This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft File: so7x9PiCePTfGec-M4HOzXjgacE.mft (raw, json) Hash identifier: 1UGUXbS1SrGjJiqCHdQhb6nFTBGDUrNZfEhvB+6ykZs= Subject key identifier: 20:FF:4F:DF:C8:01:BA:D9:AA:0D:3E:EB:B8:6B:56:A3:B6:B3:16:A2 Authority key identifier: B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1 Certificate issuer: /CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1 Certificate serial: 019B3B6BADE92D616396F9A775CEBC0A9994 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft Manifest number: 0430 Signing time: Sat 20 Dec 2025 11:01:11 +0000 Manifest this update: Sat 20 Dec 2025 11:01:11 +0000 Manifest next update: Sun 21 Dec 2025 11:01:11 +0000 Files and hashes: 1: ZWC54UPrMHyZ6gth2IDDnRYsMDY.roa (hash: 4Yk1QA2QugshfW9geeysUTQ4Sub4Aja/bv1m3JJnrLU=) 2: so7x9PiCePTfGec-M4HOzXjgacE.crl (hash: 4myFOhDN6PUqjlkmmt83n+hvyRPeOTsIC8CpZn3p74w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:ad:e9:2d:61:63:96:f9:a7:75:ce:bc:0a:99:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1 Validity Not Before: Dec 20 11:01:11 2025 GMT Not After : Dec 21 11:01:11 2025 GMT Subject: CN=20ff4fdfc801bad9aa0d3eebb86b56a3b6b316a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:32:ca:12:d0:7b:83:24:d8:2e:7d:0f:50:30: 0c:35:da:2e:13:4a:de:b2:01:0b:09:dd:e1:05:eb: 90:54:af:69:23:5f:01:6b:f8:b0:ba:1e:ff:2b:86: d4:8a:9e:c5:f3:ea:13:6d:20:22:37:07:d8:b7:fc: 01:e7:4b:e0:04:08:fb:ca:b2:be:7d:58:e0:4e:33: 26:96:91:72:c5:58:ed:5a:d9:70:62:54:7a:1a:9b: f2:9d:41:cb:09:d4:4f:e9:58:3e:0a:9d:06:f3:39: fc:b3:5e:f7:7e:66:19:e8:f2:24:ae:cc:74:69:c2: a0:f7:8b:0a:6e:9b:1e:c8:81:30:a4:e4:fc:03:f3: 77:96:29:e3:ba:8d:98:17:24:95:2d:1f:bb:56:87: 02:9b:f0:6e:b0:70:39:d7:10:ce:4a:f1:4c:6f:3f: b0:a2:5a:ec:f4:48:23:7d:82:c8:00:48:09:1e:57: 21:41:1e:8f:dd:14:c2:67:89:05:d3:f5:6c:0c:ba: 0d:cc:a0:a4:a0:66:f5:8d:6a:24:b4:a0:b5:7b:8a: b6:0e:04:ce:50:f8:9b:31:c3:10:30:dc:49:05:21: 7c:06:f4:d9:6f:88:a6:85:75:f9:8c:26:82:98:55: dd:4b:8a:16:bf:56:09:84:5d:bc:c4:ab:03:3a:06: c1:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:FF:4F:DF:C8:01:BA:D9:AA:0D:3E:EB:B8:6B:56:A3:B6:B3:16:A2 X509v3 Authority Key Identifier: keyid:B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:cc:be:dd:5b:74:c4:41:90:35:05:b8:c7:7a:8b:c8:d6:51: 18:44:66:2a:91:98:01:2d:aa:5d:0a:21:ce:ad:9a:37:a0:ad: 30:57:53:6c:7e:37:89:9c:b8:94:cf:37:21:e6:fe:cf:d4:e5: ed:b7:07:20:a9:c0:36:1f:76:c1:e1:89:00:92:d3:ea:fa:d2: 65:90:29:41:40:59:ea:6d:f8:0e:69:7b:3f:5d:48:2a:0c:64: 3e:e9:66:e7:81:4f:35:ed:c8:2f:e5:16:34:46:37:c9:c4:5b: b2:1d:cb:c9:76:20:dc:62:08:a3:6c:03:5d:d0:88:6e:e1:d6: 84:bb:46:d8:77:a4:04:da:b0:fe:36:29:9f:36:bf:fe:8f:8f: 1c:d4:46:ec:4b:a4:ed:67:45:8d:27:bc:06:59:09:57:8e:9e: 8d:da:34:6c:6d:e0:2d:51:9a:d2:1f:f4:6d:02:bd:7e:da:15: 64:34:60:c1:aa:cd:9a:4e:37:26:4a:dc:0b:6f:db:96:a9:39: b2:bd:ac:d9:e0:d8:49:8e:6b:70:2d:a6:a8:8f:e8:6c:1f:57: c6:10:33:d4:0a:80:02:18:9a:ba:13:d4:58:55:36:a5:23:e5: d7:eb:14:bc:dd:ff:2f:7c:29:65:2d:ad:b8:81:62:c6:6f:4b: d2:07:6b:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7a63pLWFjlvmndc68CpmUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyOGVmMWY0Zjg4Mjc4ZjRkZjE5ZTczZTMzODFjZWNkNzhl MDY5YzEwHhcNMjUxMjIwMTEwMTExWhcNMjUxMjIxMTEwMTExWjAzMTEwLwYDVQQD EygyMGZmNGZkZmM4MDFiYWQ5YWEwZDNlZWJiODZiNTZhM2I2YjMxNmEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojLKEtB7gyTYLn0PUDAMNdouE0re sgELCd3hBeuQVK9pI18Ba/iwuh7/K4bUip7F8+oTbSAiNwfYt/wB50vgBAj7yrK+ fVjgTjMmlpFyxVjtWtlwYlR6GpvynUHLCdRP6Vg+Cp0G8zn8s173fmYZ6PIkrsx0 acKg94sKbpseyIEwpOT8A/N3linjuo2YFySVLR+7VocCm/BusHA51xDOSvFMbz+w olrs9EgjfYLIAEgJHlchQR6P3RTCZ4kF0/VsDLoNzKCkoGb1jWoktKC1e4q2DgTO UPibMcMQMNxJBSF8BvTZb4imhXX5jCaCmFXdS4oWv1YJhF28xKsDOgbBOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCD/T9/IAbrZqg0+67hrVqO2sxaiMB8GA1UdIwQY MBaAFLKO8fT4gnj03xnnPjOBzs144GnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQt OWVmMGE1OTkyN2IxLzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQtOWVmMGE1OTkyN2Ix LzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiMy+3Vt0 xEGQNQW4x3qLyNZRGERmKpGYAS2qXQohzq2aN6CtMFdTbH43iZy4lM83Ieb+z9Tl 7bcHIKnANh92weGJAJLT6vrSZZApQUBZ6m34Dml7P11IKgxkPulm54FPNe3IL+UW NEY3ycRbsh3LyXYg3GIIo2wDXdCIbuHWhLtG2HekBNqw/jYpnza//o+PHNRG7Euk 7WdFjSe8BlkJV46ejdo0bG3gLVGa0h/0bQK9ftoVZDRgwarNmk43JkrcC2/blqk5 sr2s2eDYSY5rcC2mqI/obB9XxhAz1AqAAhiauhPUWFU2pSPl1+sUvN3/L3wpZS2t uIFixm9L0gdr9g== -----END CERTIFICATE-----Generated at Sat Dec 20 12:33:40 2025 by rpki-client