This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft File: imgZHKtu8GsyKwsSSHhdSEpFJPM.mft (raw, json) Hash identifier: xh+/c8jYdnma7KZcGNXDbxgdZib8Je0a5pogbdqRszw= Subject key identifier: EB:CE:93:A4:DE:85:19:6D:74:AE:3F:C1:9E:14:13:DD:76:69:D1:BC Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3 Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3 Certificate serial: 019B522A4E2B6328BD8F6EBA5AEC05A7E198 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft Manifest number: 11E2 Signing time: Wed 24 Dec 2025 21:01:02 +0000 Manifest this update: Wed 24 Dec 2025 21:01:02 +0000 Manifest next update: Thu 25 Dec 2025 21:01:02 +0000 Files and hashes: 1: U8GRHKScYdSNdnB2mr1xryjNCyA.roa (hash: gCSVLFeQA2Qb3RyGGtdWNAIaM4Y9u0sDXVDglP6HH5k=) 2: imgZHKtu8GsyKwsSSHhdSEpFJPM.crl (hash: 2wU2DVon7A94baz2IkAea5bMy6XRIHQsU49c28NVrZM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 21:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:2a:4e:2b:63:28:bd:8f:6e:ba:5a:ec:05:a7:e1:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3 Validity Not Before: Dec 24 21:01:02 2025 GMT Not After : Dec 25 21:01:02 2025 GMT Subject: CN=ebce93a4de85196d74ae3fc19e1413dd7669d1bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0e:b0:1a:e6:f2:d2:48:1e:d5:8e:9a:d8:ab: d2:94:30:bf:16:92:fe:10:ca:78:ad:a5:2a:dd:09: 2d:d2:ab:c4:3e:ef:37:f7:e1:45:76:89:3c:f0:1a: e1:ec:5a:8c:ba:4b:26:9f:04:dd:9b:26:81:3e:15: d0:c5:18:24:71:15:ae:75:51:60:c2:05:10:bd:1a: d3:2c:d3:49:55:ab:52:ad:be:60:03:62:c6:96:91: fe:c3:94:df:b2:17:64:ae:c0:24:1e:bf:7b:cb:bd: 74:6b:a5:8e:34:a4:1d:9b:5c:23:14:c9:1b:bd:65: 76:bb:d1:07:b2:46:6b:db:bf:61:7a:b1:e4:69:21: e5:0d:d1:94:29:05:7d:4c:80:03:4b:71:74:a9:40: 58:97:0b:06:09:58:0e:a4:da:fd:a8:84:c3:f9:27: 61:d0:7e:3b:fb:c0:1f:f6:5a:0d:fd:fc:f5:00:3f: e1:e8:c8:eb:30:e1:14:ce:c9:b5:3d:f9:9b:69:07: 54:19:48:87:ba:59:c4:95:31:d9:4b:7b:a2:70:f3: 68:83:fc:31:f8:2c:54:29:a1:ff:c1:27:00:e7:a4: 31:6c:f5:3c:1a:32:0c:59:0d:bf:d9:35:9f:48:46: c7:2e:c1:d9:37:b1:31:4c:21:fa:27:b5:4b:ee:2c: 71:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:CE:93:A4:DE:85:19:6D:74:AE:3F:C1:9E:14:13:DD:76:69:D1:BC X509v3 Authority Key Identifier: keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:5a:ec:a5:a1:ca:45:a8:dd:41:ac:fe:d2:7d:5f:31:7a:83: 7a:47:91:0a:b3:67:6f:71:f4:8d:3c:c5:30:f2:7f:e3:7f:20: 30:73:33:32:21:37:35:51:dc:0c:fb:5d:53:2c:82:c2:8b:d1: 08:7a:53:87:c3:0d:2c:cd:b9:82:eb:39:0c:a3:6b:67:4c:28: cf:5e:1f:b2:b1:7b:90:f2:fe:d7:ce:6f:97:64:ff:4d:90:d4: e4:3d:21:b0:d7:2a:43:9f:b9:81:33:77:e8:d7:37:47:4e:9b: b0:75:37:b4:95:9d:49:92:3a:76:82:d0:b2:49:13:26:52:ef: 54:88:89:34:b4:7c:71:67:ca:35:a8:56:e4:03:f3:75:44:20: 23:aa:ca:7a:dc:fb:55:c6:2e:58:09:22:e9:6f:b4:4a:dc:d9: d5:22:8a:e9:2f:8c:47:45:28:8b:06:47:22:0e:06:3a:e1:bc: 35:77:1d:27:3b:2d:7d:b4:65:3c:12:7d:27:e2:12:5b:ef:2c: 00:a5:e0:5b:a3:7c:23:7f:d3:8a:2b:48:9b:4e:c6:6b:49:46: 83:86:5d:c9:e4:0c:f6:0d:aa:dd:69:9f:90:9f:e7:22:44:c2: e1:56:46:3f:4b:29:91:12:fb:63:be:6b:0d:b6:91:53:9e:3c: 55:fd:03:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSKk4rYyi9j266WuwFp+GYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0 NTI0ZjMwHhcNMjUxMjI0MjEwMTAyWhcNMjUxMjI1MjEwMTAyWjAzMTEwLwYDVQQD EyhlYmNlOTNhNGRlODUxOTZkNzRhZTNmYzE5ZTE0MTNkZDc2NjlkMWJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg6wGuby0kge1Y6a2KvSlDC/FpL+ EMp4raUq3Qkt0qvEPu839+FFdok88Brh7FqMuksmnwTdmyaBPhXQxRgkcRWudVFg wgUQvRrTLNNJVatSrb5gA2LGlpH+w5TfshdkrsAkHr97y710a6WONKQdm1wjFMkb vWV2u9EHskZr279herHkaSHlDdGUKQV9TIADS3F0qUBYlwsGCVgOpNr9qITD+Sdh 0H47+8Af9loN/fz1AD/h6MjrMOEUzsm1PfmbaQdUGUiHulnElTHZS3uicPNog/wx +CxUKaH/wScA56QxbPU8GjIMWQ2/2TWfSEbHLsHZN7ExTCH6J7VL7ixxmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOvOk6TehRltdK4/wZ4UE912adG8MB8GA1UdIwQY MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt OTcxMTdlZWI0ODkxLzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArVrspaHK RajdQaz+0n1fMXqDekeRCrNnb3H0jTzFMPJ/438gMHMzMiE3NVHcDPtdUyyCwovR CHpTh8MNLM25gus5DKNrZ0woz14fsrF7kPL+185vl2T/TZDU5D0hsNcqQ5+5gTN3 6Nc3R06bsHU3tJWdSZI6doLQskkTJlLvVIiJNLR8cWfKNahW5APzdUQgI6rKetz7 VcYuWAki6W+0StzZ1SKK6S+MR0UoiwZHIg4GOuG8NXcdJzstfbRlPBJ9J+ISW+8s AKXgW6N8I3/TiitIm07Ga0lGg4ZdyeQM9g2q3WmfkJ/nIkTC4VZGP0spkRL7Y75r DbaRU548Vf0DKQ== -----END CERTIFICATE-----Generated at Thu Dec 25 04:52:02 2025 by rpki-client