This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json) Hash identifier: oZ34q85fpzEgjL2QUYMTfxxhWQ57C/iT5ccGaBulpAU= Subject key identifier: CE:14:EA:8A:0F:46:31:9D:CE:AC:72:49:BA:AA:78:70:FC:5E:5C:EC Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3 Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3 Certificate serial: 019B619D3B30D3476E074D6B8C5C4AAFF61B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft Manifest number: 11EA Signing time: Sat 27 Dec 2025 21:00:52 +0000 Manifest this update: Sat 27 Dec 2025 21:00:52 +0000 Manifest next update: Sun 28 Dec 2025 21:00:52 +0000 Files and hashes: 1: U8GRHKScYdSNdnB2mr1xryjNCyA.roa (hash: gCSVLFeQA2Qb3RyGGtdWNAIaM4Y9u0sDXVDglP6HH5k=) 2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: adWAG7tv1OKt83/pf8XtiwetSKPm4xsr1VO9kHD+9Xs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:61:9d:3b:30:d3:47:6e:07:4d:6b:8c:5c:4a:af:f6:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3 Validity Not Before: Dec 27 21:00:52 2025 GMT Not After : Dec 28 21:00:52 2025 GMT Subject: CN=ce14ea8a0f46319dceac7249baaa7870fc5e5cec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:4a:29:b7:9f:ec:d7:b1:a7:e0:83:cc:51:ce: d4:d5:a9:49:a9:8b:2e:7e:7e:53:7a:05:52:c3:a7: 76:c2:69:b6:77:33:e6:f4:ea:17:16:2d:89:90:15: 19:64:79:a7:04:65:aa:e2:de:b7:f4:ed:ac:68:7b: cf:cc:b5:5c:07:2d:4e:9a:26:2b:43:9f:e8:18:ff: bb:b0:2b:1d:ee:86:da:29:76:85:bb:c7:86:fc:65: 44:e4:e4:54:5e:c8:6f:56:a0:d4:49:a3:66:6f:cc: 96:d6:64:c6:21:4d:7a:95:62:8b:c6:a6:ae:c6:c4: 5f:a7:bf:88:e3:32:df:be:a0:29:82:6d:63:a0:78: 34:d3:c0:72:40:65:7e:19:cf:60:2e:6b:c1:6b:32: b8:55:9f:a5:2f:75:d7:4e:3e:14:b5:f5:4e:61:c8: f2:f3:db:11:89:20:0b:9e:5f:f4:09:f9:fe:b2:56: 47:99:9b:06:32:eb:77:fb:b5:f4:4d:1c:8f:1d:6a: f3:a3:49:df:66:82:a0:b7:43:30:ba:ca:5c:40:a0: 4c:1d:43:6b:76:a1:64:4d:f5:26:a2:d6:8f:8c:08: 7d:cd:72:df:ae:8e:80:2e:4c:94:eb:dc:28:7c:62: d3:d7:73:8e:3e:b4:98:39:09:9e:e7:96:23:45:ea: 61:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:14:EA:8A:0F:46:31:9D:CE:AC:72:49:BA:AA:78:70:FC:5E:5C:EC X509v3 Authority Key Identifier: keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:0b:18:cc:aa:ad:b6:db:9a:16:b9:a9:0c:eb:e5:08:4f:74: 4e:86:79:df:f4:56:28:24:f9:5b:9c:26:e5:ae:c3:46:4a:84: 36:e1:9d:8c:f9:26:51:b8:17:e0:05:25:3d:f1:07:32:b9:95: 1a:d0:61:8a:8b:69:28:ff:39:fb:76:bb:de:66:e8:d5:6c:02: eb:62:45:23:b2:ff:25:88:07:bd:cf:14:11:45:f0:09:b0:82: 2f:ac:6a:23:e2:b0:86:2a:2c:62:dc:fd:49:67:aa:c7:f9:33: 98:54:23:e6:44:3a:3d:ea:db:9c:73:e8:4d:20:9f:d8:08:0a: 13:7b:c0:38:c4:b5:06:86:c9:ca:02:47:e7:f5:2f:dd:6b:65: 67:69:6a:75:11:b9:9b:36:1a:38:46:06:a6:91:cf:6d:e0:c2: 1a:d5:16:98:c1:85:73:8b:50:bb:64:00:e3:33:4d:da:64:e2: b4:c6:18:d4:c1:08:5c:f8:83:83:55:88:de:b1:9e:0c:18:4b: 84:37:8b:e3:0e:34:e4:fb:1c:34:d9:05:c3:ce:2b:2d:40:f9: 09:ad:03:55:cc:dd:97:62:49:f7:0b:23:a0:80:c6:bf:9b:37: cb:79:2e:12:b9:d9:90:3d:77:4d:4f:e6:4c:ef:e8:da:c9:85: 8c:77:a3:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZthnTsw00duB01rjFxKr/YbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0 NTI0ZjMwHhcNMjUxMjI3MjEwMDUyWhcNMjUxMjI4MjEwMDUyWjAzMTEwLwYDVQQD EyhjZTE0ZWE4YTBmNDYzMTlkY2VhYzcyNDliYWFhNzg3MGZjNWU1Y2VjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0opt5/s17Gn4IPMUc7U1alJqYsu fn5TegVSw6d2wmm2dzPm9OoXFi2JkBUZZHmnBGWq4t639O2saHvPzLVcBy1OmiYr Q5/oGP+7sCsd7obaKXaFu8eG/GVE5ORUXshvVqDUSaNmb8yW1mTGIU16lWKLxqau xsRfp7+I4zLfvqApgm1joHg008ByQGV+Gc9gLmvBazK4VZ+lL3XXTj4UtfVOYcjy 89sRiSALnl/0Cfn+slZHmZsGMut3+7X0TRyPHWrzo0nfZoKgt0MwuspcQKBMHUNr dqFkTfUmotaPjAh9zXLfro6ALkyU69wofGLT13OOPrSYOQme55YjRephpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM4U6ooPRjGdzqxySbqqeHD8XlzsMB8GA1UdIwQY MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOwsYzKqt ttuaFrmpDOvlCE90ToZ53/RWKCT5W5wm5a7DRkqENuGdjPkmUbgX4AUlPfEHMrmV GtBhiotpKP85+3a73mbo1WwC62JFI7L/JYgHvc8UEUXwCbCCL6xqI+KwhiosYtz9 SWeqx/kzmFQj5kQ6PerbnHPoTSCf2AgKE3vAOMS1BobJygJH5/Uv3WtlZ2lqdRG5 mzYaOEYGppHPbeDCGtUWmMGFc4tQu2QA4zNN2mTitMYY1MEIXPiDg1WI3rGeDBhL hDeL4w405PscNNkFw84rLUD5Ca0DVczdl2JJ9wsjoIDGv5s3y3kuErnZkD13TU/m TO/o2smFjHejxQ== -----END CERTIFICATE-----Generated at Sun Dec 28 03:16:52 2025 by rpki-client