This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft File: cnS17iqgd4rxMENYIlrGflUXCog.mft (raw, json) Hash identifier: cFVEmJKcOnFrLq17iu5vwnss58FUKg+Z9R/iDtGBeYY= Subject key identifier: B2:E2:30:C6:BD:C2:82:2B:F7:42:B8:79:A0:60:EE:B8:A7:CD:00:C7 Authority key identifier: 72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88 Certificate issuer: /CN=7274b5ee2aa0778af1304358225ac67e55170a88 Certificate serial: 019B6DA1085F80797150488A2E5C04A50EB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft Manifest number: 0ACD Signing time: Tue 30 Dec 2025 05:00:28 +0000 Manifest this update: Tue 30 Dec 2025 05:00:28 +0000 Manifest next update: Wed 31 Dec 2025 05:00:28 +0000 Files and hashes: 1: Ck9V105I1WzILyho--HhjxtMhOo.roa (hash: n/nSiTnqvWrHsmL1agIClZLa+JDSNKpvkkGREC8GFbY=) 2: cnS17iqgd4rxMENYIlrGflUXCog.crl (hash: c+zY+objGiyWeZE6ev8BUlsfQu1m77KrzAQRz+Y+wg8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:a1:08:5f:80:79:71:50:48:8a:2e:5c:04:a5:0e:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7274b5ee2aa0778af1304358225ac67e55170a88 Validity Not Before: Dec 30 05:00:28 2025 GMT Not After : Dec 31 05:00:28 2025 GMT Subject: CN=b2e230c6bdc2822bf742b879a060eeb8a7cd00c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:10:e5:24:ff:24:80:90:60:af:82:95:65:cc: 42:18:84:7d:1f:06:c8:08:97:ec:ec:2c:6d:1f:f4: c2:d2:d0:4a:fa:4a:90:96:9a:a5:40:7d:05:22:6b: bc:98:e6:a9:b8:c5:19:60:0e:a7:71:42:48:3c:96: 43:6a:30:d2:e1:ce:8d:a6:fb:9e:10:17:a5:d3:16: 2b:56:c3:ec:be:e7:4d:21:a0:60:57:5c:f0:7e:86: 77:2a:72:45:cf:b2:33:f1:56:4b:82:59:2b:16:66: 8f:d2:06:ff:f7:68:1e:e5:81:2a:36:4c:ed:33:54: b4:03:50:f1:2a:4d:b1:a3:bc:50:45:c0:ff:17:fd: 74:4c:ab:74:e0:88:e5:d7:5c:a7:0e:49:88:a1:69: 38:91:c5:b4:82:a0:cc:99:33:3e:11:a9:47:a2:e1: c6:a0:ec:10:8d:c8:4a:01:49:f5:d3:de:96:f9:87: 24:68:da:47:b0:6e:a1:8e:19:10:a0:34:28:0a:72: 68:6d:6d:a9:71:2a:43:fe:39:ed:7f:51:ec:06:87: 54:5c:f6:90:ce:d0:1d:ff:60:19:3a:35:4c:7b:52: 4a:bb:3f:25:32:9c:9e:24:f0:dd:57:74:b1:2d:0c: 4f:74:15:bc:be:bc:a3:a5:29:99:36:b5:3c:af:51: 77:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:E2:30:C6:BD:C2:82:2B:F7:42:B8:79:A0:60:EE:B8:A7:CD:00:C7 X509v3 Authority Key Identifier: keyid:72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:fe:bf:b1:8b:b4:0a:ec:ba:08:ed:a9:de:cc:6e:35:27:90: bf:ff:ee:ee:74:28:76:c0:d0:35:85:fe:a4:42:af:6e:fd:1f: 53:f3:c7:26:b4:50:62:c4:2e:a7:9b:c9:19:b1:43:19:d3:99: 5c:89:63:57:68:34:e7:10:4c:eb:b4:9b:20:f1:14:84:a3:51: 1a:0d:b1:2f:0b:5e:46:62:92:8b:05:9e:8f:d5:6d:bd:71:80: dc:71:e7:44:9d:8d:b7:c6:9a:83:16:a2:d7:b0:f5:9c:9b:28: 62:79:95:55:a2:8b:7e:aa:33:15:73:9a:81:9c:6d:9c:ef:6b: 0b:9e:5f:62:93:e0:59:d4:93:83:07:59:fc:1b:c9:ee:ee:33: 89:53:79:97:50:b4:a0:5e:23:a4:ab:c0:14:4e:11:4b:63:19: e3:d2:ec:a5:08:fe:b1:6c:ef:46:df:0d:1c:e2:ea:f5:49:ff: fd:29:a4:4c:6f:78:55:72:a4:10:d4:79:91:c0:39:18:bb:f7: 35:fc:06:06:ec:89:6b:60:2f:d1:8a:28:05:09:8f:68:1b:10: 50:69:f5:a3:1f:45:78:c4:3d:f3:4a:9b:3b:4a:7d:38:44:40: 8a:5d:f1:37:ae:73:a8:3f:f6:0b:5b:01:f9:b1:f8:c8:2e:5c: a7:4d:35:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttoQhfgHlxUEiKLlwEpQ62MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNzRiNWVlMmFhMDc3OGFmMTMwNDM1ODIyNWFjNjdlNTUx NzBhODgwHhcNMjUxMjMwMDUwMDI4WhcNMjUxMjMxMDUwMDI4WjAzMTEwLwYDVQQD EyhiMmUyMzBjNmJkYzI4MjJiZjc0MmI4NzlhMDYwZWViOGE3Y2QwMGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxDlJP8kgJBgr4KVZcxCGIR9HwbI CJfs7CxtH/TC0tBK+kqQlpqlQH0FImu8mOapuMUZYA6ncUJIPJZDajDS4c6Npvue EBel0xYrVsPsvudNIaBgV1zwfoZ3KnJFz7Iz8VZLglkrFmaP0gb/92ge5YEqNkzt M1S0A1DxKk2xo7xQRcD/F/10TKt04Ijl11ynDkmIoWk4kcW0gqDMmTM+EalHouHG oOwQjchKAUn1096W+YckaNpHsG6hjhkQoDQoCnJobW2pcSpD/jntf1HsBodUXPaQ ztAd/2AZOjVMe1JKuz8lMpyeJPDdV3SxLQxPdBW8vryjpSmZNrU8r1F3HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLLiMMa9woIr90K4eaBg7rinzQDHMB8GA1UdIwQY MBaAFHJ0te4qoHeK8TBDWCJaxn5VFwqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMt NjllYmVkMTc4MTRhLzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMtNjllYmVkMTc4MTRh LzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATv6/sYu0 Cuy6CO2p3sxuNSeQv//u7nQodsDQNYX+pEKvbv0fU/PHJrRQYsQup5vJGbFDGdOZ XIljV2g05xBM67SbIPEUhKNRGg2xLwteRmKSiwWej9VtvXGA3HHnRJ2Nt8aagxai 17D1nJsoYnmVVaKLfqozFXOagZxtnO9rC55fYpPgWdSTgwdZ/BvJ7u4ziVN5l1C0 oF4jpKvAFE4RS2MZ49LspQj+sWzvRt8NHOLq9Un//SmkTG94VXKkENR5kcA5GLv3 NfwGBuyJa2Av0YooBQmPaBsQUGn1ox9FeMQ980qbO0p9OERAil3xN65zqD/2C1sB +bH4yC5cp001OQ== -----END CERTIFICATE-----Generated at Tue Dec 30 10:33:14 2025 by rpki-client