This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft File: sdLmgf8j3d89UXhY4cZKHa0phyk.mft (raw, json) Hash identifier: 95LKBjqr8UVfVXW4wgfw4RItX3ID8Ei4iW6+XEibqI4= Subject key identifier: F8:28:0E:7D:3A:03:2D:FE:6D:B6:D4:F5:A5:41:95:35:EF:28:4B:A3 Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29 Certificate issuer: /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729 Certificate serial: 019B3E6D31F1A2D73A643A4CD75389FB7B3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft Manifest number: 15D6 Signing time: Sun 21 Dec 2025 01:01:42 +0000 Manifest this update: Sun 21 Dec 2025 01:01:42 +0000 Manifest next update: Mon 22 Dec 2025 01:01:42 +0000 Files and hashes: 1: hDoqXFR8UibPRuqFY2xn-m_-15I.roa (hash: qknu8HOpVZZ1hKraF3WMV/fgLgKt1U80KJN/d09ixdI=) 2: sdLmgf8j3d89UXhY4cZKHa0phyk.crl (hash: MUZ/hEkCeC7xkqS/Vadw4ZPjwuDBEmCBUSbF0XkHq9o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:31:f1:a2:d7:3a:64:3a:4c:d7:53:89:fb:7b:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729 Validity Not Before: Dec 21 01:01:42 2025 GMT Not After : Dec 22 01:01:42 2025 GMT Subject: CN=f8280e7d3a032dfe6db6d4f5a5419535ef284ba3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:c2:b9:fb:89:16:2f:95:f8:0e:b0:1b:a7:2b: ef:4e:4c:a8:7d:3c:ea:59:ad:aa:4d:55:da:d7:4a: cd:d7:6c:bc:c6:5a:e1:a0:2c:e5:06:e6:c5:37:4e: c6:6f:7d:13:82:7c:9d:9a:76:67:09:cc:f7:2e:4b: 89:91:56:10:ba:5b:d7:f4:aa:c2:56:96:46:14:38: cd:fa:c5:1c:12:4b:7f:a8:72:df:d1:d9:f1:a8:39: ed:be:31:71:cf:e9:4f:93:b1:51:63:e1:6a:b0:ad: 1f:a7:a8:fd:38:c9:e1:88:11:4c:a1:2f:0e:2c:fd: 07:e9:83:e0:70:d0:aa:71:17:58:33:c6:c7:9c:0a: 55:c0:3e:db:89:6f:d8:59:32:6a:78:21:c9:a5:db: f6:fc:a2:6d:21:37:7b:09:0b:61:a8:3d:ec:b8:8b: 1d:cf:47:18:18:c2:72:70:b8:cb:87:6b:fa:07:f9: de:a2:97:a1:2c:7b:94:15:0c:19:7b:9f:82:b0:7b: 8c:e6:36:7f:1a:b2:25:d9:c5:42:d5:f6:e1:41:ad: 16:57:1a:83:1a:5a:f5:d1:fa:9c:99:70:ab:31:94: ba:ea:67:99:f4:df:dd:d4:24:38:9b:69:99:f4:df: 4e:ff:b6:9b:8e:b1:69:ae:55:8d:1c:67:71:23:c9: b1:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:28:0E:7D:3A:03:2D:FE:6D:B6:D4:F5:A5:41:95:35:EF:28:4B:A3 X509v3 Authority Key Identifier: keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:27:ea:fa:1c:9b:55:b1:f6:c2:01:e8:4b:d4:90:36:7c:cb: 2f:fe:0f:50:72:8a:6e:d5:c4:6e:cd:7a:5f:17:da:94:77:62: 12:b1:96:28:3a:fb:cc:09:7e:c0:59:04:b7:5c:84:42:6d:56: 71:41:3c:0f:c6:b8:44:99:7e:f6:64:89:41:db:4a:1e:27:85: 0f:c9:19:43:b6:43:ab:39:1d:01:f2:29:44:71:7c:b7:e8:39: 29:13:ca:73:a1:0c:2e:1d:13:6e:0d:9c:6d:2f:8f:e4:c0:bb: c2:d1:ca:ce:58:ec:81:34:a3:d7:81:66:1b:ca:bf:bc:be:9e: a0:1d:b9:f8:c4:ca:96:27:11:8f:e9:65:7b:05:3b:da:4b:75: 04:b3:76:b1:6b:14:4a:31:b9:80:7e:37:1e:52:68:7b:f3:9b: 27:7b:b7:02:52:f9:bc:01:9a:81:73:69:73:7a:f9:4b:e2:57: f3:3d:84:15:ce:40:d0:07:09:93:ce:b4:fd:f8:e9:fe:aa:86: 09:7b:a3:62:85:c5:d1:8f:ec:5b:1b:8e:c4:3a:16:1e:ab:10: 5b:d4:4f:a6:9a:ca:ed:ce:61:ea:04:fb:0d:fb:05:7c:6e:92: 39:16:78:97:5a:a3:14:68:54:53:e8:77:9d:ee:a3:7c:67:25: 09:3b:cd:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bTHxotc6ZDpM11OJ+3s/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy OTg3MjkwHhcNMjUxMjIxMDEwMTQyWhcNMjUxMjIyMDEwMTQyWjAzMTEwLwYDVQQD EyhmODI4MGU3ZDNhMDMyZGZlNmRiNmQ0ZjVhNTQxOTUzNWVmMjg0YmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8K5+4kWL5X4DrAbpyvvTkyofTzq Wa2qTVXa10rN12y8xlrhoCzlBubFN07Gb30TgnydmnZnCcz3LkuJkVYQulvX9KrC VpZGFDjN+sUcEkt/qHLf0dnxqDntvjFxz+lPk7FRY+FqsK0fp6j9OMnhiBFMoS8O LP0H6YPgcNCqcRdYM8bHnApVwD7biW/YWTJqeCHJpdv2/KJtITd7CQthqD3suIsd z0cYGMJycLjLh2v6B/neopehLHuUFQwZe5+CsHuM5jZ/GrIl2cVC1fbhQa0WVxqD Glr10fqcmXCrMZS66meZ9N/d1CQ4m2mZ9N9O/7abjrFprlWNHGdxI8mxVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPgoDn06Ay3+bbbU9aVBlTXvKEujMB8GA1UdIwQY MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct NWE4MzYwZGVhM2EzLzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFifq+hyb VbH2wgHoS9SQNnzLL/4PUHKKbtXEbs16XxfalHdiErGWKDr7zAl+wFkEt1yEQm1W cUE8D8a4RJl+9mSJQdtKHieFD8kZQ7ZDqzkdAfIpRHF8t+g5KRPKc6EMLh0Tbg2c bS+P5MC7wtHKzljsgTSj14FmG8q/vL6eoB25+MTKlicRj+llewU72kt1BLN2sWsU SjG5gH43HlJoe/ObJ3u3AlL5vAGagXNpc3r5S+JX8z2EFc5A0AcJk860/fjp/qqG CXujYoXF0Y/sWxuOxDoWHqsQW9RPpprK7c5h6gT7DfsFfG6SORZ4l1qjFGhUU+h3 ne6jfGclCTvNYQ== -----END CERTIFICATE-----Generated at Sun Dec 21 07:40:07 2025 by rpki-client