This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft File: sd-OADfxroL3viI1rmEsQBD2_pE.mft (raw, json) Hash identifier: 7tOdzQkvsCoku1wlgJg4eyrfOiVRfZmMQLdWNLD/bLE= Subject key identifier: 64:02:72:85:52:96:87:8C:31:E7:DD:2B:C9:D3:FD:07:FE:14:17:03 Authority key identifier: B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91 Certificate issuer: /CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91 Certificate serial: 019AF209A338D9AEA2CC3DB98BDDF9E6E6A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft Manifest number: 0277 Signing time: Sat 06 Dec 2025 05:01:49 +0000 Manifest this update: Sat 06 Dec 2025 05:01:49 +0000 Manifest next update: Sun 07 Dec 2025 05:01:49 +0000 Files and hashes: 1: GdRMKH6WdmmVubPmURRtVnS8GV8.roa (hash: gQYTKVfews/6lfRAQlloM0LgEpj91iqOXwXozcwIpNc=) 2: sd-OADfxroL3viI1rmEsQBD2_pE.crl (hash: aJXA+x1trR9Ht0feGN35vP52pmhUK8cgpa/QMobjRS4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:a3:38:d9:ae:a2:cc:3d:b9:8b:dd:f9:e6:e6:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91 Validity Not Before: Dec 6 05:01:49 2025 GMT Not After : Dec 7 05:01:49 2025 GMT Subject: CN=640272855296878c31e7dd2bc9d3fd07fe141703 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:61:5b:4f:29:50:dd:00:96:00:f8:50:0f:61: e3:82:4b:0d:ce:81:d0:69:7f:29:65:56:61:fb:b1: 8b:03:35:4c:69:0a:3d:82:b3:0d:5f:6a:ae:e7:ac: ad:23:72:f8:cb:91:ee:d7:14:3c:ed:d6:ea:eb:8c: a6:8f:5d:c8:94:13:5b:94:01:4b:60:cb:1e:11:02: 42:07:f9:79:ca:6c:fb:f9:2f:8b:cf:27:29:b5:44: ce:0c:0e:ba:7e:e3:67:89:c8:6a:96:38:e4:81:e1: 95:1d:4d:48:09:a3:45:6a:b7:cd:74:04:3e:a5:29: ea:0a:e2:7b:22:25:dc:50:a5:42:00:a3:22:57:d4: 85:21:b2:6a:05:1f:05:4a:8c:8a:7f:74:b4:74:d9: 42:68:3f:a3:d5:86:cc:0a:78:df:e4:e0:9d:0f:58: 6e:4c:97:54:c4:d0:36:b0:41:4c:e6:9c:a0:3c:7e: ee:7e:03:ab:5a:ef:78:8d:fa:eb:74:13:c7:1f:90: ad:ae:7e:9d:65:d1:ee:c5:78:63:1c:58:b1:47:67: eb:a5:28:17:10:06:0a:ab:3f:61:62:be:af:da:80: 0b:57:d7:68:79:19:03:e6:33:0f:fb:43:df:0b:0f: 1f:cc:0d:a0:77:0a:38:a9:28:c1:a3:b5:8a:58:ae: f1:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:02:72:85:52:96:87:8C:31:E7:DD:2B:C9:D3:FD:07:FE:14:17:03 X509v3 Authority Key Identifier: keyid:B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:a0:53:e0:27:8f:9e:bf:9a:cf:3f:84:a5:77:ee:be:27:88: e2:21:6c:dd:5e:c7:b3:5f:ab:f8:f7:6c:55:55:88:98:49:4c: ee:a5:43:d6:2d:69:87:46:fe:33:46:8e:b3:70:1d:31:22:ca: 07:df:c3:11:47:79:f3:eb:af:06:cf:0c:3e:ab:2a:d8:08:de: 05:1c:e7:69:6a:2c:0f:6c:77:91:a3:aa:23:b9:d0:cf:c5:60: 29:84:db:6a:01:29:55:82:69:8a:5f:97:37:3e:9e:6e:a7:6d: 76:5c:ac:a7:fd:62:0f:d3:1e:82:c2:f6:8d:3f:fb:4f:04:c1: aa:9e:63:9c:f5:a9:5a:fe:24:1f:da:0b:e9:ed:ad:d6:09:82: 79:ff:32:4c:a4:ce:2d:50:b2:b6:f2:d4:14:e6:3e:5a:a1:10: 76:1b:dd:26:f6:69:26:34:31:f6:89:8a:27:69:9b:01:9f:bf: 97:54:cc:43:98:bf:06:5b:7a:4f:15:25:51:f6:67:15:33:b9: 14:c1:e1:b4:ce:10:c6:e3:6e:13:c3:c2:6f:a9:6f:0b:c9:5e: 53:61:5d:47:96:dd:b1:01:7c:61:c3:2e:24:9c:4f:80:1c:b8: b4:1e:37:eb:a6:e1:31:ba:1f:85:67:96:01:6a:33:f8:f5:cf: 93:db:89:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCaM42a6izD25i9355uajMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZGY4ZTAwMzdmMWFlODJmN2JlMjIzNWFlNjEyYzQwMTBm NmZlOTEwHhcNMjUxMjA2MDUwMTQ5WhcNMjUxMjA3MDUwMTQ5WjAzMTEwLwYDVQQD Eyg2NDAyNzI4NTUyOTY4NzhjMzFlN2RkMmJjOWQzZmQwN2ZlMTQxNzAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWFbTylQ3QCWAPhQD2HjgksNzoHQ aX8pZVZh+7GLAzVMaQo9grMNX2qu56ytI3L4y5Hu1xQ87dbq64ymj13IlBNblAFL YMseEQJCB/l5ymz7+S+LzycptUTODA66fuNnichqljjkgeGVHU1ICaNFarfNdAQ+ pSnqCuJ7IiXcUKVCAKMiV9SFIbJqBR8FSoyKf3S0dNlCaD+j1YbMCnjf5OCdD1hu TJdUxNA2sEFM5pygPH7ufgOrWu94jfrrdBPHH5Ctrn6dZdHuxXhjHFixR2frpSgX EAYKqz9hYr6v2oALV9doeRkD5jMP+0PfCw8fzA2gdwo4qSjBo7WKWK7xtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGQCcoVSloeMMefdK8nT/Qf+FBcDMB8GA1UdIwQY MBaAFLHfjgA38a6C974iNa5hLEAQ9v6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEt MTljYTUwY2YzNGFiLzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEtMTljYTUwY2YzNGFi LzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr6BT4CeP nr+azz+EpXfuvieI4iFs3V7Hs1+r+PdsVVWImElM7qVD1i1ph0b+M0aOs3AdMSLK B9/DEUd58+uvBs8MPqsq2AjeBRznaWosD2x3kaOqI7nQz8VgKYTbagEpVYJpil+X Nz6ebqdtdlysp/1iD9MegsL2jT/7TwTBqp5jnPWpWv4kH9oL6e2t1gmCef8yTKTO LVCytvLUFOY+WqEQdhvdJvZpJjQx9omKJ2mbAZ+/l1TMQ5i/Blt6TxUlUfZnFTO5 FMHhtM4QxuNuE8PCb6lvC8leU2FdR5bdsQF8YcMuJJxPgBy4tB4366bhMbofhWeW AWoz+PXPk9uJ4A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:57:53 2025 by rpki-client