This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft File: _sQT3TZn54GV5SaKooWupRa8sZk.mft (raw, json) Hash identifier: uNr0AZKqAE2kozQQjXXVXiH6sO84ftv8PnXZKjtSWxU= Subject key identifier: B2:2B:B0:5A:55:78:68:55:AF:09:36:04:93:80:1C:14:5A:EE:73:6B Authority key identifier: FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99 Certificate issuer: /CN=fec413dd3667e78195e5268aa285aea516bcb199 Certificate serial: 019B2C66D567335AEA28CE1EAD2D3387D949 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft Manifest number: 14A9 Signing time: Wed 17 Dec 2025 13:01:35 +0000 Manifest this update: Wed 17 Dec 2025 13:01:35 +0000 Manifest next update: Thu 18 Dec 2025 13:01:35 +0000 Files and hashes: 1: _sQT3TZn54GV5SaKooWupRa8sZk.crl (hash: aVCowVRg5s2ajPLsi5V+9e7+0y8ko+L2+YgifyvDDC0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:66:d5:67:33:5a:ea:28:ce:1e:ad:2d:33:87:d9:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fec413dd3667e78195e5268aa285aea516bcb199 Validity Not Before: Dec 17 13:01:35 2025 GMT Not After : Dec 18 13:01:35 2025 GMT Subject: CN=b22bb05a55786855af09360493801c145aee736b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1f:ec:37:04:a7:c6:72:df:ae:17:c5:b1:6d: 1c:eb:e8:bf:e8:e5:05:fd:20:99:6a:8e:84:4f:b0: fb:9e:59:77:bf:78:57:f4:3b:99:f4:b4:e1:9a:2e: 75:52:e6:b1:f2:6b:20:b5:f7:b6:d2:7b:6d:75:42: 79:b8:8d:8d:1e:b5:e5:2d:d5:d9:6e:2c:c9:ee:a6: 2a:8a:65:bc:7c:62:1a:23:11:5c:80:f2:4f:4b:50: 86:20:bb:19:f4:09:79:7c:b8:8f:93:8d:01:20:24: d3:79:94:10:f0:27:f5:99:2f:45:e2:ad:6a:71:9b: 9a:6e:6f:db:0b:8d:43:06:a7:4d:3f:86:c1:44:de: 5f:2c:02:32:80:8f:ca:04:1e:fd:33:04:50:9e:41: 67:36:7f:95:53:5d:0f:04:9a:60:e1:6b:71:3d:6b: ab:74:4d:80:73:c9:1a:5b:8f:b1:e8:b6:77:0b:c8: 4d:af:5c:d0:7c:d7:14:28:31:fe:82:9b:32:0e:30: 68:35:5f:7f:10:d1:33:1f:c7:f8:1b:b8:09:09:b5: cc:9a:6d:75:10:12:c1:83:76:11:ff:c1:47:4c:65: 8b:dc:50:ca:f3:3c:47:ee:87:d4:9c:e4:b2:f9:6d: 10:e2:06:62:3e:2c:66:97:92:11:3e:35:38:a3:9c: fa:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2B:B0:5A:55:78:68:55:AF:09:36:04:93:80:1C:14:5A:EE:73:6B X509v3 Authority Key Identifier: keyid:FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:8d:0e:2c:45:42:6f:2a:4d:b1:2c:62:01:80:1d:9d:f4:6a: a8:a6:f2:45:cc:d8:dd:fc:b6:2c:09:86:38:e1:e4:92:68:a1: c3:39:c7:90:8e:d6:a7:a4:f7:42:4a:79:ea:d9:4c:8d:07:33: ef:35:85:62:cc:2e:c4:a9:b1:fa:f9:02:48:cc:ed:22:2b:35: fd:60:4b:40:cc:f6:21:12:88:5c:51:91:d2:8b:c5:88:2c:7b: 1e:ab:a2:99:ce:b9:c9:12:55:43:cc:b5:34:65:39:1a:f4:e6: b0:02:f4:03:18:08:f4:34:97:68:f5:e1:5c:b4:8d:91:02:2f: 36:11:ee:97:3b:fd:e9:e9:3e:3f:75:ed:9f:f2:cd:e9:f7:01: b0:a1:10:67:b9:a6:8e:62:b8:aa:ac:66:a7:2a:a1:6b:8f:1c: a7:02:62:7b:cb:28:bd:d9:8a:b3:42:66:48:e9:93:08:93:05: 22:c3:4b:56:a0:83:b8:38:5f:af:2a:65:24:88:87:31:1f:70: 66:3b:45:8f:80:e5:9d:e8:d7:87:76:8e:c0:55:16:84:06:67: aa:15:17:79:b5:de:76:8b:52:92:66:db:bd:69:5d:d4:d0:ec: f8:53:01:6d:ff:f6:b5:db:8d:3a:fc:ce:75:9c:81:1f:fd:55: 71:00:58:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssZtVnM1rqKM4erS0zh9lJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlYzQxM2RkMzY2N2U3ODE5NWU1MjY4YWEyODVhZWE1MTZi Y2IxOTkwHhcNMjUxMjE3MTMwMTM1WhcNMjUxMjE4MTMwMTM1WjAzMTEwLwYDVQQD EyhiMjJiYjA1YTU1Nzg2ODU1YWYwOTM2MDQ5MzgwMWMxNDVhZWU3MzZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh/sNwSnxnLfrhfFsW0c6+i/6OUF /SCZao6ET7D7nll3v3hX9DuZ9LThmi51Uuax8msgtfe20nttdUJ5uI2NHrXlLdXZ bizJ7qYqimW8fGIaIxFcgPJPS1CGILsZ9Al5fLiPk40BICTTeZQQ8Cf1mS9F4q1q cZuabm/bC41DBqdNP4bBRN5fLAIygI/KBB79MwRQnkFnNn+VU10PBJpg4WtxPWur dE2Ac8kaW4+x6LZ3C8hNr1zQfNcUKDH+gpsyDjBoNV9/ENEzH8f4G7gJCbXMmm11 EBLBg3YR/8FHTGWL3FDK8zxH7ofUnOSy+W0Q4gZiPixml5IRPjU4o5z6bwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLIrsFpVeGhVrwk2BJOAHBRa7nNrMB8GA1UdIwQY MBaAFP7EE902Z+eBleUmiqKFrqUWvLGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUt M2ZkMTRiOTM2ZWI0LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUtM2ZkMTRiOTM2ZWI0 LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXo0OLEVC bypNsSxiAYAdnfRqqKbyRczY3fy2LAmGOOHkkmihwznHkI7Wp6T3Qkp56tlMjQcz 7zWFYswuxKmx+vkCSMztIis1/WBLQMz2IRKIXFGR0ovFiCx7Hquimc65yRJVQ8y1 NGU5GvTmsAL0AxgI9DSXaPXhXLSNkQIvNhHulzv96ek+P3Xtn/LN6fcBsKEQZ7mm jmK4qqxmpyqha48cpwJie8sovdmKs0JmSOmTCJMFIsNLVqCDuDhfryplJIiHMR9w ZjtFj4DlnejXh3aOwFUWhAZnqhUXebXedotSkmbbvWld1NDs+FMBbf/2tduNOvzO dZyBH/1VcQBYag== -----END CERTIFICATE-----Generated at Wed Dec 17 19:20:46 2025 by rpki-client