This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft File: S2jh-6e0SntmYjayElPX1jYtDYM.mft (raw, json) Hash identifier: aAZ1BeTfqLcGYAjhmwfVknABflPffIixcZYT2eR077A= Subject key identifier: D7:22:67:74:11:B6:64:07:AD:E4:04:B8:3D:ED:54:1D:13:E5:F7:9C Authority key identifier: 4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83 Certificate issuer: /CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83 Certificate serial: 019B3E6D0AA279DEFD20AB4917E525633D84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft Manifest number: 04CE Signing time: Sun 21 Dec 2025 01:01:32 +0000 Manifest this update: Sun 21 Dec 2025 01:01:32 +0000 Manifest next update: Mon 22 Dec 2025 01:01:32 +0000 Files and hashes: 1: A3eZlYEypGjwef6ovVTvAMEG2Sc.roa (hash: itiiU42XBZajUxpH3eQ5BL8/j+cYwxjPvYG7bJxrjyA=) 2: S2jh-6e0SntmYjayElPX1jYtDYM.crl (hash: bmAXtK29eOHjSr+tkmpQJ8xb6rlXNeVJA5nIBz9x0Mc=) 3: ZioYOGsNfMxy07UlqgZrBgcTE4o.roa (hash: 4f3pcz2xE9Ywmo/wXO916PUITihDfuTfzvT55VS4uaY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.crl rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:0a:a2:79:de:fd:20:ab:49:17:e5:25:63:3d:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b68e1fba7b44a7b666236b21253d7d6362d0d83 Validity Not Before: Dec 21 01:01:32 2025 GMT Not After : Dec 22 01:01:32 2025 GMT Subject: CN=d722677411b66407ade404b83ded541d13e5f79c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:7c:21:e3:75:80:8f:07:d2:93:74:57:18:e1: 15:14:63:05:ef:a4:12:78:d3:1a:3a:74:b0:aa:d2: d6:03:5a:2d:1a:2d:74:a9:a7:77:be:d1:ef:63:a3: 3f:f9:1b:ed:a3:04:e9:df:8b:38:8c:23:67:58:8a: 5f:5f:37:e5:27:6f:20:14:e9:99:d5:22:40:83:43: b9:b8:36:f1:e3:b3:aa:84:87:64:39:c8:5b:a4:d0: 7b:39:06:fd:68:6c:05:a1:bd:6b:b3:00:93:7e:79: df:7a:c5:16:d9:da:93:09:5d:71:51:c0:37:ac:1c: c1:b0:81:72:2b:df:cb:0b:fe:4d:62:7b:b1:b1:bd: 2d:59:9f:89:4c:e1:9e:8b:f3:90:48:22:c3:c0:ba: f0:95:4a:6b:b9:5a:72:ac:37:27:5c:7f:37:99:e4: 79:36:53:99:aa:13:80:3c:2f:2d:03:fb:b6:c3:5b: f6:15:aa:16:ef:cd:50:30:65:f4:c4:c7:d4:c6:e2: ea:42:19:c6:6b:52:18:bd:42:9a:1c:20:39:ca:64: cf:00:58:31:e9:93:58:59:f7:92:d5:98:51:de:b4: 8d:df:bd:f4:6a:e8:ef:c3:83:e1:4e:4f:31:e1:cf: 23:5b:be:e0:76:79:e4:bb:df:58:a2:34:65:98:16: 0f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:22:67:74:11:B6:64:07:AD:E4:04:B8:3D:ED:54:1D:13:E5:F7:9C X509v3 Authority Key Identifier: keyid:4B:68:E1:FB:A7:B4:4A:7B:66:62:36:B2:12:53:D7:D6:36:2D:0D:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2jh-6e0SntmYjayElPX1jYtDYM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f14079-4114-4bec-879c-8b06ec564a1b/1/S2jh-6e0SntmYjayElPX1jYtDYM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:c5:bc:ed:d9:5a:19:ce:2f:f3:5c:18:55:0d:2e:40:a3:81: c9:42:81:1c:4e:87:b1:e7:ee:25:f2:39:33:3a:62:08:d5:9d: e1:1b:bc:f8:21:d8:f7:2d:21:69:f5:25:12:33:36:40:56:61: 22:25:05:74:86:8a:65:a5:e9:19:8d:f4:13:cd:63:db:e3:bb: 95:6d:41:93:2b:8e:73:29:2d:8c:23:bc:00:6f:b9:a9:ce:d6: a4:b4:cb:f2:8a:cc:a7:c5:00:f0:a9:d4:ba:97:f5:6a:0d:7a: bc:b7:48:bd:99:66:0b:7d:9f:0c:d1:ed:00:1e:7f:70:9f:d7: cb:bc:5b:a9:aa:33:86:1f:da:f9:f6:1b:f6:c8:3f:3c:f3:1b: 7e:1b:73:bf:ac:20:f6:c5:73:f4:85:c5:83:f9:39:4f:4d:3a: 8c:2a:23:82:a4:cf:3a:fc:9c:ba:5a:17:f8:e0:c7:d0:8c:c2: 58:4e:a3:50:92:6b:2d:98:9b:5b:c7:3d:13:ae:1a:3e:05:d5: dd:43:4b:49:e0:73:be:2d:08:4f:32:af:1f:f1:8a:58:fd:3c: 8f:d5:b4:f8:a8:24:87:0d:00:85:20:06:ca:69:f9:86:9a:49: b5:f1:f9:6e:60:d7:21:96:42:69:39:c2:08:e2:f0:77:74:fe: bd:21:13:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bQqied79IKtJF+UlYz2EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNjhlMWZiYTdiNDRhN2I2NjYyMzZiMjEyNTNkN2Q2MzYy ZDBkODMwHhcNMjUxMjIxMDEwMTMyWhcNMjUxMjIyMDEwMTMyWjAzMTEwLwYDVQQD EyhkNzIyNjc3NDExYjY2NDA3YWRlNDA0YjgzZGVkNTQxZDEzZTVmNzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHwh43WAjwfSk3RXGOEVFGMF76QS eNMaOnSwqtLWA1otGi10qad3vtHvY6M/+RvtowTp34s4jCNnWIpfXzflJ28gFOmZ 1SJAg0O5uDbx47OqhIdkOchbpNB7OQb9aGwFob1rswCTfnnfesUW2dqTCV1xUcA3 rBzBsIFyK9/LC/5NYnuxsb0tWZ+JTOGei/OQSCLDwLrwlUpruVpyrDcnXH83meR5 NlOZqhOAPC8tA/u2w1v2FaoW781QMGX0xMfUxuLqQhnGa1IYvUKaHCA5ymTPAFgx 6ZNYWfeS1ZhR3rSN3730aujvw4PhTk8x4c8jW77gdnnku99YojRlmBYPMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNciZ3QRtmQHreQEuD3tVB0T5fecMB8GA1UdIwQY MBaAFEto4funtEp7ZmI2shJT19Y2LQ2DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMt OGIwNmVjNTY0YTFiLzEvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9mMTQwNzktNDExNC00YmVjLTg3OWMtOGIwNmVjNTY0YTFi LzEvUzJqaC02ZTBTbnRtWWpheUVsUFgxall0RFlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATMW87dla Gc4v81wYVQ0uQKOByUKBHE6HsefuJfI5MzpiCNWd4Ru8+CHY9y0hafUlEjM2QFZh IiUFdIaKZaXpGY30E81j2+O7lW1BkyuOcyktjCO8AG+5qc7WpLTL8orMp8UA8KnU upf1ag16vLdIvZlmC32fDNHtAB5/cJ/Xy7xbqaozhh/a+fYb9sg/PPMbfhtzv6wg 9sVz9IXFg/k5T006jCojgqTPOvyculoX+ODH0IzCWE6jUJJrLZibW8c9E64aPgXV 3UNLSeBzvi0ITzKvH/GKWP08j9W0+Kgkhw0AhSAGymn5hppJtfH5bmDXIZZCaTnC COLwd3T+vSETRA== -----END CERTIFICATE-----Generated at Sun Dec 21 09:45:52 2025 by rpki-client