This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft File: S8hY5QhWNUaEpdBKPsw1klgNVI0.mft (raw, json) Hash identifier: TsI2PC2wkuCTlr21e+e+9Hj3EGbF862al0O4Frdg3VU= Subject key identifier: B5:36:34:B9:BD:45:51:1D:FE:26:EF:B2:A4:14:3C:E7:80:69:04:DF Authority key identifier: 4B:C8:58:E5:08:56:35:46:84:A5:D0:4A:3E:CC:35:92:58:0D:54:8D Certificate issuer: /CN=4bc858e50856354684a5d04a3ecc3592580d548d Certificate serial: 019B3D90CA84FE66305AC56E69D10D07C20B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S8hY5QhWNUaEpdBKPsw1klgNVI0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft Manifest number: 0A46 Signing time: Sat 20 Dec 2025 21:00:57 +0000 Manifest this update: Sat 20 Dec 2025 21:00:57 +0000 Manifest next update: Sun 21 Dec 2025 21:00:57 +0000 Files and hashes: 1: 1kPYBeHFqZcRahwRlHXvuPvT0zI.roa (hash: qhycFEi6FwqVVERso5+P+dTV24QXX6z3cT56YMpxbXU=) 2: S8hY5QhWNUaEpdBKPsw1klgNVI0.crl (hash: /PI5RwRhYwPMV7pnBnN/JYipjlAM5J4cayXAM2MPh/A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.crl rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft rsync://rpki.ripe.net/repository/DEFAULT/S8hY5QhWNUaEpdBKPsw1klgNVI0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:ca:84:fe:66:30:5a:c5:6e:69:d1:0d:07:c2:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4bc858e50856354684a5d04a3ecc3592580d548d Validity Not Before: Dec 20 21:00:57 2025 GMT Not After : Dec 21 21:00:57 2025 GMT Subject: CN=b53634b9bd45511dfe26efb2a4143ce7806904df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:bc:c1:e3:fe:ab:cb:55:0f:5b:52:69:7d:91: d0:f4:ab:be:39:02:d7:85:fe:ef:00:19:e2:e7:1b: 32:ea:8a:8e:76:5b:4d:2f:d1:12:bd:96:b7:53:df: d8:9f:12:e8:3d:db:71:e2:b6:bd:4f:d3:35:6c:79: 85:61:98:44:7e:0b:62:b2:49:ef:83:eb:01:77:ca: 2c:da:fd:0c:2d:dd:c3:f2:74:16:62:08:a1:15:1d: ec:3d:4e:fa:d8:1d:7c:65:4e:61:15:91:d1:94:7b: 87:57:68:03:85:21:fb:3d:87:f6:9a:c7:62:e3:f5: af:0c:0e:6c:e8:3e:44:85:29:5d:60:70:cd:04:9f: 53:3f:e7:53:33:6b:83:8b:de:2c:46:bb:01:da:10: fe:29:b3:c0:87:7b:cd:02:38:8d:04:b8:44:4a:c4: 0a:77:4b:4e:94:77:f9:33:47:84:59:11:97:ae:36: 00:34:7f:80:38:63:f7:4f:36:04:ca:1d:0e:65:33: 5e:eb:d3:a4:e6:d1:fc:d7:f0:61:a1:08:be:6b:14: 8e:fa:4f:3d:cb:88:c9:38:ba:02:1f:27:67:e2:de: f6:7f:b7:c7:11:e9:ab:76:3f:91:75:18:ea:06:fa: 75:86:e4:f1:7d:02:bf:63:2a:22:4d:63:3f:7b:19: 2a:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:36:34:B9:BD:45:51:1D:FE:26:EF:B2:A4:14:3C:E7:80:69:04:DF X509v3 Authority Key Identifier: keyid:4B:C8:58:E5:08:56:35:46:84:A5:D0:4A:3E:CC:35:92:58:0D:54:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8hY5QhWNUaEpdBKPsw1klgNVI0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/267966-f039-4174-810d-3f4ef81a2e53/1/S8hY5QhWNUaEpdBKPsw1klgNVI0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:14:43:a0:f0:3b:1b:62:44:55:a2:f1:44:6a:c1:fd:0e:fe: 24:b2:09:b9:f3:0b:3d:25:6e:0d:32:a2:b6:bb:c2:f6:26:9f: 8b:63:14:51:95:bf:68:bc:21:b9:84:38:14:07:c2:c6:71:96: 77:8b:ef:b6:36:a7:a1:04:5e:5f:56:0e:da:28:4c:0f:01:f0: 9e:29:f1:16:6b:e4:87:58:52:70:f2:58:4c:0d:40:65:a2:e2: 07:64:70:91:9f:e5:3c:2c:b3:48:01:60:45:3a:e0:a4:71:1b: d2:48:46:20:c2:1b:3b:c9:9a:bb:f1:6d:4a:37:9f:99:f1:70: f6:3a:38:71:8c:27:64:15:7c:5a:c1:99:d7:6d:91:62:78:99: d3:41:1e:ba:b6:ef:fb:fc:c6:74:c2:41:21:a2:7a:56:08:0a: 2e:bf:6f:cb:c6:3f:de:49:30:3c:3f:c7:c3:a1:d8:23:a9:6c: 40:35:c0:3b:3b:85:38:43:3a:e8:bf:47:d7:b3:c6:0e:9a:ea: a4:d8:43:f9:e3:2b:44:a6:d7:f8:bd:1f:a5:96:85:af:01:56: 3c:84:e4:8f:af:c2:c0:5a:ed:af:c3:c1:dc:57:6f:51:b3:32: 8e:60:3a:73:80:47:1a:26:e2:0c:ce:fc:26:05:fa:7f:01:35: 34:9f:af:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kMqE/mYwWsVuadENB8ILMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiYzg1OGU1MDg1NjM1NDY4NGE1ZDA0YTNlY2MzNTkyNTgw ZDU0OGQwHhcNMjUxMjIwMjEwMDU3WhcNMjUxMjIxMjEwMDU3WjAzMTEwLwYDVQQD EyhiNTM2MzRiOWJkNDU1MTFkZmUyNmVmYjJhNDE0M2NlNzgwNjkwNGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bzB4/6ry1UPW1JpfZHQ9Ku+OQLX hf7vABni5xsy6oqOdltNL9ESvZa3U9/YnxLoPdtx4ra9T9M1bHmFYZhEfgtisknv g+sBd8os2v0MLd3D8nQWYgihFR3sPU762B18ZU5hFZHRlHuHV2gDhSH7PYf2msdi 4/WvDA5s6D5EhSldYHDNBJ9TP+dTM2uDi94sRrsB2hD+KbPAh3vNAjiNBLhESsQK d0tOlHf5M0eEWRGXrjYANH+AOGP3TzYEyh0OZTNe69Ok5tH81/BhoQi+axSO+k89 y4jJOLoCHydn4t72f7fHEemrdj+RdRjqBvp1huTxfQK/YyoiTWM/exkqEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLU2NLm9RVEd/ibvsqQUPOeAaQTfMB8GA1UdIwQY MBaAFEvIWOUIVjVGhKXQSj7MNZJYDVSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzhoWTVRaFdOVWFFcGRCS1BzdzFrbGdOVkkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yNjc5NjYtZjAzOS00MTc0LTgxMGQt M2Y0ZWY4MWEyZTUzLzEvUzhoWTVRaFdOVWFFcGRCS1BzdzFrbGdOVkkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8yNjc5NjYtZjAzOS00MTc0LTgxMGQtM2Y0ZWY4MWEyZTUz LzEvUzhoWTVRaFdOVWFFcGRCS1BzdzFrbGdOVkkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGxRDoPA7 G2JEVaLxRGrB/Q7+JLIJufMLPSVuDTKitrvC9iafi2MUUZW/aLwhuYQ4FAfCxnGW d4vvtjanoQReX1YO2ihMDwHwninxFmvkh1hScPJYTA1AZaLiB2RwkZ/lPCyzSAFg RTrgpHEb0khGIMIbO8mau/FtSjefmfFw9jo4cYwnZBV8WsGZ122RYniZ00Eeurbv +/zGdMJBIaJ6VggKLr9vy8Y/3kkwPD/Hw6HYI6lsQDXAOzuFOEM66L9H17PGDprq pNhD+eMrRKbX+L0fpZaFrwFWPITkj6/CwFrtr8PB3FdvUbMyjmA6c4BHGibiDM78 JgX6fwE1NJ+v7Q== -----END CERTIFICATE-----Generated at Sun Dec 21 04:04:25 2025 by rpki-client