This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft File: SS0kreN6IjOTKECddX1H-XlDt6A.mft (raw, json) Hash identifier: oJcmIYAWCCmnega0GWiqnKdnK4FSnsOkRwIwFFbuhSY= Subject key identifier: 30:7B:36:A9:D7:E2:B7:F6:7D:88:46:D4:DD:F4:E0:EB:CD:EE:BF:88 Authority key identifier: 49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0 Certificate issuer: /CN=492d24ade37a22339328409d757d47f97943b7a0 Certificate serial: 019B6DD84255843FCC7761C546286E8306AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft Manifest number: 0E9D Signing time: Tue 30 Dec 2025 06:00:47 +0000 Manifest this update: Tue 30 Dec 2025 06:00:47 +0000 Manifest next update: Wed 31 Dec 2025 06:00:47 +0000 Files and hashes: 1: BB5_8BhJDTnxTKWGMNqj5oXCwds.roa (hash: LuNPA32mjFH0EXTfiP4dDNt0mH4g6yoGsaPQD7tGC9s=) 2: SS0kreN6IjOTKECddX1H-XlDt6A.crl (hash: 9ASs6enj+03KqabT4+moFpjc6O26wgYzSIJM5z3gC6I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:d8:42:55:84:3f:cc:77:61:c5:46:28:6e:83:06:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=492d24ade37a22339328409d757d47f97943b7a0 Validity Not Before: Dec 30 06:00:47 2025 GMT Not After : Dec 31 06:00:47 2025 GMT Subject: CN=307b36a9d7e2b7f67d8846d4ddf4e0ebcdeebf88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:08:ef:36:91:5a:7e:7f:dc:d8:7a:a8:c7:44: fc:ab:a7:ee:d0:c7:be:9e:38:06:c9:a7:e3:d9:45: b2:0d:ee:d9:8d:81:c6:ed:15:3c:74:d1:6e:b0:5d: cf:eb:54:17:8d:3f:c2:18:0b:a0:c7:2e:88:32:de: cc:67:6b:5b:1b:f4:1f:87:a3:7e:f3:ac:bd:e5:71: d8:6a:78:fb:e3:da:68:af:ac:dc:ab:e4:fd:7b:b3: 85:31:81:ea:84:f6:7e:65:cd:5f:ee:d0:62:20:c9: ed:59:90:f2:fd:01:ed:71:73:8a:eb:a5:c5:5f:33: 75:21:49:3a:42:53:15:0e:c0:45:3f:05:44:eb:50: 90:de:3e:da:0d:e4:02:e3:90:b5:fc:64:35:7f:6a: e5:3e:d6:3f:29:e3:02:77:19:c3:fc:c3:f3:27:44: 74:b4:4e:54:a2:4e:50:89:90:e1:c9:fe:e7:12:03: 01:83:32:4c:09:72:57:78:78:6f:68:2b:d3:61:21: 25:91:e8:3c:1a:f9:72:10:35:68:57:33:c6:eb:e7: 46:81:91:46:d6:de:03:d2:da:43:bf:4c:fd:9b:21: e0:18:41:ac:ec:46:f6:63:f1:1e:28:81:9a:5a:ce: 3f:b8:97:be:bf:20:d4:e2:56:d0:55:d6:3b:f8:99: 0f:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:7B:36:A9:D7:E2:B7:F6:7D:88:46:D4:DD:F4:E0:EB:CD:EE:BF:88 X509v3 Authority Key Identifier: keyid:49:2D:24:AD:E3:7A:22:33:93:28:40:9D:75:7D:47:F9:79:43:B7:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SS0kreN6IjOTKECddX1H-XlDt6A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d8f845-6250-4df8-90c0-e24b579c9914/1/SS0kreN6IjOTKECddX1H-XlDt6A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:cb:65:52:d1:cd:f9:5e:2f:3f:b4:2d:b1:37:4b:40:c3:ea: 6e:db:df:f3:8f:f6:59:15:10:11:e8:15:e0:45:00:c7:20:74: 02:d3:ec:74:19:86:b6:87:64:9a:b9:aa:0e:ed:00:df:20:aa: d2:09:97:b0:6d:27:1d:60:df:9d:4d:01:5f:ac:d6:54:45:ad: c6:26:80:55:97:c5:94:57:66:ec:6e:9e:f6:45:13:1b:ca:67: ae:74:a7:da:20:ab:16:56:96:96:10:19:0c:06:11:a9:5d:6a: 55:db:9a:63:19:f2:f4:04:b8:df:30:c5:e0:19:6d:e3:68:58: 68:ca:92:c8:16:d7:82:a3:2b:74:da:a8:38:12:2d:7a:81:e8: c7:1a:82:4d:c1:1c:20:cf:40:e6:f2:bb:54:d1:04:e3:7a:b2: 32:34:6e:90:82:e2:b6:b0:96:7e:58:3a:7d:e7:04:40:62:ae: 49:d7:49:29:83:8b:16:46:76:a2:b6:75:58:30:66:e4:cc:5f: 04:ef:fb:96:9d:dc:c7:5a:f6:33:9d:f5:df:f8:cf:03:fc:7a: ac:e3:b8:60:39:54:9c:c6:50:1f:61:43:54:f9:a9:aa:21:be: 51:b1:bd:55:4f:5e:f2:9b:ae:96:a3:ef:4c:19:14:3a:83:ce: 42:6f:b0:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtt2EJVhD/Md2HFRihugwatMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5MmQyNGFkZTM3YTIyMzM5MzI4NDA5ZDc1N2Q0N2Y5Nzk0 M2I3YTAwHhcNMjUxMjMwMDYwMDQ3WhcNMjUxMjMxMDYwMDQ3WjAzMTEwLwYDVQQD EygzMDdiMzZhOWQ3ZTJiN2Y2N2Q4ODQ2ZDRkZGY0ZTBlYmNkZWViZjg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwjvNpFafn/c2Hqox0T8q6fu0Me+ njgGyafj2UWyDe7ZjYHG7RU8dNFusF3P61QXjT/CGAugxy6IMt7MZ2tbG/Qfh6N+ 86y95XHYanj749por6zcq+T9e7OFMYHqhPZ+Zc1f7tBiIMntWZDy/QHtcXOK66XF XzN1IUk6QlMVDsBFPwVE61CQ3j7aDeQC45C1/GQ1f2rlPtY/KeMCdxnD/MPzJ0R0 tE5Uok5QiZDhyf7nEgMBgzJMCXJXeHhvaCvTYSElkeg8GvlyEDVoVzPG6+dGgZFG 1t4D0tpDv0z9myHgGEGs7Eb2Y/EeKIGaWs4/uJe+vyDU4lbQVdY7+JkP6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDB7NqnX4rf2fYhG1N304OvN7r+IMB8GA1UdIwQY MBaAFEktJK3jeiIzkyhAnXV9R/l5Q7egMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAt ZTI0YjU3OWM5OTE0LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS9kOGY4NDUtNjI1MC00ZGY4LTkwYzAtZTI0YjU3OWM5OTE0 LzEvU1Mwa3JlTjZJak9US0VDZGRYMUgtWGxEdDZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMtlUtHN +V4vP7QtsTdLQMPqbtvf84/2WRUQEegV4EUAxyB0AtPsdBmGtodkmrmqDu0A3yCq 0gmXsG0nHWDfnU0BX6zWVEWtxiaAVZfFlFdm7G6e9kUTG8pnrnSn2iCrFlaWlhAZ DAYRqV1qVduaYxny9AS43zDF4Blt42hYaMqSyBbXgqMrdNqoOBIteoHoxxqCTcEc IM9A5vK7VNEE43qyMjRukILitrCWflg6fecEQGKuSddJKYOLFkZ2orZ1WDBm5Mxf BO/7lp3cx1r2M5313/jPA/x6rOO4YDlUnMZQH2FDVPmpqiG+UbG9VU9e8puulqPv TBkUOoPOQm+wjA== -----END CERTIFICATE-----Generated at Tue Dec 30 08:50:14 2025 by rpki-client