This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json) Hash identifier: XwNAzt8/08XEI4vzqVU38TYlkReJ5PZh5QU+/g5WRME= Subject key identifier: 8F:5C:DC:57:A7:94:BD:7C:C1:74:A8:80:C7:F3:F5:CA:1F:52:E7:0D Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124 Certificate serial: 019B3EDA19C2147BE53EC96818B238822F50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft Manifest number: 0A85 Signing time: Sun 21 Dec 2025 03:00:39 +0000 Manifest this update: Sun 21 Dec 2025 03:00:39 +0000 Manifest next update: Mon 22 Dec 2025 03:00:39 +0000 Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: 3JtpYlBQWjHObuKoK2jnFq/QoS+09R1xB3oYvVwbQvw=) 2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:19:c2:14:7b:e5:3e:c9:68:18:b2:38:82:2f:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db42059ce291d49a66920731c767da563ef21124 Validity Not Before: Dec 21 03:00:39 2025 GMT Not After : Dec 22 03:00:39 2025 GMT Subject: CN=8f5cdc57a794bd7cc174a880c7f3f5ca1f52e70d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:32:58:dd:f3:74:d7:5d:70:6d:e4:ff:07:35: af:77:e2:61:78:37:51:47:97:ce:3b:4b:28:05:cd: aa:9b:7f:d2:54:57:9d:26:79:98:c0:a4:0c:56:01: 43:d4:94:e2:b7:43:fd:e6:54:f6:00:c1:c0:6a:b7: c5:fc:91:50:78:c5:57:b4:5f:06:7b:5a:c2:75:95: e0:65:e2:53:6c:34:aa:4d:25:e4:55:70:4d:87:41: f0:b3:26:e1:a9:08:be:37:94:ac:6f:83:88:1f:68: 35:26:2f:0d:95:15:af:bb:22:b0:02:89:f1:d1:b0: c2:26:47:d8:40:05:69:f4:8c:83:7b:05:3a:be:55: fe:34:20:20:bf:71:d3:6b:32:10:c9:81:67:74:f5: 8b:58:9b:38:22:af:28:ed:fe:b7:4d:74:4f:3d:e4: 3b:8c:96:ae:e3:1b:d4:87:9f:3a:2c:2c:c1:8a:6d: c1:bf:80:1d:e7:75:99:71:3c:97:f7:50:d0:37:3e: 0e:6a:ee:82:4d:d9:bf:e7:7d:7f:36:dc:97:45:d5: 8b:46:63:fb:07:8d:4f:5f:2c:ff:e2:25:ed:79:e9: 34:fe:9c:c9:31:aa:20:e1:ac:08:59:9e:bb:46:d2: da:54:63:e7:9e:cd:65:9e:c8:0b:b0:e8:b4:7a:61: cd:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:5C:DC:57:A7:94:BD:7C:C1:74:A8:80:C7:F3:F5:CA:1F:52:E7:0D X509v3 Authority Key Identifier: keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:58:a3:24:de:38:c0:df:3b:ac:d0:99:c3:89:c5:34:b8:c8: dc:d6:01:a4:45:e3:5e:b8:3a:df:3a:70:35:7f:95:41:33:9f: 6a:53:44:ef:71:5a:74:14:66:2b:21:4c:52:95:80:32:7b:7f: 83:4e:d3:a8:cf:49:eb:82:ef:3a:11:cc:3a:17:41:44:97:9e: 79:56:e2:d5:78:3f:91:19:f7:0b:95:35:fe:ec:98:c0:5e:b2: 82:7d:d5:00:ab:5f:06:ef:ee:34:12:35:48:61:db:ae:91:b9: 7a:b8:58:0f:73:af:2e:9b:0a:7a:84:5b:c4:e8:95:b5:08:d2: bb:41:9b:68:08:1e:c4:e7:ed:61:62:ce:6e:cf:4c:9e:79:69: be:5d:6e:09:ad:87:e1:0b:d2:ef:13:56:d7:70:ce:9b:a8:3a: 1e:5d:da:0a:ff:91:09:80:45:a8:fe:8d:59:10:a3:1c:c9:9d: 1d:dc:6a:f5:46:80:cc:ca:61:cf:21:be:4a:b7:f3:82:0d:92: de:a0:3c:79:c9:9b:d8:f8:8a:33:fb:01:a1:e0:ee:66:25:c9: 9a:13:35:c6:cd:81:b8:25:a5:d7:42:ea:78:b8:6d:fe:6f:66: 54:37:7f:7f:7c:65:53:d9:23:b4:d3:dd:1d:70:7f:e9:dd:85: c1:e4:70:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2hnCFHvlPsloGLI4gi9QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm MjExMjQwHhcNMjUxMjIxMDMwMDM5WhcNMjUxMjIyMDMwMDM5WjAzMTEwLwYDVQQD Eyg4ZjVjZGM1N2E3OTRiZDdjYzE3NGE4ODBjN2YzZjVjYTFmNTJlNzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzJY3fN0111wbeT/BzWvd+JheDdR R5fOO0soBc2qm3/SVFedJnmYwKQMVgFD1JTit0P95lT2AMHAarfF/JFQeMVXtF8G e1rCdZXgZeJTbDSqTSXkVXBNh0HwsybhqQi+N5Ssb4OIH2g1Ji8NlRWvuyKwAonx 0bDCJkfYQAVp9IyDewU6vlX+NCAgv3HTazIQyYFndPWLWJs4Iq8o7f63TXRPPeQ7 jJau4xvUh586LCzBim3Bv4Ad53WZcTyX91DQNz4Oau6CTdm/531/NtyXRdWLRmP7 B41PXyz/4iXteek0/pzJMaog4awIWZ67RtLaVGPnns1lnsgLsOi0emHNdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI9c3FenlL18wXSogMfz9cofUucNMB8GA1UdIwQY MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM1ijJN44 wN87rNCZw4nFNLjI3NYBpEXjXrg63zpwNX+VQTOfalNE73FadBRmKyFMUpWAMnt/ g07TqM9J64LvOhHMOhdBRJeeeVbi1Xg/kRn3C5U1/uyYwF6ygn3VAKtfBu/uNBI1 SGHbrpG5erhYD3OvLpsKeoRbxOiVtQjSu0GbaAgexOftYWLObs9Mnnlpvl1uCa2H 4QvS7xNW13DOm6g6Hl3aCv+RCYBFqP6NWRCjHMmdHdxq9UaAzMphzyG+Srfzgg2S 3qA8ecmb2PiKM/sBoeDuZiXJmhM1xs2BuCWl10LqeLht/m9mVDd/f3xlU9kjtNPd HXB/6d2FweRwoA== -----END CERTIFICATE-----Generated at Sun Dec 21 09:01:46 2025 by rpki-client