZpCEWKJlhpSy0pF 1OpCahve7LK/Tgz2HNRavmbozr/NbtdoKz3vUFvBPpf5omOsETezbqdE5BZqNGvY IHIgy4DP3c9Mc8Dy259Ky1BXqk6T+XNxjMCyqtQNUNQfmeDvHeooXLGPtpYNvasH SW231mYVrkrr+yGaxsonveVBNoccdKrhXm5Nh7vc6druZcFxvhmr0oRe5H5PLDgl r46GVMmQKwG0og== -----END CERTIFICATE-----Generated at Sun Dec 7 04:14:14 2025 by rpki-client