This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft File: kOszbVYE1HuugXI4sNu0l3HiRyk.mft (raw, json) Hash identifier: P731FgBp1MUC14Efxv2s0Wp+o095AqtEU2c7j1MoOh4= Subject key identifier: BE:C1:D1:B3:3E:A7:E8:B5:65:3A:0F:A0:E9:D8:3B:CF:92:F8:97:E6 Authority key identifier: 90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29 Certificate issuer: /CN=90eb336d5604d47bae817238b0dbb49771e24729 Certificate serial: 019B3D90A02441D812C1F9A6E85FEC9DD684 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 21:00:46 +0000 Manifest this update: Sat 20 Dec 2025 21:00:46 +0000 Manifest next update: Sun 21 Dec 2025 21:00:46 +0000 Files and hashes: 1: kOszbVYE1HuugXI4sNu0l3HiRyk.crl (hash: 9GeFotNUnI1gygdB0valn82FNUAM9eCw1fHv5EHVw2I=) 2: nHFDaIILOdTjKywJ536u2NbijQ4.roa (hash: GZUS5OKqPLBVaLkWEyB2Ce3k2q8gf8Rj7vaTEKCevNk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:a0:24:41:d8:12:c1:f9:a6:e8:5f:ec:9d:d6:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90eb336d5604d47bae817238b0dbb49771e24729 Validity Not Before: Dec 20 21:00:46 2025 GMT Not After : Dec 21 21:00:46 2025 GMT Subject: CN=bec1d1b33ea7e8b5653a0fa0e9d83bcf92f897e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:62:26:ce:a5:1f:3b:e7:cd:42:fb:a1:6a:14: 85:92:d0:44:31:24:ad:c5:2f:77:1e:4e:20:d6:3c: 28:79:f7:1a:2e:21:8d:a2:3d:d0:ef:5c:78:b4:2a: 58:18:75:a1:ee:de:f4:7a:c2:f9:43:d5:09:ed:bd: f7:58:dc:40:0f:0c:d7:34:cd:81:ab:ef:62:12:9e: ae:f2:54:69:59:7c:a8:3e:36:ce:85:dc:90:68:b4: 55:ec:cc:21:eb:bb:aa:09:12:ec:62:12:d3:16:ad: c5:68:44:d4:3c:a6:a7:50:5f:cd:82:c5:0a:87:0e: d7:b1:86:b1:2c:77:f1:52:08:d0:cd:1e:17:65:9a: 85:b6:72:7c:34:5b:c1:0a:7b:89:6e:7f:c1:40:ee: 87:c0:9c:e5:07:8f:05:3a:06:e2:c0:55:6b:4b:ee: 97:d1:2a:fb:b0:f8:6a:62:7f:38:39:e9:40:a9:df: dc:21:0d:de:51:3a:7f:80:3f:05:f7:9f:7c:a4:3a: a2:bc:c8:0a:b8:aa:32:85:9c:c8:9d:16:85:e6:64: ef:2b:89:e6:32:7d:20:9b:0c:4a:61:e6:d8:47:fd: 28:20:96:a6:71:5a:48:78:3a:17:48:9c:8b:62:9a: 2c:d8:c1:b7:77:e5:40:de:41:80:4c:d3:1e:91:9b: fa:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:C1:D1:B3:3E:A7:E8:B5:65:3A:0F:A0:E9:D8:3B:CF:92:F8:97:E6 X509v3 Authority Key Identifier: keyid:90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:18:18:82:a9:8b:b0:d2:a3:7a:bd:4d:96:e9:ae:cc:6a:43: 2d:55:9c:18:d5:92:6e:cb:8c:31:b1:2c:55:c2:68:f6:c8:1e: b4:28:f5:c6:9b:0b:87:88:71:34:73:6a:c9:49:0d:8a:4e:13: f7:3e:3c:42:e0:a7:82:40:81:44:8b:ec:10:c5:77:cc:a2:bd: 99:18:39:88:62:09:89:a1:88:f6:37:bb:e8:96:3c:10:f8:34: 3e:3f:f2:c1:09:24:83:4b:1e:93:94:fc:03:02:c4:a7:8f:fd: 6a:1d:6b:e7:32:47:0a:ea:ba:92:52:20:c7:2a:f5:48:9c:f2: 23:f6:79:d9:4c:6e:81:a8:0b:62:33:23:32:5c:07:1b:7a:6b: c4:c1:1b:c8:5b:64:aa:b1:17:33:95:d5:23:8d:c8:e0:94:63: 00:d2:a9:42:9e:53:20:af:10:aa:cd:f7:c0:47:a4:00:47:79: a8:cf:30:03:c9:98:d2:33:62:5f:09:8c:a6:09:a6:20:6f:7e: 73:45:a6:87:cd:45:ec:36:d5:6f:9c:2d:5d:36:a8:50:7c:bd: b0:ce:65:a2:ad:84:2b:bb:80:bb:cc:94:a5:90:4a:94:1d:6e: ca:dd:cb:ba:a4:fc:0b:a4:d2:e3:2c:c9:37:97:00:07:d9:62: 70:cd:33:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kKAkQdgSwfmm6F/sndaEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZWIzMzZkNTYwNGQ0N2JhZTgxNzIzOGIwZGJiNDk3NzFl MjQ3MjkwHhcNMjUxMjIwMjEwMDQ2WhcNMjUxMjIxMjEwMDQ2WjAzMTEwLwYDVQQD EyhiZWMxZDFiMzNlYTdlOGI1NjUzYTBmYTBlOWQ4M2JjZjkyZjg5N2U2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA82ImzqUfO+fNQvuhahSFktBEMSSt xS93Hk4g1jwoefcaLiGNoj3Q71x4tCpYGHWh7t70esL5Q9UJ7b33WNxADwzXNM2B q+9iEp6u8lRpWXyoPjbOhdyQaLRV7Mwh67uqCRLsYhLTFq3FaETUPKanUF/NgsUK hw7XsYaxLHfxUgjQzR4XZZqFtnJ8NFvBCnuJbn/BQO6HwJzlB48FOgbiwFVrS+6X 0Sr7sPhqYn84OelAqd/cIQ3eUTp/gD8F9598pDqivMgKuKoyhZzInRaF5mTvK4nm Mn0gmwxKYebYR/0oIJamcVpIeDoXSJyLYpos2MG3d+VA3kGATNMekZv6hQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL7B0bM+p+i1ZToPoOnYO8+S+JfmMB8GA1UdIwQY MBaAFJDrM21WBNR7roFyOLDbtJdx4kcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWIt YjExOTI3NGFkNjU0LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWItYjExOTI3NGFkNjU0 LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBgYgqmL sNKjer1NlumuzGpDLVWcGNWSbsuMMbEsVcJo9sgetCj1xpsLh4hxNHNqyUkNik4T 9z48QuCngkCBRIvsEMV3zKK9mRg5iGIJiaGI9je76JY8EPg0Pj/ywQkkg0sek5T8 AwLEp4/9ah1r5zJHCuq6klIgxyr1SJzyI/Z52UxugagLYjMjMlwHG3prxMEbyFtk qrEXM5XVI43I4JRjANKpQp5TIK8Qqs33wEekAEd5qM8wA8mY0jNiXwmMpgmmIG9+ c0Wmh81F7DbVb5wtXTaoUHy9sM5loq2EK7uAu8yUpZBKlB1uyt3LuqT8C6TS4yzJ N5cAB9licM0zng== -----END CERTIFICATE-----Generated at Sat Dec 20 23:13:30 2025 by rpki-client