This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/soWZKSpjJCl-Av_zxRGb7gsxdUg.mft File: soWZKSpjJCl-Av_zxRGb7gsxdUg.mft (raw, json) Hash identifier: HQ+CS9rEJmp0K9Ej7YFKy4kdAmZDD74YN+oR91ZwvEw= Subject key identifier: A2:B4:B0:F3:6F:FB:EF:9C:45:37:FE:94:57:61:1C:5B:99:B3:4A:AF Authority key identifier: B2:85:99:29:2A:63:24:29:7E:02:FF:F3:C5:11:9B:EE:0B:31:75:48 Certificate issuer: /CN=b28599292a6324297e02fff3c5119bee0b317548 Certificate serial: 019B30B0A4F99B17C9A577BD992C2DCCDB34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soWZKSpjJCl-Av_zxRGb7gsxdUg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/soWZKSpjJCl-Av_zxRGb7gsxdUg.mft Manifest number: 1784 Signing time: Thu 18 Dec 2025 09:00:41 +0000 Manifest this update: Thu 18 Dec 2025 09:00:41 +0000 Manifest next update: Fri 19 Dec 2025 09:00:41 +0000 Files and hashes: 1: G4p3T3vKIJwpoVG087GbMaXF5PU.roa (hash: S1k3o+lhMdQMdnd1dbHX7NQg9XvE842LHxXNFh07jnY=) 2: soWZKSpjJCl-Av_zxRGb7gsxdUg.crl (hash: VGBL04bjan+ahssu+YyrD7vcA45DXLVOqhZJ1SO6Oqg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/soWZKSpjJCl-Av_zxRGb7gsxdUg.crl rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/soWZKSpjJCl-Av_zxRGb7gsxdUg.mft rsync://rpki.ripe.net/repository/DEFAULT/soWZKSpjJCl-Av_zxRGb7gsxdUg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:b0:a4:f9:9b:17:c9:a5:77:bd:99:2c:2d:cc:db:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b28599292a6324297e02fff3c5119bee0b317548 Validity Not Before: Dec 18 09:00:41 2025 GMT Not After : Dec 19 09:00:41 2025 GMT Subject: CN=a2b4b0f36ffbef9c4537fe9457611c5b99b34aaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:c8:2f:88:b7:0b:2d:35:d4:7a:2a:7d:93:81: 90:95:9b:8e:61:51:17:f8:f4:6d:0b:80:d9:65:6e: 90:3d:13:5e:61:a5:d5:a3:57:f1:37:19:ca:a8:a0: 51:15:68:4b:81:3c:b9:d1:a0:ff:4d:55:8a:e3:e2: aa:c6:03:4a:61:8a:76:00:01:b0:7e:7c:02:1e:b2: de:15:3e:5c:3b:d0:ba:93:bb:83:68:b2:27:8f:b9: 0c:75:ef:79:22:1e:60:98:46:b5:f0:5a:75:7a:9f: 59:d7:39:e3:54:49:be:13:86:e0:bf:45:e4:eb:5a: 43:9b:40:4d:aa:a5:0d:db:4f:b0:0e:fb:7f:f9:af: de:4e:64:65:74:14:18:aa:a3:9f:4f:fc:e6:de:b2: df:48:15:e2:04:76:80:98:0b:65:b1:a9:d0:5b:38: 44:2f:0a:2d:bc:a1:23:4c:0f:36:c5:e7:51:2b:ef: 96:1d:e4:f5:99:98:35:af:fa:ee:67:8b:7d:4b:92: 10:68:2b:43:4d:13:78:29:4e:38:8a:72:42:ac:21: 5d:cf:7c:3f:97:3e:db:58:cd:49:ff:74:36:cb:55: 3a:5c:df:0d:40:d1:c9:39:48:73:a4:57:90:b9:a3: d1:d9:3b:ab:5c:90:35:97:84:18:a0:03:d3:7a:23: 28:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:B4:B0:F3:6F:FB:EF:9C:45:37:FE:94:57:61:1C:5B:99:B3:4A:AF X509v3 Authority Key Identifier: keyid:B2:85:99:29:2A:63:24:29:7E:02:FF:F3:C5:11:9B:EE:0B:31:75:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soWZKSpjJCl-Av_zxRGb7gsxdUg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/soWZKSpjJCl-Av_zxRGb7gsxdUg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/soWZKSpjJCl-Av_zxRGb7gsxdUg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:68:94:2e:5e:f0:18:4e:aa:23:05:d4:55:f4:f8:fa:5b:02: 98:13:4b:b4:74:b1:c9:08:da:b1:45:5e:41:e9:e5:81:7d:de: d8:ce:3c:22:65:a5:47:a8:3d:e9:77:07:70:b3:38:da:60:1a: 93:84:bb:14:50:51:bb:60:61:9b:8d:f7:82:fc:bf:5f:66:10: 5d:c7:c1:48:c8:26:5c:77:97:e1:41:b8:b3:62:5c:ce:a7:9e: cd:86:25:5d:f5:f2:cf:f7:44:ae:c0:ee:10:76:67:de:a9:03: f9:75:d0:5b:fb:14:2e:b0:65:c3:a1:76:cf:17:b7:dc:1d:4b: 13:1d:f1:b7:2b:8e:2d:26:e1:ef:b2:61:9a:12:d6:f2:50:f4: 4c:19:db:89:92:50:56:e2:5d:1d:8c:4b:d9:6b:36:da:24:73: 4d:b7:bb:41:9c:e8:46:20:ac:7e:82:ca:bf:d8:18:35:26:5d: 79:3d:7b:95:07:0b:f2:f4:24:7b:b8:41:b4:62:17:b8:b3:b4: 10:68:61:72:3a:c1:4a:7d:2a:f0:16:6f:8b:3a:1f:ef:18:c4: 4b:9e:a8:94:3d:8d:d0:9d:b4:e4:b2:11:45:f9:49:8a:8f:cd: 51:22:fc:45:2a:0b:78:4d:80:d3:cb:1c:24:1a:2c:de:62:13: 67:fe:7f:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswsKT5mxfJpXe9mSwtzNs0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyODU5OTI5MmE2MzI0Mjk3ZTAyZmZmM2M1MTE5YmVlMGIz MTc1NDgwHhcNMjUxMjE4MDkwMDQxWhcNMjUxMjE5MDkwMDQxWjAzMTEwLwYDVQQD EyhhMmI0YjBmMzZmZmJlZjljNDUzN2ZlOTQ1NzYxMWM1Yjk5YjM0YWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8gviLcLLTXUeip9k4GQlZuOYVEX +PRtC4DZZW6QPRNeYaXVo1fxNxnKqKBRFWhLgTy50aD/TVWK4+KqxgNKYYp2AAGw fnwCHrLeFT5cO9C6k7uDaLInj7kMde95Ih5gmEa18Fp1ep9Z1znjVEm+E4bgv0Xk 61pDm0BNqqUN20+wDvt/+a/eTmRldBQYqqOfT/zm3rLfSBXiBHaAmAtlsanQWzhE LwotvKEjTA82xedRK++WHeT1mZg1r/ruZ4t9S5IQaCtDTRN4KU44inJCrCFdz3w/ lz7bWM1J/3Q2y1U6XN8NQNHJOUhzpFeQuaPR2TurXJA1l4QYoAPTeiMoWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKK0sPNv+++cRTf+lFdhHFuZs0qvMB8GA1UdIwQY MBaAFLKFmSkqYyQpfgL/88URm+4LMXVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc29XWktTcGpKQ2wtQXZfenhSR2I3Z3N4ZFVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lNTUyZjQtOTZjYS00MjU5LWE4MmEt ZTM1YTY3ZTVkOWUyLzEvc29XWktTcGpKQ2wtQXZfenhSR2I3Z3N4ZFVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9lNTUyZjQtOTZjYS00MjU5LWE4MmEtZTM1YTY3ZTVkOWUy LzEvc29XWktTcGpKQ2wtQXZfenhSR2I3Z3N4ZFVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaGiULl7w GE6qIwXUVfT4+lsCmBNLtHSxyQjasUVeQenlgX3e2M48ImWlR6g96XcHcLM42mAa k4S7FFBRu2Bhm433gvy/X2YQXcfBSMgmXHeX4UG4s2JczqeezYYlXfXyz/dErsDu EHZn3qkD+XXQW/sULrBlw6F2zxe33B1LEx3xtyuOLSbh77JhmhLW8lD0TBnbiZJQ VuJdHYxL2Ws22iRzTbe7QZzoRiCsfoLKv9gYNSZdeT17lQcL8vQke7hBtGIXuLO0 EGhhcjrBSn0q8BZvizof7xjES56olD2N0J205LIRRflJio/NUSL8RSoLeE2A08sc JBos3mITZ/5/0A== -----END CERTIFICATE-----Generated at Thu Dec 18 15:26:33 2025 by rpki-client