This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft File: sd-OADfxroL3viI1rmEsQBD2_pE.mft (raw, json) Hash identifier: Qai+vRa4fZCzxqyBEs/8TN3bkO1n/RSiIKAHdygUwTI= Subject key identifier: E9:51:4F:C8:24:44:0F:7F:AA:B6:72:E5:7C:3F:B4:EE:B8:1F:5C:F6 Authority key identifier: B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91 Certificate issuer: /CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91 Certificate serial: 019B4702833F0836CF8F99EECBDA36B59DA2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft Manifest number: 02A3 Signing time: Mon 22 Dec 2025 17:01:45 +0000 Manifest this update: Mon 22 Dec 2025 17:01:45 +0000 Manifest next update: Tue 23 Dec 2025 17:01:45 +0000 Files and hashes: 1: GdRMKH6WdmmVubPmURRtVnS8GV8.roa (hash: gQYTKVfews/6lfRAQlloM0LgEpj91iqOXwXozcwIpNc=) 2: sd-OADfxroL3viI1rmEsQBD2_pE.crl (hash: MOWp85RYq3/zYOwQszNBsCfYMtGfL3UBLz81xVBUK4M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:02:83:3f:08:36:cf:8f:99:ee:cb:da:36:b5:9d:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91 Validity Not Before: Dec 22 17:01:45 2025 GMT Not After : Dec 23 17:01:45 2025 GMT Subject: CN=e9514fc824440f7faab672e57c3fb4eeb81f5cf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:fe:17:e5:50:be:fa:cc:66:93:e4:67:87:b4: d0:56:32:d9:79:71:a8:30:8e:6b:3f:48:0f:44:f9: c2:8d:c6:fc:23:e0:c2:3b:09:25:30:5b:0f:fa:25: 3f:ec:3b:a7:3f:34:bb:04:49:5b:09:ff:ad:de:30: 8e:93:7f:8e:a1:85:ef:57:da:b7:b4:f3:b6:f8:b9: 91:61:d1:ea:f0:9e:68:d4:14:d9:98:1e:56:ef:7a: 95:60:6d:43:1e:75:c3:3e:a7:08:8c:7d:d7:2d:94: dd:12:3d:e4:05:a2:9e:b8:41:48:b3:6b:7c:44:1b: c6:ff:a8:9d:33:ec:7e:d8:ca:e6:d6:fb:55:da:08: 3d:4d:f7:a8:c9:61:7d:63:93:b9:23:d4:f7:d4:87: 0e:9f:29:49:fd:58:15:54:12:b9:b2:b4:14:dd:f0: 86:4e:23:70:60:16:79:fc:8e:ab:bf:24:d3:b4:74: 43:b5:63:e7:6f:9c:29:e8:55:2d:66:dc:fc:ef:e5: dd:a9:e0:71:dd:0d:99:4b:e8:20:4d:ad:ba:5e:c1: 7b:0a:c1:57:54:ec:2f:51:e0:5f:4f:ac:7e:28:b7: 50:f4:46:78:25:d9:36:1d:35:d5:88:3e:9f:ae:4c: 55:e4:b8:36:56:47:f2:95:ca:e8:b1:1d:a4:c2:36: eb:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:51:4F:C8:24:44:0F:7F:AA:B6:72:E5:7C:3F:B4:EE:B8:1F:5C:F6 X509v3 Authority Key Identifier: keyid:B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:09:3f:04:32:ce:0a:df:68:31:b8:0b:ec:e2:3e:1b:4f:6d: 15:63:bd:52:1e:7f:98:c7:87:0d:8a:78:80:58:82:30:6e:70: 25:00:e9:65:de:5a:90:04:34:43:dd:55:7d:89:03:9e:a4:a9: fe:41:f0:8d:ee:88:b3:6e:73:af:5b:4a:64:ea:08:dd:e7:a3: ca:23:3f:8d:02:ec:ad:dc:5c:e4:a1:6d:24:21:59:2e:6d:3f: eb:50:57:1e:cc:9f:dc:24:bb:5b:8d:3d:0c:59:22:d3:df:05: 20:19:70:83:f5:e2:20:70:af:e9:38:71:d8:fb:d6:81:b1:e4: 52:c9:86:88:2a:74:a1:92:c5:ef:b0:f2:9f:26:78:63:57:4b: 0b:fb:2e:09:04:40:c9:37:e0:61:13:33:23:8b:50:2f:00:08: 41:c1:12:44:58:ac:e1:2d:46:58:b4:55:91:4e:09:fb:80:54: f1:57:ff:8b:c5:b4:49:c4:f2:c4:74:69:9e:58:02:51:8c:37: fb:e6:d5:95:0d:28:e2:20:16:18:d2:78:3c:bf:fc:50:73:7d: ad:5a:24:64:b1:f7:9b:77:56:45:c2:04:d7:8a:1d:df:b7:77: bb:c1:76:c1:85:9d:53:b6:05:1d:18:58:13:86:bc:66:59:0b: 44:b3:de:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHAoM/CDbPj5nuy9o2tZ2iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZGY4ZTAwMzdmMWFlODJmN2JlMjIzNWFlNjEyYzQwMTBm NmZlOTEwHhcNMjUxMjIyMTcwMTQ1WhcNMjUxMjIzMTcwMTQ1WjAzMTEwLwYDVQQD EyhlOTUxNGZjODI0NDQwZjdmYWFiNjcyZTU3YzNmYjRlZWI4MWY1Y2Y2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf4X5VC++sxmk+Rnh7TQVjLZeXGo MI5rP0gPRPnCjcb8I+DCOwklMFsP+iU/7DunPzS7BElbCf+t3jCOk3+OoYXvV9q3 tPO2+LmRYdHq8J5o1BTZmB5W73qVYG1DHnXDPqcIjH3XLZTdEj3kBaKeuEFIs2t8 RBvG/6idM+x+2Mrm1vtV2gg9TfeoyWF9Y5O5I9T31IcOnylJ/VgVVBK5srQU3fCG TiNwYBZ5/I6rvyTTtHRDtWPnb5wp6FUtZtz87+XdqeBx3Q2ZS+ggTa26XsF7CsFX VOwvUeBfT6x+KLdQ9EZ4Jdk2HTXViD6frkxV5Lg2VkfylcrosR2kwjbrWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOlRT8gkRA9/qrZy5Xw/tO64H1z2MB8GA1UdIwQY MBaAFLHfjgA38a6C974iNa5hLEAQ9v6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEt MTljYTUwY2YzNGFiLzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEtMTljYTUwY2YzNGFi LzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjgk/BDLO Ct9oMbgL7OI+G09tFWO9Uh5/mMeHDYp4gFiCMG5wJQDpZd5akAQ0Q91VfYkDnqSp /kHwje6Is25zr1tKZOoI3eejyiM/jQLsrdxc5KFtJCFZLm0/61BXHsyf3CS7W409 DFki098FIBlwg/XiIHCv6Thx2PvWgbHkUsmGiCp0oZLF77DynyZ4Y1dLC/suCQRA yTfgYRMzI4tQLwAIQcESRFis4S1GWLRVkU4J+4BU8Vf/i8W0ScTyxHRpnlgCUYw3 ++bVlQ0o4iAWGNJ4PL/8UHN9rVokZLH3m3dWRcIE14od37d3u8F2wYWdU7YFHRhY E4a8ZlkLRLPeUQ== -----END CERTIFICATE-----Generated at Mon Dec 22 18:50:31 2025 by rpki-client