This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft File: S2MqdYtZMJ6GEInWVTruBnprNT8.mft (raw, json) Hash identifier: Yqx963eTIkALxUg/HipOLCzQ1cpe5VS248qhA114g6A= Subject key identifier: 44:2A:3A:1A:D9:48:64:29:39:17:93:23:08:52:0D:1D:9E:EF:56:80 Authority key identifier: 4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F Certificate issuer: /CN=4b632a758b59309e861089d6553aee067a6b353f Certificate serial: 019B511749C8D2A75C84FBDCD90E56D93360 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft Manifest number: 1794 Signing time: Wed 24 Dec 2025 16:00:39 +0000 Manifest this update: Wed 24 Dec 2025 16:00:39 +0000 Manifest next update: Thu 25 Dec 2025 16:00:39 +0000 Files and hashes: 1: BFmKhRFnCi2AJyutOk-Yxml708c.roa (hash: 30fgE+QkDlz/nOmXI9WzL3BXCW8rLDMyhnps4H9jCSs=) 2: S2MqdYtZMJ6GEInWVTruBnprNT8.crl (hash: IYWMi5u2WI13u1017UERItv335ZXZgK2jx6mi8QwBRs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:17:49:c8:d2:a7:5c:84:fb:dc:d9:0e:56:d9:33:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b632a758b59309e861089d6553aee067a6b353f Validity Not Before: Dec 24 16:00:39 2025 GMT Not After : Dec 25 16:00:39 2025 GMT Subject: CN=442a3a1ad94864293917932308520d1d9eef5680 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:c5:49:a5:08:73:01:22:e7:d5:c3:73:2e:21: da:74:0e:ad:65:01:9e:77:dd:12:50:de:ad:8c:90: d0:ef:ff:6a:a7:35:bd:39:af:bc:55:de:0e:b8:f7: 10:1e:b7:b2:93:62:af:e6:3c:ea:d6:f1:e4:3f:4f: d3:f9:cf:eb:84:76:78:41:d0:66:38:56:90:9d:34: 6a:17:35:9c:9c:27:19:7a:96:02:86:04:09:02:4c: 19:de:bf:79:2c:ee:4c:df:4f:ed:2c:4e:d3:27:e9: 53:1f:ba:fd:6f:0f:71:f7:a3:cf:55:22:2b:ea:27: b9:ab:ba:79:35:03:c2:fe:71:26:ca:31:15:d2:2d: 68:ce:0a:1c:b1:5b:5d:0e:36:7f:46:d3:73:a3:c7: a2:d3:c2:c9:e9:9e:c6:5e:a8:86:d9:bc:95:16:18: 3c:24:dd:7d:ea:14:87:29:3b:35:04:6f:7f:37:27: 3c:6b:13:6a:7d:de:87:ad:91:4f:39:95:d4:cb:ef: 85:2a:57:3f:bc:d9:25:b2:1b:77:0d:c9:84:07:15: e3:1b:f3:da:b5:af:f5:f1:d8:65:49:ec:ce:96:b1: 2a:bc:b1:a6:6e:f4:2a:82:e5:97:dd:3d:af:89:33: e5:2e:b5:86:24:0f:43:01:68:1a:1d:b2:26:c8:73: 0a:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:2A:3A:1A:D9:48:64:29:39:17:93:23:08:52:0D:1D:9E:EF:56:80 X509v3 Authority Key Identifier: keyid:4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:77:01:86:b6:f6:a5:e5:3e:eb:79:f3:b5:91:b2:85:e6:54: da:23:1f:03:f8:eb:c3:9d:b9:a5:f8:a5:ee:21:d7:9e:1d:7b: e9:1f:a1:e4:2a:ad:54:09:92:9f:9a:ef:30:85:f0:1c:cb:94: a3:f3:aa:5d:95:d7:24:fd:8c:9e:a6:69:da:5b:37:e2:d7:19: e2:3d:c0:81:20:90:12:e0:0d:8b:30:15:23:85:ca:5b:28:fa: 00:e3:3b:1c:cf:ee:52:80:cf:f3:d9:b7:73:1b:d4:ed:0c:3a: 76:29:8d:87:63:15:71:f4:dd:21:d1:82:8a:dd:31:d9:20:cf: 0c:b2:b5:ed:b2:54:eb:d0:9b:8f:c4:10:93:1f:93:49:c5:64: 8e:d7:82:9f:cf:1f:50:ee:87:54:d6:10:29:9c:24:17:74:49: d0:49:10:56:bb:1b:b7:d9:d7:5f:01:54:b6:31:97:17:8e:83: 2e:b7:7a:d7:90:5e:c6:e2:70:99:d3:e6:13:b3:b3:4d:9c:0a: 8e:d3:60:5b:66:d8:4f:a4:73:aa:87:af:e8:05:95:b7:f4:fb: 26:30:19:77:c2:24:86:de:0c:13:40:13:5d:ad:8a:13:07:7a: 75:c2:d0:cb:92:ef:6c:72:88:72:5d:e3:9a:c5:ca:7a:d9:06: a1:96:f9:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRF0nI0qdchPvc2Q5W2TNgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNjMyYTc1OGI1OTMwOWU4NjEwODlkNjU1M2FlZTA2N2E2 YjM1M2YwHhcNMjUxMjI0MTYwMDM5WhcNMjUxMjI1MTYwMDM5WjAzMTEwLwYDVQQD Eyg0NDJhM2ExYWQ5NDg2NDI5MzkxNzkzMjMwODUyMGQxZDllZWY1NjgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cVJpQhzASLn1cNzLiHadA6tZQGe d90SUN6tjJDQ7/9qpzW9Oa+8Vd4OuPcQHreyk2Kv5jzq1vHkP0/T+c/rhHZ4QdBm OFaQnTRqFzWcnCcZepYChgQJAkwZ3r95LO5M30/tLE7TJ+lTH7r9bw9x96PPVSIr 6ie5q7p5NQPC/nEmyjEV0i1ozgocsVtdDjZ/RtNzo8ei08LJ6Z7GXqiG2byVFhg8 JN196hSHKTs1BG9/Nyc8axNqfd6HrZFPOZXUy++FKlc/vNklsht3DcmEBxXjG/Pa ta/18dhlSezOlrEqvLGmbvQqguWX3T2viTPlLrWGJA9DAWgaHbImyHMKyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEQqOhrZSGQpOReTIwhSDR2e71aAMB8GA1UdIwQY MBaAFEtjKnWLWTCehhCJ1lU67gZ6azU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMt OTRjMGIwYjc2MDI5LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMtOTRjMGIwYjc2MDI5 LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIHcBhrb2 peU+63nztZGyheZU2iMfA/jrw525pfil7iHXnh176R+h5CqtVAmSn5rvMIXwHMuU o/OqXZXXJP2MnqZp2ls34tcZ4j3AgSCQEuANizAVI4XKWyj6AOM7HM/uUoDP89m3 cxvU7Qw6dimNh2MVcfTdIdGCit0x2SDPDLK17bJU69Cbj8QQkx+TScVkjteCn88f UO6HVNYQKZwkF3RJ0EkQVrsbt9nXXwFUtjGXF46DLrd615BexuJwmdPmE7OzTZwK jtNgW2bYT6Rzqoev6AWVt/T7JjAZd8Ikht4ME0ATXa2KEwd6dcLQy5LvbHKIcl3j msXKetkGoZb5mA== -----END CERTIFICATE-----Generated at Wed Dec 24 21:48:38 2025 by rpki-client