This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft File: S2MqdYtZMJ6GEInWVTruBnprNT8.mft (raw, json) Hash identifier: upxUEPh7fJzKDO3LYWC0v1d6vOIhX8/i6lVtrhrdWx8= Subject key identifier: 03:02:95:38:A5:1C:D1:E3:DC:E7:F3:6E:DE:E2:5A:83:4F:0E:7C:12 Authority key identifier: 4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F Certificate issuer: /CN=4b632a758b59309e861089d6553aee067a6b353f Certificate serial: 019B3DC76A46BE228A188928494E960F4A17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft Manifest number: 178A Signing time: Sat 20 Dec 2025 22:00:37 +0000 Manifest this update: Sat 20 Dec 2025 22:00:37 +0000 Manifest next update: Sun 21 Dec 2025 22:00:37 +0000 Files and hashes: 1: BFmKhRFnCi2AJyutOk-Yxml708c.roa (hash: 30fgE+QkDlz/nOmXI9WzL3BXCW8rLDMyhnps4H9jCSs=) 2: S2MqdYtZMJ6GEInWVTruBnprNT8.crl (hash: 8+VkoOQGuqt7gFFqHRH9aM+PgVJKyHWIbJWfN7ZCVQs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:6a:46:be:22:8a:18:89:28:49:4e:96:0f:4a:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b632a758b59309e861089d6553aee067a6b353f Validity Not Before: Dec 20 22:00:37 2025 GMT Not After : Dec 21 22:00:37 2025 GMT Subject: CN=03029538a51cd1e3dce7f36edee25a834f0e7c12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:d3:83:a6:50:67:2a:aa:62:37:73:0c:3b:fe: 73:7b:80:1b:eb:fc:b6:4c:a6:d7:46:2a:a4:91:68: 94:78:e7:47:1c:86:15:81:a6:04:d7:83:bf:7e:95: b2:27:05:b6:54:c4:cf:84:9b:36:f1:ec:d1:ad:c9: 59:bc:ba:08:04:27:ee:b3:a4:09:95:f9:cf:38:a7: b7:2e:7c:78:7c:79:be:8e:24:00:29:c8:28:07:15: 6a:d5:9a:50:54:33:1c:ce:7e:fb:ed:9a:62:93:44: 62:7b:f6:c4:0f:9b:63:d1:71:6d:e0:f3:fc:34:09: 8d:2f:ea:b6:87:d1:40:a8:af:02:11:b5:42:69:86: 5c:0f:3d:0a:a9:57:ca:5d:c4:b2:ce:5e:88:7f:2f: d9:63:d1:df:7f:b9:8a:60:c0:3f:bb:b7:32:34:f3: 44:a3:a3:07:d5:1d:3d:7c:37:1e:03:29:22:b1:b7: 3e:8f:3e:f6:d0:f7:f8:77:74:3b:7e:79:ea:f1:ff: d6:3e:61:3c:f1:2f:10:69:96:7e:09:5d:22:70:31: 62:69:7d:97:16:b3:4b:ee:7c:d8:b9:41:51:aa:4d: 11:a2:a8:fd:76:5a:b8:c2:27:d0:32:19:8f:72:7e: 8b:ba:44:f0:c1:74:f8:66:60:12:49:99:f2:68:c4: c9:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:02:95:38:A5:1C:D1:E3:DC:E7:F3:6E:DE:E2:5A:83:4F:0E:7C:12 X509v3 Authority Key Identifier: keyid:4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:eb:ff:87:b9:ea:ed:65:92:f0:0e:be:e0:2e:56:c7:36:91: 12:f6:56:e2:4e:f1:c8:29:a5:b4:f1:06:bb:5a:d6:9d:d6:de: 48:bc:e2:72:60:cf:d3:b4:a0:0c:5a:0b:c9:f6:5b:cc:ba:7c: 3e:71:52:7f:84:6e:13:f9:65:86:a6:4d:9e:ec:16:76:c6:b1: 56:93:f2:23:41:d9:dd:ea:cc:43:3f:bd:56:26:d4:1e:a8:03: c5:c8:ba:21:86:e2:7f:1c:eb:f9:58:32:95:59:a9:10:88:82: 90:70:60:e7:b0:69:af:a5:81:96:64:c4:3b:15:69:8d:3f:c7: 43:8f:c0:56:4a:88:41:31:11:69:95:ce:2b:18:07:1d:08:63: 9c:6b:38:b5:26:57:c4:05:cb:01:81:03:41:1b:06:8a:29:34: 0e:ae:e8:71:7b:8a:e7:b4:15:00:1f:e0:ec:60:43:75:b0:7f: 76:23:7d:2c:2b:39:da:7b:97:80:9e:5d:c4:b4:00:4d:c4:58: 26:05:4f:2b:9d:4b:9e:25:64:73:d0:fb:9c:77:f7:26:cd:d5: 03:d0:0b:1f:58:b6:03:79:7d:6e:bc:86:64:95:c5:39:fc:ea: 89:e8:10:47:82:0e:61:d8:b2:bf:38:9a:67:75:43:ab:7a:12: 51:5e:31:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x2pGviKKGIkoSU6WD0oXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNjMyYTc1OGI1OTMwOWU4NjEwODlkNjU1M2FlZTA2N2E2 YjM1M2YwHhcNMjUxMjIwMjIwMDM3WhcNMjUxMjIxMjIwMDM3WjAzMTEwLwYDVQQD EygwMzAyOTUzOGE1MWNkMWUzZGNlN2YzNmVkZWUyNWE4MzRmMGU3YzEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49ODplBnKqpiN3MMO/5ze4Ab6/y2 TKbXRiqkkWiUeOdHHIYVgaYE14O/fpWyJwW2VMTPhJs28ezRrclZvLoIBCfus6QJ lfnPOKe3Lnx4fHm+jiQAKcgoBxVq1ZpQVDMczn777Zpik0Rie/bED5tj0XFt4PP8 NAmNL+q2h9FAqK8CEbVCaYZcDz0KqVfKXcSyzl6Ify/ZY9Hff7mKYMA/u7cyNPNE o6MH1R09fDceAykisbc+jz720Pf4d3Q7fnnq8f/WPmE88S8QaZZ+CV0icDFiaX2X FrNL7nzYuUFRqk0Roqj9dlq4wifQMhmPcn6LukTwwXT4ZmASSZnyaMTJRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAMClTilHNHj3Ofzbt7iWoNPDnwSMB8GA1UdIwQY MBaAFEtjKnWLWTCehhCJ1lU67gZ6azU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMt OTRjMGIwYjc2MDI5LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMtOTRjMGIwYjc2MDI5 LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtev/h7nq 7WWS8A6+4C5WxzaREvZW4k7xyCmltPEGu1rWndbeSLzicmDP07SgDFoLyfZbzLp8 PnFSf4RuE/llhqZNnuwWdsaxVpPyI0HZ3erMQz+9VibUHqgDxci6IYbifxzr+Vgy lVmpEIiCkHBg57Bpr6WBlmTEOxVpjT/HQ4/AVkqIQTERaZXOKxgHHQhjnGs4tSZX xAXLAYEDQRsGiik0Dq7ocXuK57QVAB/g7GBDdbB/diN9LCs52nuXgJ5dxLQATcRY JgVPK51LniVkc9D7nHf3Js3VA9ALH1i2A3l9bryGZJXFOfzqiegQR4IOYdiyvzia Z3VDq3oSUV4xvg== -----END CERTIFICATE-----Generated at Sun Dec 21 00:14:07 2025 by rpki-client