This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft File: ss0DX6sYpLeCYURWP2DniYpO8PE.mft (raw, json) Hash identifier: 3IMsDmVijYvcmTOBIHbeYyIoltihqf4FcJamQlPvve8= Subject key identifier: D8:21:7E:A2:D3:F1:0D:7D:E9:43:43:2B:62:D2:12:6C:44:CB:65:EC Authority key identifier: B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1 Certificate issuer: /CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1 Certificate serial: 019AF23FD8FF9CC4523373AD89C0185CA9BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft Manifest number: 127E Signing time: Sat 06 Dec 2025 06:01:01 +0000 Manifest this update: Sat 06 Dec 2025 06:01:01 +0000 Manifest next update: Sun 07 Dec 2025 06:01:01 +0000 Files and hashes: 1: 8ioI1P3WjfVGZeocJzXjV25zEAM.roa (hash: R5/GZ5yigab2BnvLmrfCDXR0klk9Au0FN2fkvOAY+V4=) 2: ss0DX6sYpLeCYURWP2DniYpO8PE.crl (hash: WHW2k/PFn1O+CPRZdN4+hWPFgv6BzGnlF3S5+mWQI48=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.crl rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:d8:ff:9c:c4:52:33:73:ad:89:c0:18:5c:a9:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1 Validity Not Before: Dec 6 06:01:01 2025 GMT Not After : Dec 7 06:01:01 2025 GMT Subject: CN=d8217ea2d3f10d7de943432b62d2126c44cb65ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c7:c7:ec:82:c8:32:a0:d4:c8:97:39:97:30: 27:c2:b3:ff:cd:fb:f4:dc:79:8a:f3:af:f1:4d:28: 2d:04:11:cd:13:3d:24:4e:a0:1a:81:2f:69:aa:6a: ed:c9:14:a3:dd:73:8c:43:79:89:45:b1:e3:6a:ea: ff:76:e2:15:28:72:32:3a:e9:ca:18:77:38:e7:50: 78:f7:9a:c4:6d:9e:58:57:e7:d4:26:c2:61:72:ac: bf:a0:cc:39:c7:a3:cd:b8:e5:8e:63:35:2c:0a:e0: cd:66:b5:75:f4:df:94:bf:cc:60:c9:30:82:b3:62: 13:7e:eb:d4:5a:fe:a1:7a:3a:1e:f3:5f:8e:b1:68: 01:3b:9a:73:f3:9e:3a:81:c9:92:77:40:91:f8:fc: 90:3e:50:42:a0:1c:69:2f:f9:4a:c5:74:be:e7:3b: 43:3a:38:fe:be:55:99:a4:34:0f:2c:28:74:91:5b: 85:d2:2e:e4:c8:92:2f:63:b1:6b:a1:43:79:7c:e7: 3c:ec:89:a1:d7:5a:2a:eb:1a:4a:3f:6b:51:42:eb: e8:a0:e6:45:cf:75:05:e7:be:58:2b:00:8a:de:c4: 28:3e:c2:e0:ea:99:76:b1:9e:dd:07:ff:79:c7:d7: e6:8a:a7:75:62:20:78:28:38:e3:e2:28:a5:49:bf: 6c:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:21:7E:A2:D3:F1:0D:7D:E9:43:43:2B:62:D2:12:6C:44:CB:65:EC X509v3 Authority Key Identifier: keyid:B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:b0:80:8f:78:51:d8:d0:aa:cd:66:4d:95:c2:18:08:a4:be: 0a:39:cd:23:37:d9:e3:de:70:ab:17:a0:03:aa:22:b7:38:6a: d7:c2:1d:5c:f5:98:f3:69:79:53:08:c8:67:10:08:a6:12:99: ae:6f:1a:ad:5e:de:32:6b:28:0a:e4:7c:91:80:12:39:7a:b5: 56:e7:3e:f4:93:07:f6:a2:d4:f6:eb:b8:ce:d8:15:96:2f:ee: 55:50:d9:b2:43:8a:c1:9d:ec:8b:0d:57:7d:6b:05:ee:ff:f0: 04:20:8b:f8:39:6e:43:d1:e3:a1:28:e5:a4:3f:be:15:1b:d8: 93:41:86:0f:d2:e1:a6:52:e7:0d:17:87:54:ad:60:ab:68:a7: 3d:5a:aa:55:b8:9a:7f:a3:f3:d8:62:24:07:42:b3:0a:f1:4e: 59:db:74:38:da:26:36:6b:5c:c2:e7:42:78:51:7a:59:bb:ff: 4b:67:30:1d:67:25:ad:58:78:dd:49:5e:f6:16:7f:37:4c:ff: a5:04:4d:8a:98:06:86:07:82:46:01:f9:c2:a7:50:f7:ac:b9: ab:50:6c:bd:39:4d:01:6e:99:d2:43:41:40:62:c5:14:f8:b4: 9a:b6:76:60:8c:ad:85:45:82:d2:b2:c7:e0:26:04:cb:4b:1f: fe:ef:e0:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP9j/nMRSM3OticAYXKm6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyY2QwMzVmYWIxOGE0Yjc4MjYxNDQ1NjNmNjBlNzg5OGE0 ZWYwZjEwHhcNMjUxMjA2MDYwMTAxWhcNMjUxMjA3MDYwMTAxWjAzMTEwLwYDVQQD EyhkODIxN2VhMmQzZjEwZDdkZTk0MzQzMmI2MmQyMTI2YzQ0Y2I2NWVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMfH7ILIMqDUyJc5lzAnwrP/zfv0 3HmK86/xTSgtBBHNEz0kTqAagS9pqmrtyRSj3XOMQ3mJRbHjaur/duIVKHIyOunK GHc451B495rEbZ5YV+fUJsJhcqy/oMw5x6PNuOWOYzUsCuDNZrV19N+Uv8xgyTCC s2ITfuvUWv6hejoe81+OsWgBO5pz8546gcmSd0CR+PyQPlBCoBxpL/lKxXS+5ztD Ojj+vlWZpDQPLCh0kVuF0i7kyJIvY7FroUN5fOc87Imh11oq6xpKP2tRQuvooOZF z3UF575YKwCK3sQoPsLg6pl2sZ7dB/95x9fmiqd1YiB4KDjj4iilSb9svwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNghfqLT8Q196UNDK2LSEmxEy2XsMB8GA1UdIwQY MBaAFLLNA1+rGKS3gmFEVj9g54mKTvDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMt ZDQ4NDUwNTIxZGQ5LzEvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMtZDQ4NDUwNTIxZGQ5 LzEvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjrCAj3hR 2NCqzWZNlcIYCKS+CjnNIzfZ495wqxegA6oitzhq18IdXPWY82l5UwjIZxAIphKZ rm8arV7eMmsoCuR8kYASOXq1Vuc+9JMH9qLU9uu4ztgVli/uVVDZskOKwZ3siw1X fWsF7v/wBCCL+DluQ9HjoSjlpD++FRvYk0GGD9LhplLnDReHVK1gq2inPVqqVbia f6Pz2GIkB0KzCvFOWdt0ONomNmtcwudCeFF6Wbv/S2cwHWclrVh43Ule9hZ/N0z/ pQRNipgGhgeCRgH5wqdQ96y5q1BsvTlNAW6Z0kNBQGLFFPi0mrZ2YIythUWC0rLH 4CYEy0sf/u/g5g== -----END CERTIFICATE-----Generated at Sat Dec 6 13:28:37 2025 by rpki-client