This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json) Hash identifier: GH6UJXG3DxU3xfqcelz+DEjoR01B2jibB9BV8UpJp7g= Subject key identifier: 82:63:BF:BC:01:93:E5:BB:FA:76:80:99:9D:EA:90:94:E7:44:F8:F9 Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124 Certificate serial: 019AF19BD9A13A83B656B62015D5B8C8FC8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft Manifest number: 0A5D Signing time: Sat 06 Dec 2025 03:01:54 +0000 Manifest this update: Sat 06 Dec 2025 03:01:54 +0000 Manifest next update: Sun 07 Dec 2025 03:01:54 +0000 Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: I2NeLKrK7LdDDsFP69YJMQBSY9RYtRYO/73+N/daPg8=) 2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:d9:a1:3a:83:b6:56:b6:20:15:d5:b8:c8:fc:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db42059ce291d49a66920731c767da563ef21124 Validity Not Before: Dec 6 03:01:54 2025 GMT Not After : Dec 7 03:01:54 2025 GMT Subject: CN=8263bfbc0193e5bbfa7680999dea9094e744f8f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:be:95:37:a7:0f:89:d6:e2:b0:d4:7a:28:59: 03:63:68:80:c4:5b:2e:f1:97:39:07:c7:d7:db:22: 89:78:53:96:14:bc:6b:2f:92:32:73:96:ea:cc:02: cf:58:b9:43:d1:3c:2f:53:5e:38:b6:93:57:2b:ed: 92:6c:a6:6f:71:88:c0:f8:7e:48:86:17:7e:e0:be: ad:2e:80:e1:86:94:48:1f:14:87:a0:95:25:8d:79: 63:5d:49:9a:c2:7a:fc:e9:99:ae:8d:b6:0d:35:4f: 03:47:cc:fe:a7:b1:be:2e:7a:56:e7:c9:22:2e:82: c7:58:eb:b9:2c:5b:84:a4:ba:2c:08:29:d8:64:50: c7:d9:ed:7a:4d:d3:fe:c7:b1:1b:c1:33:9d:3e:98: dc:7f:14:f4:73:d7:73:33:38:fd:ea:4e:2d:1e:94: 2d:1f:9f:8f:8b:0c:11:77:10:cb:7f:48:54:ad:01: 2a:a3:a7:57:6d:9e:51:49:58:4a:17:71:78:a4:de: cd:95:58:dc:7d:50:1b:9a:3b:74:12:74:90:5c:7e: f7:e7:aa:21:30:90:47:df:ac:2f:12:ae:3b:b3:36: f4:3a:95:1b:50:93:1f:dd:da:22:81:e4:82:f1:c2: 0e:c9:00:73:e9:55:9d:80:5f:48:4e:86:bb:51:97: 42:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:63:BF:BC:01:93:E5:BB:FA:76:80:99:9D:EA:90:94:E7:44:F8:F9 X509v3 Authority Key Identifier: keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:33:dd:3d:5f:e4:c2:ee:62:8b:5d:e6:1c:7f:af:e2:9a:cb: 96:c3:4a:04:ec:8e:96:26:56:60:6f:bc:aa:93:0b:62:c2:95: 05:9a:27:14:a5:1c:d9:94:76:18:f2:14:a4:7d:84:1f:50:68: fd:66:02:e0:d6:36:1b:2d:e7:da:7c:97:49:b2:f3:af:06:ca: c4:14:53:c9:cb:45:36:94:1b:f9:90:98:13:d8:1d:27:22:2b: 39:de:45:e9:9b:ef:fd:01:8a:22:f4:6d:88:12:ae:bb:ad:52: ac:ee:27:4e:31:3d:00:0c:75:e4:0d:b9:49:de:34:5e:32:2f: 22:52:94:eb:fd:4f:63:e0:e0:85:7e:6f:ce:c2:1d:e0:0d:c8: 26:27:d8:37:60:c8:32:c3:3c:c8:ab:65:1e:26:e5:a3:73:71: 30:6d:72:db:19:78:ea:1b:8b:e2:5a:46:46:9f:21:b9:12:7d: 8b:da:da:08:49:33:a1:ef:e5:a6:3c:5b:cb:bd:57:ac:26:78: 31:fa:1f:33:d1:1e:e2:49:9e:c7:2b:03:27:d9:f3:80:55:89: ca:6a:f3:84:be:57:ac:5e:e6:7c:2a:f0:90:50:e2:e7:9e:61: 5b:1f:4f:9d:bf:78:af:4f:cf:36:13:8f:21:1b:b6:9a:c8:41: e8:26:5c:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm9mhOoO2VrYgFdW4yPyLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm MjExMjQwHhcNMjUxMjA2MDMwMTU0WhcNMjUxMjA3MDMwMTU0WjAzMTEwLwYDVQQD Eyg4MjYzYmZiYzAxOTNlNWJiZmE3NjgwOTk5ZGVhOTA5NGU3NDRmOGY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub6VN6cPidbisNR6KFkDY2iAxFsu 8Zc5B8fX2yKJeFOWFLxrL5Iyc5bqzALPWLlD0TwvU144tpNXK+2SbKZvcYjA+H5I hhd+4L6tLoDhhpRIHxSHoJUljXljXUmawnr86ZmujbYNNU8DR8z+p7G+LnpW58ki LoLHWOu5LFuEpLosCCnYZFDH2e16TdP+x7EbwTOdPpjcfxT0c9dzMzj96k4tHpQt H5+PiwwRdxDLf0hUrQEqo6dXbZ5RSVhKF3F4pN7NlVjcfVAbmjt0EnSQXH7356oh MJBH36wvEq47szb0OpUbUJMf3doigeSC8cIOyQBz6VWdgF9IToa7UZdCGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIJjv7wBk+W7+naAmZ3qkJTnRPj5MB8GA1UdIwQY MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARjPdPV/k wu5ii13mHH+v4prLlsNKBOyOliZWYG+8qpMLYsKVBZonFKUc2ZR2GPIUpH2EH1Bo /WYC4NY2Gy3n2nyXSbLzrwbKxBRTyctFNpQb+ZCYE9gdJyIrOd5F6Zvv/QGKIvRt iBKuu61SrO4nTjE9AAx15A25Sd40XjIvIlKU6/1PY+DghX5vzsId4A3IJifYN2DI MsM8yKtlHiblo3NxMG1y2xl46huL4lpGRp8huRJ9i9raCEkzoe/lpjxby71XrCZ4 MfofM9Ee4kmexysDJ9nzgFWJymrzhL5XrF7mfCrwkFDi555hWx9Pnb94r0/PNhOP IRu2mshB6CZcGw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:15:55 2025 by rpki-client