This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft File: stCgxoogOf8MpRQCQRUnHIoEZgg.mft (raw, json) Hash identifier: t1eWWf+TAW31f9mCHhukL0S8sU86QCL9iD4+xaEzT6g= Subject key identifier: 42:05:13:66:AC:D5:AE:43:4A:76:DE:89:97:C7:F0:55:36:D4:91:0B Authority key identifier: B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08 Certificate issuer: /CN=b2d0a0c68a2039ff0ca514024115271c8a046608 Certificate serial: 019AF0BEF60F14A863AEC348508FE2447D14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft Manifest number: 16F0 Signing time: Fri 05 Dec 2025 23:00:37 +0000 Manifest this update: Fri 05 Dec 2025 23:00:37 +0000 Manifest next update: Sat 06 Dec 2025 23:00:37 +0000 Files and hashes: 1: 98pSG03PsWjsaovooO14-BTQ9Vo.roa (hash: Nos0vMcOhKzLe90FJjKrPfa+9LXdDpzz5DlngxI3jBk=) 2: stCgxoogOf8MpRQCQRUnHIoEZgg.crl (hash: T/nplYGwYtfowIMIv+W9d/uR40vVfzkhKxRTbfwKjb4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.crl rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:be:f6:0f:14:a8:63:ae:c3:48:50:8f:e2:44:7d:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2d0a0c68a2039ff0ca514024115271c8a046608 Validity Not Before: Dec 5 23:00:37 2025 GMT Not After : Dec 6 23:00:37 2025 GMT Subject: CN=42051366acd5ae434a76de8997c7f05536d4910b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:56:b0:5f:57:e9:1a:db:d6:cb:9e:32:36:a1: 1f:9d:d4:1d:c4:81:51:10:14:b8:ca:69:7f:d1:4a: c8:fa:e4:24:fe:6a:4c:6a:2a:1b:c6:cf:d6:85:64: 61:10:50:7c:bb:73:b4:b7:9a:20:4a:92:b3:f2:d0: 69:2a:7d:98:ca:b4:74:2f:48:d0:15:f6:96:8c:17: 0c:1c:b8:ae:a9:44:9b:a8:85:d0:94:8f:bb:7d:56: ea:35:e7:95:56:f3:9e:ed:e4:fe:e7:50:a5:dc:96: 2a:ee:a2:73:e6:62:2f:b2:b2:c2:59:24:f3:66:26: d2:82:1e:73:37:1e:2d:fd:e8:d2:19:53:0b:00:a5: 9a:08:79:92:96:cc:16:e9:83:23:6a:d4:53:bf:2b: f6:a5:f0:83:f3:87:98:20:4d:72:0e:17:b2:dc:08: 34:ba:c0:e2:6b:e6:47:42:44:bf:d3:f8:23:b1:98: 3d:b9:bf:dc:81:99:b6:8f:c0:68:16:a2:55:6a:78: 23:af:f8:8f:74:2d:e3:b5:a0:d3:81:01:79:97:e4: de:3e:3f:2a:f6:47:27:59:7c:d1:85:c8:cd:42:15: 0a:62:91:1a:ee:9d:17:ed:5d:cd:f9:5c:b8:04:95: 83:64:97:bc:dc:a3:80:52:d3:46:7d:3b:38:d6:a0: e9:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:05:13:66:AC:D5:AE:43:4A:76:DE:89:97:C7:F0:55:36:D4:91:0B X509v3 Authority Key Identifier: keyid:B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:5b:e8:af:05:3a:b1:58:e3:39:48:3a:d2:e0:0a:a7:7c:41: 2c:8a:70:a5:4f:d0:be:59:4a:78:a2:dd:45:ff:0b:9c:e8:8b: 9f:82:ff:24:89:d4:e2:b7:e4:45:e5:c2:40:ad:01:66:0a:aa: 2b:84:d3:df:5a:cb:96:d1:8f:87:dd:eb:8f:dc:ff:65:e3:68: bf:7e:7e:cb:13:85:59:ee:93:5a:ce:c7:78:9f:ac:0a:0a:0c: 2d:9b:cc:4b:f4:f6:16:0a:f5:81:43:52:ec:42:ac:58:a6:7c: 3e:c5:2d:27:39:d2:79:01:b3:9d:3c:95:4e:b0:16:42:bc:e2: 14:25:90:cd:e6:05:b2:5b:55:b0:70:8e:24:48:3f:d2:ae:32: b7:19:6f:86:43:20:9b:60:e7:50:41:f5:ef:9f:0d:21:1d:16: e0:68:b1:67:be:c8:32:98:c2:cd:0f:9d:e3:cf:a7:93:84:74: e8:42:e5:25:c2:bc:78:d1:3f:4d:32:d5:10:8d:76:04:f3:dd: ba:7d:90:5b:a0:ea:10:3b:08:9a:1a:fc:6d:2a:76:86:c5:d1: ad:52:c6:94:03:be:e5:8a:35:d9:51:4c:72:75:70:3f:bf:07: 1d:d5:b6:c7:21:fd:53:76:ee:e0:a7:93:25:de:24:59:44:a4: f8:3d:cd:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvvYPFKhjrsNIUI/iRH0UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyZDBhMGM2OGEyMDM5ZmYwY2E1MTQwMjQxMTUyNzFjOGEw NDY2MDgwHhcNMjUxMjA1MjMwMDM3WhcNMjUxMjA2MjMwMDM3WjAzMTEwLwYDVQQD Eyg0MjA1MTM2NmFjZDVhZTQzNGE3NmRlODk5N2M3ZjA1NTM2ZDQ5MTBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVawX1fpGtvWy54yNqEfndQdxIFR EBS4yml/0UrI+uQk/mpMaiobxs/WhWRhEFB8u3O0t5ogSpKz8tBpKn2YyrR0L0jQ FfaWjBcMHLiuqUSbqIXQlI+7fVbqNeeVVvOe7eT+51Cl3JYq7qJz5mIvsrLCWSTz ZibSgh5zNx4t/ejSGVMLAKWaCHmSlswW6YMjatRTvyv2pfCD84eYIE1yDhey3Ag0 usDia+ZHQkS/0/gjsZg9ub/cgZm2j8BoFqJVangjr/iPdC3jtaDTgQF5l+TePj8q 9kcnWXzRhcjNQhUKYpEa7p0X7V3N+Vy4BJWDZJe83KOAUtNGfTs41qDpVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEIFE2as1a5DSnbeiZfH8FU21JELMB8GA1UdIwQY MBaAFLLQoMaKIDn/DKUUAkEVJxyKBGYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQt NDFhYjdjODcyZmVhLzEvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQtNDFhYjdjODcyZmVh LzEvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw1vorwU6 sVjjOUg60uAKp3xBLIpwpU/QvllKeKLdRf8LnOiLn4L/JInU4rfkReXCQK0BZgqq K4TT31rLltGPh93rj9z/ZeNov35+yxOFWe6TWs7HeJ+sCgoMLZvMS/T2Fgr1gUNS 7EKsWKZ8PsUtJznSeQGznTyVTrAWQrziFCWQzeYFsltVsHCOJEg/0q4ytxlvhkMg m2DnUEH1758NIR0W4GixZ77IMpjCzQ+d48+nk4R06ELlJcK8eNE/TTLVEI12BPPd un2QW6DqEDsImhr8bSp2hsXRrVLGlAO+5Yo12VFMcnVwP78HHdW2xyH9U3bu4KeT Jd4kWUSk+D3N4Q== -----END CERTIFICATE-----Generated at Sat Dec 6 08:19:02 2025 by rpki-client