This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft File: spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json) Hash identifier: Ai/OTPjm0zCBOapRaXuPrxwmQ/f0dEGZxGio4wozDsY= Subject key identifier: 2E:C6:1E:D2:6A:04:53:07:B0:B5:AD:F3:25:2C:E2:F6:24:2F:DB:F4 Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD Certificate issuer: /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead Certificate serial: 019B5D542EAFCBA6B5EA3A4BA3504F5EA021 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft Manifest number: 0E31 Signing time: Sat 27 Dec 2025 01:02:36 +0000 Manifest this update: Sat 27 Dec 2025 01:02:36 +0000 Manifest next update: Sun 28 Dec 2025 01:02:36 +0000 Files and hashes: 1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: w4uxbLLMrQaolIDu/8ZvV0g9R5iLl4odazTS4QSVDzw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:54:2e:af:cb:a6:b5:ea:3a:4b:a3:50:4f:5e:a0:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead Validity Not Before: Dec 27 01:02:36 2025 GMT Not After : Dec 28 01:02:36 2025 GMT Subject: CN=2ec61ed26a045307b0b5adf3252ce2f6242fdbf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:63:08:7a:73:c5:64:9f:9d:61:c5:54:98:23: 01:13:54:8c:f6:5f:5d:d2:a6:a3:e8:b3:ce:d7:00: 92:dd:4b:8c:65:cf:f8:0c:6f:81:dc:72:46:4f:c6: 8e:c2:1f:0e:61:c1:9e:3f:68:e7:c8:5f:55:ba:d7: 56:bc:71:d9:e8:13:70:a3:72:50:22:78:e2:0e:49: 05:e5:7c:1f:31:d1:40:1c:b3:36:b7:9f:4f:0d:13: b7:0d:d2:2a:57:83:e7:a2:7b:d0:fb:ae:92:9b:87: f4:f0:b5:a2:77:d4:17:ef:63:d6:60:83:f3:f7:4d: 5a:c5:f9:78:78:d7:20:23:e7:27:ca:fb:51:07:16: 36:52:12:17:6f:33:97:c8:ea:5a:61:c7:a4:14:e7: 36:d3:c0:29:b9:1c:dc:76:90:8a:c5:87:cf:a8:1d: 49:65:99:13:e0:2f:5c:7e:24:e8:85:48:20:9c:f9: 5a:ca:35:10:90:e7:28:45:95:93:ef:f6:3a:73:a3: 3d:fb:92:14:35:6d:11:aa:26:a0:7a:6b:1c:9c:36: c4:3d:52:18:69:c7:f6:1d:c2:38:9b:59:ec:3c:53: ad:c8:00:35:cd:6c:aa:ae:55:49:35:c5:da:7e:e6: f3:c1:5e:6a:b5:48:e6:48:47:38:1b:84:16:8b:64: ea:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:C6:1E:D2:6A:04:53:07:B0:B5:AD:F3:25:2C:E2:F6:24:2F:DB:F4 X509v3 Authority Key Identifier: keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:c8:da:58:89:84:49:d0:54:b0:ee:65:6c:a0:f8:47:07:c1: 62:dd:55:59:8e:bb:6c:ee:1c:a7:e3:b4:d7:ee:be:8a:be:18: ff:16:b7:d0:1d:a8:3c:45:16:0d:00:46:84:18:82:48:75:4e: bb:fb:f1:c5:06:0a:ab:40:8b:9e:1e:be:35:4f:eb:bc:55:69: a2:a9:46:d9:9b:d2:cb:1e:f2:16:f4:47:6f:58:22:61:e5:7b: ad:a6:c1:cf:85:02:33:c3:85:5f:20:b9:c3:c2:af:6a:80:b8: d3:18:55:58:32:5c:cd:a4:fe:18:ae:71:0d:02:ac:bc:49:d0: f9:c6:c6:66:77:64:5e:68:5b:33:3e:83:e1:00:88:40:c3:33: de:bf:d3:c9:af:f9:c0:1c:23:a4:98:a8:6e:0f:35:e2:5b:86: b3:f1:89:fa:25:ca:34:2a:72:e0:a3:30:7b:34:2e:79:c8:d6: 5d:b9:e3:1d:4d:8c:53:ee:5b:7c:d8:dc:42:45:48:6f:57:21: fe:25:0d:3b:dd:45:3f:42:eb:fb:38:ef:49:f2:6b:39:c6:60: 31:46:a0:6d:2a:5b:12:8b:58:4a:d9:ef:a3:e9:37:c9:70:95: c2:af:63:fa:f6:db:03:38:70:4e:4e:8a:8b:70:16:3a:ce:57: 4c:9f:47:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdVC6vy6a16jpLo1BPXqAhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm N2RlYWQwHhcNMjUxMjI3MDEwMjM2WhcNMjUxMjI4MDEwMjM2WjAzMTEwLwYDVQQD EygyZWM2MWVkMjZhMDQ1MzA3YjBiNWFkZjMyNTJjZTJmNjI0MmZkYmY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmMIenPFZJ+dYcVUmCMBE1SM9l9d 0qaj6LPO1wCS3UuMZc/4DG+B3HJGT8aOwh8OYcGeP2jnyF9VutdWvHHZ6BNwo3JQ InjiDkkF5XwfMdFAHLM2t59PDRO3DdIqV4PnonvQ+66Sm4f08LWid9QX72PWYIPz 901axfl4eNcgI+cnyvtRBxY2UhIXbzOXyOpaYcekFOc208ApuRzcdpCKxYfPqB1J ZZkT4C9cfiTohUggnPlayjUQkOcoRZWT7/Y6c6M9+5IUNW0RqiagemscnDbEPVIY acf2HcI4m1nsPFOtyAA1zWyqrlVJNcXafubzwV5qtUjmSEc4G4QWi2TqLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC7GHtJqBFMHsLWt8yUs4vYkL9v0MB8GA1UdIwQY MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8jaWImE SdBUsO5lbKD4RwfBYt1VWY67bO4cp+O01+6+ir4Y/xa30B2oPEUWDQBGhBiCSHVO u/vxxQYKq0CLnh6+NU/rvFVpoqlG2ZvSyx7yFvRHb1giYeV7rabBz4UCM8OFXyC5 w8KvaoC40xhVWDJczaT+GK5xDQKsvEnQ+cbGZndkXmhbMz6D4QCIQMMz3r/Tya/5 wBwjpJiobg814luGs/GJ+iXKNCpy4KMwezQuecjWXbnjHU2MU+5bfNjcQkVIb1ch /iUNO91FP0Lr+zjvSfJrOcZgMUagbSpbEotYStnvo+k3yXCVwq9j+vbbAzhwTk6K i3AWOs5XTJ9HYQ== -----END CERTIFICATE-----Generated at Sat Dec 27 05:39:28 2025 by rpki-client