This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft File: sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json) Hash identifier: bZRuAnn+xh8AyAsszrbCYzWATuuIa6UGgXw8stI5bl8= Subject key identifier: A4:2B:81:86:18:B6:1E:70:1D:32:D3:EF:24:80:04:D5:46:0E:80:81 Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9 Certificate issuer: /CN=b13236c4d068931e0b44c98b290a8faa554a03b9 Certificate serial: 019AF19B5E9CF05C89E8EEAD3883F9595050 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft Manifest number: 0528 Signing time: Sat 06 Dec 2025 03:01:22 +0000 Manifest this update: Sat 06 Dec 2025 03:01:22 +0000 Manifest next update: Sun 07 Dec 2025 03:01:22 +0000 Files and hashes: 1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: HXUM4XzWagnA0Ryl2XFouUH44Zs7mk1MtNuaD8VsHv4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:5e:9c:f0:5c:89:e8:ee:ad:38:83:f9:59:50:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9 Validity Not Before: Dec 6 03:01:22 2025 GMT Not After : Dec 7 03:01:22 2025 GMT Subject: CN=a42b818618b61e701d32d3ef248004d5460e8081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:70:da:45:ae:e9:f1:98:f1:ad:97:61:ed:2b: 61:58:98:d8:f1:e8:0f:53:aa:46:ef:d1:7a:b9:2f: 9c:52:7e:85:55:ac:77:f2:a2:17:2e:1c:36:7c:88: f3:e2:10:8f:50:d0:23:b1:b2:e3:b7:a1:24:2b:54: 1a:55:8c:80:6a:1f:5e:eb:70:26:a8:c7:03:49:71: bd:06:51:ef:b3:c2:f9:06:5d:77:28:b2:9e:34:c2: 20:c6:da:ae:f8:a4:fd:89:b7:02:71:f8:2a:eb:b2: 14:5f:b4:78:40:14:91:9c:49:0c:a6:2a:28:ed:75: 42:a3:43:60:58:16:be:9d:96:4b:96:db:a1:e9:3d: a1:e7:e6:08:98:6c:78:0a:56:59:d9:c7:a7:4e:09: 95:fd:34:5a:b7:f3:cd:20:2b:0b:00:2c:92:4d:e4: de:02:ca:da:81:87:ba:ef:3d:e1:02:ba:31:9e:df: 1e:53:04:4d:fc:90:81:db:e7:25:0e:db:a8:dd:66: 78:aa:16:80:a9:64:5d:f6:10:9a:29:ba:03:9c:9b: e5:ed:21:3b:87:32:3b:a4:d0:f1:e8:69:b1:29:7d: ef:36:81:4c:31:55:1b:76:8f:ae:a7:e5:05:61:56: 1a:b0:9b:dd:a2:de:91:74:1d:cd:e2:a7:7d:5b:af: 5b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:2B:81:86:18:B6:1E:70:1D:32:D3:EF:24:80:04:D5:46:0E:80:81 X509v3 Authority Key Identifier: keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:3a:a5:06:69:9d:8b:2b:25:e9:d1:61:42:9c:b9:52:1f:a0: b4:0a:3c:8d:72:8e:81:c4:70:d3:9f:06:fc:89:2e:59:ca:a5: b6:77:53:9d:1c:f0:89:3f:48:e2:23:86:b4:7f:ad:dd:59:2f: 4d:e8:62:ed:5a:78:92:51:2b:4e:2e:c9:e9:3a:25:dd:9a:0e: 60:f7:53:18:60:76:20:33:dc:bd:f9:0a:54:d4:92:95:47:ef: 15:47:d1:79:11:dd:15:59:af:07:45:98:e1:89:e5:fe:08:2d: 40:8a:f7:1c:49:38:e3:49:77:58:53:15:b2:67:c2:b3:d7:dd: f8:b8:40:ce:aa:07:b5:37:90:35:21:be:21:6c:73:5a:56:2f: 62:78:5d:49:0e:ad:20:48:a6:82:aa:c7:fb:72:f6:33:f8:ee: 1d:ea:71:d3:bf:46:0f:ad:fc:0a:14:af:86:62:92:85:66:1c: 06:da:47:c0:6c:c6:f4:34:f2:aa:74:91:58:83:65:71:a5:f8: 8c:02:c4:89:15:68:95:2e:6c:9a:8a:50:50:06:4e:71:40:5c: e0:ec:00:9b:2b:4f:a7:dc:a5:25:9c:df:a8:a6:33:f4:7a:00: bd:18:08:61:27:77:9a:91:ca:8d:55:d9:e4:24:28:24:35:44: c6:a6:35:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm16c8FyJ6O6tOIP5WVBQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0 YTAzYjkwHhcNMjUxMjA2MDMwMTIyWhcNMjUxMjA3MDMwMTIyWjAzMTEwLwYDVQQD EyhhNDJiODE4NjE4YjYxZTcwMWQzMmQzZWYyNDgwMDRkNTQ2MGU4MDgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3DaRa7p8ZjxrZdh7SthWJjY8egP U6pG79F6uS+cUn6FVax38qIXLhw2fIjz4hCPUNAjsbLjt6EkK1QaVYyAah9e63Am qMcDSXG9BlHvs8L5Bl13KLKeNMIgxtqu+KT9ibcCcfgq67IUX7R4QBSRnEkMpioo 7XVCo0NgWBa+nZZLltuh6T2h5+YImGx4ClZZ2cenTgmV/TRat/PNICsLACySTeTe AsragYe67z3hAroxnt8eUwRN/JCB2+clDtuo3WZ4qhaAqWRd9hCaKboDnJvl7SE7 hzI7pNDx6GmxKX3vNoFMMVUbdo+up+UFYVYasJvdot6RdB3N4qd9W69bzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKQrgYYYth5wHTLT7ySABNVGDoCBMB8GA1UdIwQY MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjqlBmmd iysl6dFhQpy5Uh+gtAo8jXKOgcRw058G/IkuWcqltndTnRzwiT9I4iOGtH+t3Vkv Tehi7Vp4klErTi7J6Tol3ZoOYPdTGGB2IDPcvfkKVNSSlUfvFUfReRHdFVmvB0WY 4Ynl/ggtQIr3HEk440l3WFMVsmfCs9fd+LhAzqoHtTeQNSG+IWxzWlYvYnhdSQ6t IEimgqrH+3L2M/juHepx079GD638ChSvhmKShWYcBtpHwGzG9DTyqnSRWINlcaX4 jALEiRVolS5smopQUAZOcUBc4OwAmytPp9ylJZzfqKYz9HoAvRgIYSd3mpHKjVXZ 5CQoJDVExqY1gw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:15:10 2025 by rpki-client