This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
File: shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft (raw, json)
Hash identifier: TZziwbwrd2OnNvhNgJFO/SYt9IJ+07U/vHKZROkAtj4=
Subject key identifier: 58:F8:E4:7E:8B:3C:C0:8C:26:80:B1:32:06:05:84:20:4B:22:99:2D
Authority key identifier: B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1
Certificate issuer: /CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
Certificate serial: 019B421212DF64EA4046E72F9FBC99366736
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
Manifest number: 16F3
Signing time: Sun 21 Dec 2025 18:00:39 +0000
Manifest this update: Sun 21 Dec 2025 18:00:39 +0000
Manifest next update: Mon 22 Dec 2025 18:00:39 +0000
Files and hashes: 1: UkWKB7R6wSYKBpsuiwwV880UfCk.roa (hash: pQhrMKgkx/zqcMJYjMVoXY14ZtF5KkWfSepRK8YAXxs=)
2: shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl (hash: uNNKYvTjTauJJjwe5E+zQ5/Co33hfBrMSQKBdx6zFMo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 22 Dec 2025 13:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:42:12:12:df:64:ea:40:46:e7:2f:9f:bc:99:36:67:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
Validity
Not Before: Dec 21 18:00:39 2025 GMT
Not After : Dec 22 18:00:39 2025 GMT
Subject: CN=58f8e47e8b3cc08c2680b132060584204b22992d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:30:6e:49:d6:5d:56:6a:64:87:e5:36:81:dc:
ec:9c:1d:fc:b7:ea:77:80:af:a2:38:1c:5f:50:4e:
40:e0:d1:6b:19:88:ad:cf:b8:5f:db:b4:2d:b4:ae:
e9:88:c3:95:3a:55:8e:1b:72:20:36:c7:e7:7d:0a:
43:08:55:1d:0a:b6:29:f0:6d:9a:9d:dd:b2:1f:f2:
b8:08:e1:9a:24:fe:da:b5:7d:e0:cb:ad:e0:08:6c:
54:15:22:1e:23:11:9f:c0:c4:92:f6:c5:3b:89:1a:
8d:55:2f:98:c3:74:99:b0:61:b2:07:aa:80:65:25:
7c:82:be:a6:ad:91:2e:ff:82:25:f1:2c:3d:6c:3b:
93:79:5c:b9:bf:36:44:de:eb:33:a8:e0:3f:6d:fc:
73:bf:1a:d8:d0:8a:2b:41:15:f7:9e:40:41:a9:22:
6a:19:63:2c:4a:66:d9:07:bc:87:d3:11:8f:a5:48:
18:a4:86:26:dc:28:84:57:ec:0c:c4:94:ff:ea:f2:
20:75:c0:ff:ec:b9:a5:41:bd:24:d9:bd:64:be:66:
51:98:18:17:d4:77:a9:94:81:d2:93:35:b0:a3:2e:
2b:81:ec:80:66:42:5e:67:5c:09:0a:af:c1:09:23:
d1:25:ab:32:e7:39:5a:32:73:de:54:5c:c8:d3:af:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F8:E4:7E:8B:3C:C0:8C:26:80:B1:32:06:05:84:20:4B:22:99:2D
X509v3 Authority Key Identifier:
keyid:B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:84:dd:de:39:aa:f3:eb:15:66:15:60:3d:44:76:3d:b5:e6:
8f:f9:8a:15:04:33:0e:05:38:d6:f8:8d:1a:22:7e:f2:eb:f1:
19:96:c8:d6:a8:25:9a:ff:2a:eb:0c:08:87:11:bf:25:fc:fe:
6f:48:ec:d4:80:5f:b8:4b:c7:01:00:e4:e4:c8:e6:1f:8e:3e:
cc:25:ce:e7:38:4c:d3:f3:b3:b3:d0:46:73:dd:14:60:e2:ce:
c8:8e:4c:d9:16:f3:a3:3b:87:7f:3e:b7:92:d3:60:61:68:9e:
b3:83:4e:13:1b:50:e3:b0:c4:a4:87:5b:73:19:45:54:13:ad:
98:28:7a:c4:e7:49:e7:c3:8d:58:f9:52:5b:a5:de:e3:0a:4f:
52:a4:fa:47:33:48:3e:ef:ed:75:a4:55:40:3f:80:98:69:c0:
24:95:24:cf:4c:82:75:06:d5:2b:7a:91:6e:31:0c:02:ee:8a:
e5:16:b1:82:5f:0a:9f:6f:39:22:56:ee:d7:55:bc:93:76:40:
01:f7:21:a7:17:7e:a3:c5:07:f7:51:5e:f1:ba:aa:5b:ac:f4:
ea:ca:14:a0:21:67:b1:ca:de:c8:e0:72:30:62:e5:b4:76:20:
2e:cc:37:fd:19:ac:9e:8e:4b:01:45:26:f3:45:a0:c8:95:0a:
1d:dd:51:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZtCEhLfZOpARucvn7yZNmc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTVjZDhlNmRiMzU0NDE5ODRkOWM3ZGZjOWFmYjY1M2U1
NWRmZjEwHhcNMjUxMjIxMTgwMDM5WhcNMjUxMjIyMTgwMDM5WjAzMTEwLwYDVQQD
Eyg1OGY4ZTQ3ZThiM2NjMDhjMjY4MGIxMzIwNjA1ODQyMDRiMjI5OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDBuSdZdVmpkh+U2gdzsnB38t+p3
gK+iOBxfUE5A4NFrGYitz7hf27QttK7piMOVOlWOG3IgNsfnfQpDCFUdCrYp8G2a
nd2yH/K4COGaJP7atX3gy63gCGxUFSIeIxGfwMSS9sU7iRqNVS+Yw3SZsGGyB6qA
ZSV8gr6mrZEu/4Il8Sw9bDuTeVy5vzZE3uszqOA/bfxzvxrY0IorQRX3nkBBqSJq
GWMsSmbZB7yH0xGPpUgYpIYm3CiEV+wMxJT/6vIgdcD/7LmlQb0k2b1kvmZRmBgX
1HeplIHSkzWwoy4rgeyAZkJeZ1wJCq/BCSPRJasy5zlaMnPeVFzI06+DwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFj45H6LPMCMJoCxMgYFhCBLIpktMB8GA1UdIwQY
MBaAFLIVzY5ts1RBmE2cffya+2U+Vd/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMt
ZTk1MGQ4N2Y4ZTI1LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMtZTk1MGQ4N2Y4ZTI1
LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYTd3jmq
8+sVZhVgPUR2PbXmj/mKFQQzDgU41viNGiJ+8uvxGZbI1qglmv8q6wwIhxG/Jfz+
b0js1IBfuEvHAQDk5MjmH44+zCXO5zhM0/Ozs9BGc90UYOLOyI5M2RbzozuHfz63
ktNgYWies4NOExtQ47DEpIdbcxlFVBOtmCh6xOdJ58ONWPlSW6Xe4wpPUqT6RzNI
Pu/tdaRVQD+AmGnAJJUkz0yCdQbVK3qRbjEMAu6K5Raxgl8Kn285Ilbu11W8k3ZA
Afchpxd+o8UH91Fe8bqqW6z06soUoCFnscreyOByMGLltHYgLsw3/Rmsno5LAUUm
80WgyJUKHd1R/A==
-----END CERTIFICATE-----
Generated at Sun Dec 21 22:49:44 2025 by rpki-client