This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft File: SiHJG2O7vaiASnSfPWEOiyF_m3M.mft (raw, json) Hash identifier: Jq00j6VDcs2fY02ve52qupyAG2ZW/e3/dYqfQl2X6lc= Subject key identifier: F7:2C:B0:E2:0F:8F:A0:BA:AF:83:B7:BD:3E:42:57:F3:88:7A:61:EE Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73 Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73 Certificate serial: 019B4C966AD28B9F828DB54C72CD11A44911 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft Manifest number: 138E Signing time: Tue 23 Dec 2025 19:01:24 +0000 Manifest this update: Tue 23 Dec 2025 19:01:24 +0000 Manifest next update: Wed 24 Dec 2025 19:01:24 +0000 Files and hashes: 1: 1Z1yWNgRSnqR3pt5WlApDelQe4o.roa (hash: 7G52qXZFDFq0XDjJ+/lW8m4SCa70rkFS2r1Ec1zORA4=) 2: SiHJG2O7vaiASnSfPWEOiyF_m3M.crl (hash: llGt7EKPl8+y4HT5q8l1blxcsqmWgVmJBrxKbIgMvaY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 19:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:96:6a:d2:8b:9f:82:8d:b5:4c:72:cd:11:a4:49:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73 Validity Not Before: Dec 23 19:01:24 2025 GMT Not After : Dec 24 19:01:24 2025 GMT Subject: CN=f72cb0e20f8fa0baaf83b7bd3e4257f3887a61ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e2:ed:cd:6e:8d:a9:44:1c:b7:a6:e2:52:9e: e7:f2:ef:67:fb:48:74:90:f1:a4:8c:df:4f:9e:e4: 2e:ff:35:e6:df:46:ab:22:aa:24:78:de:d7:14:3d: 3b:cd:0b:02:da:a1:2c:ca:e6:5a:01:54:93:1f:e7: 52:80:81:b3:d5:db:93:11:ad:d2:0b:38:cc:ff:7e: 50:75:6f:16:fe:75:7a:d9:09:80:aa:a3:8d:56:50: 91:09:1e:15:e4:3f:83:b8:7c:22:be:4e:8e:35:e2: 6c:85:24:ab:8c:3d:f7:23:9b:50:d4:cf:83:7f:fe: ab:64:6e:01:15:c5:39:06:27:a0:f9:65:96:df:a9: 8f:ca:34:da:7c:20:92:a5:9a:e2:0e:53:cb:d9:9a: fb:87:1e:cb:ca:89:d6:89:d0:64:cd:6b:36:4b:a6: 16:59:7f:90:0f:35:28:86:c3:44:83:c0:41:7a:46: b8:73:e5:9f:db:8c:75:31:11:e6:f9:14:f3:99:9f: 26:59:9f:b9:6d:28:ca:94:47:b7:cd:f2:4a:b4:f7: 3d:6e:f6:e8:26:af:2a:81:30:58:82:20:84:f1:87: 0c:24:0d:64:26:d4:19:bc:99:23:48:ad:16:0a:87: 59:84:11:6b:33:f1:bb:bb:22:52:55:1a:aa:4d:7c: b7:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:2C:B0:E2:0F:8F:A0:BA:AF:83:B7:BD:3E:42:57:F3:88:7A:61:EE X509v3 Authority Key Identifier: keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:63:2a:1a:60:89:c5:99:64:dc:df:7f:ee:76:9d:3d:7f:2b: 69:8f:90:ab:fe:d0:06:90:3f:29:07:1a:a2:2a:10:9d:f8:9d: 36:14:e7:d6:52:c1:00:a2:2f:90:21:98:fc:db:f6:ae:24:09: 91:62:b6:bf:a5:18:ba:85:df:65:f1:b1:2c:63:ef:d8:e9:c2: 5a:bc:69:ff:85:a4:9e:16:5a:cf:bc:b8:04:08:af:65:08:9c: 5b:e5:d5:b1:32:7f:ed:50:f6:30:93:6a:03:8c:ec:4a:1d:b2: 10:7d:57:4c:11:6f:3e:d3:a8:ec:54:16:58:17:a4:40:81:da: 3b:ea:79:c1:e3:b5:17:55:db:d2:b8:b4:47:a4:1c:e5:65:c8: ce:58:63:15:5e:04:1d:06:3b:8d:1e:c2:28:6e:ed:89:94:86: aa:64:f0:57:e5:bd:4c:f7:bd:64:15:81:0b:9d:e5:ac:fa:72: f6:60:66:7b:63:c3:40:fc:8a:67:90:39:92:d3:cb:e6:61:bf: 40:98:b2:c3:b8:94:d7:6f:5f:d3:14:5c:89:26:98:bf:12:b8: d2:6a:53:1f:7a:27:54:59:09:b3:9a:c8:f5:f7:9a:f4:ad:ce: f5:a8:c5:cc:8b:a3:f2:1b:63:f7:3b:cf:c8:b5:cd:cd:4f:0e: b9:da:5d:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMlmrSi5+CjbVMcs0RpEkRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhMjFjOTFiNjNiYmJkYTg4MDRhNzQ5ZjNkNjEwZThiMjE3 ZjliNzMwHhcNMjUxMjIzMTkwMTI0WhcNMjUxMjI0MTkwMTI0WjAzMTEwLwYDVQQD EyhmNzJjYjBlMjBmOGZhMGJhYWY4M2I3YmQzZTQyNTdmMzg4N2E2MWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOLtzW6NqUQct6biUp7n8u9n+0h0 kPGkjN9PnuQu/zXm30arIqokeN7XFD07zQsC2qEsyuZaAVSTH+dSgIGz1duTEa3S CzjM/35QdW8W/nV62QmAqqONVlCRCR4V5D+DuHwivk6ONeJshSSrjD33I5tQ1M+D f/6rZG4BFcU5Bieg+WWW36mPyjTafCCSpZriDlPL2Zr7hx7LyonWidBkzWs2S6YW WX+QDzUohsNEg8BBeka4c+Wf24x1MRHm+RTzmZ8mWZ+5bSjKlEe3zfJKtPc9bvbo Jq8qgTBYgiCE8YcMJA1kJtQZvJkjSK0WCodZhBFrM/G7uyJSVRqqTXy3CwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPcssOIPj6C6r4O3vT5CV/OIemHuMB8GA1UdIwQY MBaAFEohyRtju72ogEp0nz1hDoshf5tzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQt NDdmYmU0YzRhNGZkLzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQtNDdmYmU0YzRhNGZk LzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUmMqGmCJ xZlk3N9/7nadPX8raY+Qq/7QBpA/KQcaoioQnfidNhTn1lLBAKIvkCGY/Nv2riQJ kWK2v6UYuoXfZfGxLGPv2OnCWrxp/4WknhZaz7y4BAivZQicW+XVsTJ/7VD2MJNq A4zsSh2yEH1XTBFvPtOo7FQWWBekQIHaO+p5weO1F1Xb0ri0R6Qc5WXIzlhjFV4E HQY7jR7CKG7tiZSGqmTwV+W9TPe9ZBWBC53lrPpy9mBme2PDQPyKZ5A5ktPL5mG/ QJiyw7iU129f0xRciSaYvxK40mpTH3onVFkJs5rI9fea9K3O9ajFzIuj8htj9zvP yLXNzU8OudpdFQ== -----END CERTIFICATE-----Generated at Wed Dec 24 01:58:39 2025 by rpki-client