This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.mft File: sEPmIf4QCXAfY2aEPAq8QeGAwUQ.mft (raw, json) Hash identifier: 5Fddk5ZnygaO4YgkOZRd6g42o0XcdEu0NNKbqX8NnHM= Subject key identifier: 3D:BB:1D:2F:49:67:F0:86:68:AE:96:A8:F0:7A:77:38:B9:58:75:AF Authority key identifier: B0:43:E6:21:FE:10:09:70:1F:63:66:84:3C:0A:BC:41:E1:80:C1:44 Certificate issuer: /CN=b043e621fe1009701f6366843c0abc41e180c144 Certificate serial: 019B3E6D0F29FB75917308B3DFC06679201E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.mft Manifest number: 0E70 Signing time: Sun 21 Dec 2025 01:01:33 +0000 Manifest this update: Sun 21 Dec 2025 01:01:33 +0000 Manifest next update: Mon 22 Dec 2025 01:01:33 +0000 Files and hashes: 1: HyPwmwNvj6CdMpZdefHGIg4yDzE.roa (hash: OXYxYv21hsNNqtBtEPFKc2/1/qoxMz48zojYmP3J5L8=) 2: sEPmIf4QCXAfY2aEPAq8QeGAwUQ.crl (hash: Ibxok2nmI9UsJqLbuw7IZhennkfXK6juwO6UJ8lhamw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.crl rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.mft rsync://rpki.ripe.net/repository/DEFAULT/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 01:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:0f:29:fb:75:91:73:08:b3:df:c0:66:79:20:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b043e621fe1009701f6366843c0abc41e180c144 Validity Not Before: Dec 21 01:01:33 2025 GMT Not After : Dec 22 01:01:33 2025 GMT Subject: CN=3dbb1d2f4967f08668ae96a8f07a7738b95875af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:a1:31:9d:7f:18:25:c5:37:22:e2:d4:c3:2c: 44:c0:b2:5b:81:ff:2a:5a:ad:35:5d:e4:ff:20:72: 85:e7:b4:3c:cd:17:46:12:d0:31:41:6c:55:6f:be: cb:16:55:4b:d0:91:12:f8:68:70:ee:33:ca:90:af: 30:e9:4d:8c:ee:50:f1:12:41:7c:8f:64:2d:ea:39: 1a:17:27:c5:f3:c9:5a:08:a4:d2:35:07:1a:96:9b: 34:d6:01:25:28:7a:5c:c4:60:f5:50:c2:3b:f4:9f: 6c:a2:fe:d8:fd:66:a3:a0:91:02:55:82:92:ef:2e: 7b:30:08:5d:ad:55:31:0f:24:ae:fb:68:34:b0:39: f9:76:3c:a2:64:10:30:e5:b8:88:21:ef:c6:29:0f: 52:25:12:57:74:0d:c0:47:1c:e3:fb:c4:c8:54:91: 3f:00:30:a4:62:e9:90:c0:66:1f:a6:f2:93:f6:4a: 46:b2:94:aa:a8:97:f3:50:8c:64:db:6a:ea:48:b8: 43:22:98:84:44:95:a9:ea:8a:7c:85:ed:31:1f:88: 2b:c1:41:8d:aa:2a:82:62:07:0d:69:0d:83:47:fc: 6f:04:b7:99:38:e3:a4:a2:a9:7f:23:04:09:59:f2: 9b:9e:1b:92:fd:1c:80:fc:a2:b2:e1:5b:2a:3b:91: a2:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:BB:1D:2F:49:67:F0:86:68:AE:96:A8:F0:7A:77:38:B9:58:75:AF X509v3 Authority Key Identifier: keyid:B0:43:E6:21:FE:10:09:70:1F:63:66:84:3C:0A:BC:41:E1:80:C1:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:e0:fc:a8:05:e2:cb:36:cc:b5:56:34:21:b4:af:86:d9:65: 90:55:c4:b9:a0:1a:38:53:b8:a2:12:b0:2d:a8:80:30:6d:0d: ce:f6:59:1c:d0:77:0a:e7:38:b2:7c:ce:7e:5b:45:97:85:28: 8f:b7:5a:75:aa:e1:41:ed:9d:b8:d5:2b:9c:e8:11:36:7e:96: cf:09:55:e1:6b:50:50:99:4e:36:24:02:c1:a9:02:c4:30:60: e4:93:80:c6:6a:8a:c2:69:09:b1:17:ee:04:d1:bb:23:db:0e: 3c:7b:54:18:f2:6a:a1:09:11:20:01:f9:d0:18:1b:c3:fd:5e: 82:ab:93:af:13:15:92:12:23:4a:57:c5:d7:9b:23:08:c1:be: e2:c4:3f:c4:10:06:f8:21:eb:c2:75:90:bc:b7:ee:eb:f7:65: 56:26:4e:d3:13:35:cd:80:68:f0:07:c8:c6:fb:98:30:db:0f: 2a:94:7c:9d:99:d8:51:74:65:a0:09:52:b3:3d:de:cd:63:a5: 8c:21:31:0b:01:79:de:21:6f:b8:67:f3:33:a8:c1:a1:dd:03: 99:4d:54:8e:4e:3d:dc:1f:ce:a9:f2:fb:e2:ff:4e:3a:27:a1: 67:18:6b:11:9f:f1:6e:66:b5:4c:45:bf:46:f9:de:3c:80:0a: 19:57:7a:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bQ8p+3WRcwiz38BmeSAeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwNDNlNjIxZmUxMDA5NzAxZjYzNjY4NDNjMGFiYzQxZTE4 MGMxNDQwHhcNMjUxMjIxMDEwMTMzWhcNMjUxMjIyMDEwMTMzWjAzMTEwLwYDVQQD EygzZGJiMWQyZjQ5NjdmMDg2NjhhZTk2YThmMDdhNzczOGI5NTg3NWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaExnX8YJcU3IuLUwyxEwLJbgf8q Wq01XeT/IHKF57Q8zRdGEtAxQWxVb77LFlVL0JES+Ghw7jPKkK8w6U2M7lDxEkF8 j2Qt6jkaFyfF88laCKTSNQcalps01gElKHpcxGD1UMI79J9sov7Y/WajoJECVYKS 7y57MAhdrVUxDySu+2g0sDn5djyiZBAw5biIIe/GKQ9SJRJXdA3ARxzj+8TIVJE/ ADCkYumQwGYfpvKT9kpGspSqqJfzUIxk22rqSLhDIpiERJWp6op8he0xH4grwUGN qiqCYgcNaQ2DR/xvBLeZOOOkoql/IwQJWfKbnhuS/RyA/KKy4VsqO5Gi3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD27HS9JZ/CGaK6WqPB6dzi5WHWvMB8GA1UdIwQY MBaAFLBD5iH+EAlwH2NmhDwKvEHhgMFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0VQbUlmNFFDWEFmWTJhRVBBcThRZUdBd1VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8zOTU2ODQtYzg3Mi00MjE3LWIyN2Mt OGI1ZWE2NjQ4MTc2LzEvc0VQbUlmNFFDWEFmWTJhRVBBcThRZUdBd1VRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC8zOTU2ODQtYzg3Mi00MjE3LWIyN2MtOGI1ZWE2NjQ4MTc2 LzEvc0VQbUlmNFFDWEFmWTJhRVBBcThRZUdBd1VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAheD8qAXi yzbMtVY0IbSvhtllkFXEuaAaOFO4ohKwLaiAMG0NzvZZHNB3Cuc4snzOfltFl4Uo j7dadarhQe2duNUrnOgRNn6WzwlV4WtQUJlONiQCwakCxDBg5JOAxmqKwmkJsRfu BNG7I9sOPHtUGPJqoQkRIAH50Bgbw/1egquTrxMVkhIjSlfF15sjCMG+4sQ/xBAG +CHrwnWQvLfu6/dlViZO0xM1zYBo8AfIxvuYMNsPKpR8nZnYUXRloAlSsz3ezWOl jCExCwF53iFvuGfzM6jBod0DmU1Ujk493B/OqfL74v9OOiehZxhrEZ/xbma1TEW/ RvnePIAKGVd6bg== -----END CERTIFICATE-----Generated at Sun Dec 21 10:35:05 2025 by rpki-client