This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft File: shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft (raw, json) Hash identifier: TZziwbwrd2OnNvhNgJFO/SYt9IJ+07U/vHKZROkAtj4= Subject key identifier: 58:F8:E4:7E:8B:3C:C0:8C:26:80:B1:32:06:05:84:20:4B:22:99:2D Authority key identifier: B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1 Certificate issuer: /CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1 Certificate serial: 019B421212DF64EA4046E72F9FBC99366736 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft Manifest number: 16F3 Signing time: Sun 21 Dec 2025 18:00:39 +0000 Manifest this update: Sun 21 Dec 2025 18:00:39 +0000 Manifest next update: Mon 22 Dec 2025 18:00:39 +0000 Files and hashes: 1: UkWKB7R6wSYKBpsuiwwV880UfCk.roa (hash: pQhrMKgkx/zqcMJYjMVoXY14ZtF5KkWfSepRK8YAXxs=) 2: shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl (hash: uNNKYvTjTauJJjwe5E+zQ5/Co33hfBrMSQKBdx6zFMo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:12:12:df:64:ea:40:46:e7:2f:9f:bc:99:36:67:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1 Validity Not Before: Dec 21 18:00:39 2025 GMT Not After : Dec 22 18:00:39 2025 GMT Subject: CN=58f8e47e8b3cc08c2680b132060584204b22992d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:30:6e:49:d6:5d:56:6a:64:87:e5:36:81:dc: ec:9c:1d:fc:b7:ea:77:80:af:a2:38:1c:5f:50:4e: 40:e0:d1:6b:19:88:ad:cf:b8:5f:db:b4:2d:b4:ae: e9:88:c3:95:3a:55:8e:1b:72:20:36:c7:e7:7d:0a: 43:08:55:1d:0a:b6:29:f0:6d:9a:9d:dd:b2:1f:f2: b8:08:e1:9a:24:fe:da:b5:7d:e0:cb:ad:e0:08:6c: 54:15:22:1e:23:11:9f:c0:c4:92:f6:c5:3b:89:1a: 8d:55:2f:98:c3:74:99:b0:61:b2:07:aa:80:65:25: 7c:82:be:a6:ad:91:2e:ff:82:25:f1:2c:3d:6c:3b: 93:79:5c:b9:bf:36:44:de:eb:33:a8:e0:3f:6d:fc: 73:bf:1a:d8:d0:8a:2b:41:15:f7:9e:40:41:a9:22: 6a:19:63:2c:4a:66:d9:07:bc:87:d3:11:8f:a5:48: 18:a4:86:26:dc:28:84:57:ec:0c:c4:94:ff:ea:f2: 20:75:c0:ff:ec:b9:a5:41:bd:24:d9:bd:64:be:66: 51:98:18:17:d4:77:a9:94:81:d2:93:35:b0:a3:2e: 2b:81:ec:80:66:42:5e:67:5c:09:0a:af:c1:09:23: d1:25:ab:32:e7:39:5a:32:73:de:54:5c:c8:d3:af: 83:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:F8:E4:7E:8B:3C:C0:8C:26:80:B1:32:06:05:84:20:4B:22:99:2D X509v3 Authority Key Identifier: keyid:B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:84:dd:de:39:aa:f3:eb:15:66:15:60:3d:44:76:3d:b5:e6: 8f:f9:8a:15:04:33:0e:05:38:d6:f8:8d:1a:22:7e:f2:eb:f1: 19:96:c8:d6:a8:25:9a:ff:2a:eb:0c:08:87:11:bf:25:fc:fe: 6f:48:ec:d4:80:5f:b8:4b:c7:01:00:e4:e4:c8:e6:1f:8e:3e: cc:25:ce:e7:38:4c:d3:f3:b3:b3:d0:46:73:dd:14:60:e2:ce: c8:8e:4c:d9:16:f3:a3:3b:87:7f:3e:b7:92:d3:60:61:68:9e: b3:83:4e:13:1b:50:e3:b0:c4:a4:87:5b:73:19:45:54:13:ad: 98:28:7a:c4:e7:49:e7:c3:8d:58:f9:52:5b:a5:de:e3:0a:4f: 52:a4:fa:47:33:48:3e:ef:ed:75:a4:55:40:3f:80:98:69:c0: 24:95:24:cf:4c:82:75:06:d5:2b:7a:91:6e:31:0c:02:ee:8a: e5:16:b1:82:5f:0a:9f:6f:39:22:56:ee:d7:55:bc:93:76:40: 01:f7:21:a7:17:7e:a3:c5:07:f7:51:5e:f1:ba:aa:5b:ac:f4: ea:ca:14:a0:21:67:b1:ca:de:c8:e0:72:30:62:e5:b4:76:20: 2e:cc:37:fd:19:ac:9e:8e:4b:01:45:26:f3:45:a0:c8:95:0a: 1d:dd:51:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCEhLfZOpARucvn7yZNmc2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMTVjZDhlNmRiMzU0NDE5ODRkOWM3ZGZjOWFmYjY1M2U1 NWRmZjEwHhcNMjUxMjIxMTgwMDM5WhcNMjUxMjIyMTgwMDM5WjAzMTEwLwYDVQQD Eyg1OGY4ZTQ3ZThiM2NjMDhjMjY4MGIxMzIwNjA1ODQyMDRiMjI5OTJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDBuSdZdVmpkh+U2gdzsnB38t+p3 gK+iOBxfUE5A4NFrGYitz7hf27QttK7piMOVOlWOG3IgNsfnfQpDCFUdCrYp8G2a nd2yH/K4COGaJP7atX3gy63gCGxUFSIeIxGfwMSS9sU7iRqNVS+Yw3SZsGGyB6qA ZSV8gr6mrZEu/4Il8Sw9bDuTeVy5vzZE3uszqOA/bfxzvxrY0IorQRX3nkBBqSJq GWMsSmbZB7yH0xGPpUgYpIYm3CiEV+wMxJT/6vIgdcD/7LmlQb0k2b1kvmZRmBgX 1HeplIHSkzWwoy4rgeyAZkJeZ1wJCq/BCSPRJasy5zlaMnPeVFzI06+DwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFj45H6LPMCMJoCxMgYFhCBLIpktMB8GA1UdIwQY MBaAFLIVzY5ts1RBmE2cffya+2U+Vd/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMt ZTk1MGQ4N2Y4ZTI1LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMtZTk1MGQ4N2Y4ZTI1 LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYTd3jmq 8+sVZhVgPUR2PbXmj/mKFQQzDgU41viNGiJ+8uvxGZbI1qglmv8q6wwIhxG/Jfz+ b0js1IBfuEvHAQDk5MjmH44+zCXO5zhM0/Ozs9BGc90UYOLOyI5M2RbzozuHfz63 ktNgYWies4NOExtQ47DEpIdbcxlFVBOtmCh6xOdJ58ONWPlSW6Xe4wpPUqT6RzNI Pu/tdaRVQD+AmGnAJJUkz0yCdQbVK3qRbjEMAu6K5Raxgl8Kn285Ilbu11W8k3ZA Afchpxd+o8UH91Fe8bqqW6z06soUoCFnscreyOByMGLltHYgLsw3/Rmsno5LAUUm 80WgyJUKHd1R/A== -----END CERTIFICATE-----Generated at Sun Dec 21 22:49:44 2025 by rpki-client