This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft File: s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json) Hash identifier: lPpTrNH6bDHocj3K8UDwZ5CbIplSrt4QN2PfCdRkxtM= Subject key identifier: FE:8A:37:FF:30:39:66:85:05:58:1D:A3:53:39:C3:7E:B4:BA:71:07 Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B Certificate issuer: /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b Certificate serial: 019B34C59A97F6EA92D71ABB296EEE42A4AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft Manifest number: 11FB Signing time: Fri 19 Dec 2025 04:02:03 +0000 Manifest this update: Fri 19 Dec 2025 04:02:03 +0000 Manifest next update: Sat 20 Dec 2025 04:02:03 +0000 Files and hashes: 1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: gW1Vv5ZlNbuIXyiUydgEHG5ag+oAe1Htk9Eid09o2TU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:9a:97:f6:ea:92:d7:1a:bb:29:6e:ee:42:a4:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b Validity Not Before: Dec 19 04:02:03 2025 GMT Not After : Dec 20 04:02:03 2025 GMT Subject: CN=fe8a37ff3039668505581da35339c37eb4ba7107 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:8a:58:65:f9:4a:bf:92:0c:94:1e:92:a0:98: 78:ec:fd:22:7f:e0:15:61:49:af:f4:be:f5:4f:76: a6:da:6e:ba:9b:6f:0c:86:6b:d6:bf:f6:98:97:c1: ce:88:ab:b8:62:9f:db:5d:3c:1f:f9:bd:9b:1d:ca: da:74:e0:27:ae:67:27:be:97:86:76:78:95:bd:cc: b8:86:d4:b1:27:30:da:6b:c1:11:6f:2e:1d:ed:76: 96:86:7e:d1:6f:13:86:6c:01:6d:f8:45:53:3c:d9: 6d:d6:5a:a4:65:b1:1c:33:a8:32:40:4e:c0:3c:23: 32:f0:cf:38:37:76:57:ec:96:33:7e:bd:23:ac:6c: 56:57:09:03:db:03:e7:e4:f7:cd:dd:cd:21:c4:c3: 6b:78:7a:fa:bd:7e:9f:fc:25:78:f3:18:6f:30:15: 51:02:2a:3d:a5:33:a8:6a:ae:91:e5:33:f2:00:16: 5d:e5:4f:d7:fe:3f:ad:b7:0a:29:ec:25:66:f9:92: 76:72:0e:c4:09:75:53:3c:09:b1:65:c9:4d:18:f4: 42:b0:a3:6c:b6:ee:dd:74:16:ad:02:f8:ee:4c:28: 00:db:0d:9b:25:a7:1f:06:4d:57:c6:7b:0d:ed:3d: b9:56:f6:de:06:59:fe:75:63:0c:f3:f3:05:3c:70: 4e:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:8A:37:FF:30:39:66:85:05:58:1D:A3:53:39:C3:7E:B4:BA:71:07 X509v3 Authority Key Identifier: keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:da:b1:dd:32:48:49:54:9c:7a:7d:66:98:e9:7e:d9:a2:0d: 41:8e:9d:61:8f:92:50:62:eb:05:34:1b:0d:4b:bf:2d:6a:70: be:48:7f:b6:0c:4f:5e:41:49:86:67:69:9b:48:b1:f1:f6:56: 17:7c:7d:bd:19:2b:1a:7f:05:40:f9:d2:bb:fe:c6:63:1a:51: b0:a7:9f:43:dd:87:bc:ba:37:42:14:69:90:3a:82:fa:4f:7c: 2a:bf:e0:c7:22:91:cc:2d:86:6f:bc:2f:8a:aa:78:2e:6a:5d: 0c:8d:68:82:8b:e4:34:22:14:27:45:7f:20:3f:e7:35:7b:3c: b2:df:11:bc:8e:9b:46:5c:16:2f:5c:df:e3:ee:f2:dc:70:d0: b6:04:04:03:5a:0a:1b:86:3e:89:23:4b:c8:ec:c0:d0:df:06: 1f:37:8d:83:5a:52:9f:cb:a4:83:cd:e5:9d:6f:20:6a:23:66: 20:ab:bf:d4:57:d3:3f:1f:08:36:c5:ca:de:26:a3:2b:26:b0: a6:b6:5b:db:0c:f5:07:a0:9e:16:2c:28:7e:8e:4c:ae:19:f8: c1:51:52:14:71:c1:12:3a:33:79:cb:3d:c0:d0:bc:d7:24:ec: 35:fa:50:b2:aa:5b:8a:2d:4a:4e:43:74:70:c3:c6:6b:5a:a4: b6:e0:86:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xZqX9uqS1xq7KW7uQqSsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh ZGQ2OGIwHhcNMjUxMjE5MDQwMjAzWhcNMjUxMjIwMDQwMjAzWjAzMTEwLwYDVQQD EyhmZThhMzdmZjMwMzk2Njg1MDU1ODFkYTM1MzM5YzM3ZWI0YmE3MTA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIpYZflKv5IMlB6SoJh47P0if+AV YUmv9L71T3am2m66m28MhmvWv/aYl8HOiKu4Yp/bXTwf+b2bHcradOAnrmcnvpeG dniVvcy4htSxJzDaa8ERby4d7XaWhn7RbxOGbAFt+EVTPNlt1lqkZbEcM6gyQE7A PCMy8M84N3ZX7JYzfr0jrGxWVwkD2wPn5PfN3c0hxMNreHr6vX6f/CV48xhvMBVR Aio9pTOoaq6R5TPyABZd5U/X/j+ttwop7CVm+ZJ2cg7ECXVTPAmxZclNGPRCsKNs tu7ddBatAvjuTCgA2w2bJacfBk1XxnsN7T25VvbeBln+dWMM8/MFPHBOHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP6KN/8wOWaFBVgdo1M5w360unEHMB8GA1UdIwQY MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4 LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARdqx3TJI SVScen1mmOl+2aINQY6dYY+SUGLrBTQbDUu/LWpwvkh/tgxPXkFJhmdpm0ix8fZW F3x9vRkrGn8FQPnSu/7GYxpRsKefQ92HvLo3QhRpkDqC+k98Kr/gxyKRzC2Gb7wv iqp4LmpdDI1ogovkNCIUJ0V/ID/nNXs8st8RvI6bRlwWL1zf4+7y3HDQtgQEA1oK G4Y+iSNLyOzA0N8GHzeNg1pSn8ukg83lnW8gaiNmIKu/1FfTPx8INsXK3iajKyaw prZb2wz1B6CeFiwofo5Mrhn4wVFSFHHBEjozecs9wNC81yTsNfpQsqpbii1KTkN0 cMPGa1qktuCGZQ== -----END CERTIFICATE-----Generated at Fri Dec 19 07:26:24 2025 by rpki-client