This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft File: 37H24AFTpJGGEbFLawP2gS7YikM.mft (raw, json) Hash identifier: HA3HrCPVi6w27dpmgUspX2rdtB1bBmsx9B0UkXXZL0c= Subject key identifier: B4:39:D2:2E:B9:79:AA:51:FF:AB:D1:E1:26:3C:E0:01:8F:DB:36:D9 Authority key identifier: DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43 Certificate issuer: /CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43 Certificate serial: 019B3CEC38BFFDAAC186E6410B04E04968E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft Manifest number: 1094 Signing time: Sat 20 Dec 2025 18:01:12 +0000 Manifest this update: Sat 20 Dec 2025 18:01:12 +0000 Manifest next update: Sun 21 Dec 2025 18:01:12 +0000 Files and hashes: 1: 37H24AFTpJGGEbFLawP2gS7YikM.crl (hash: x6qL0WT5XPLl1wgYITAJNGpm0x+YoxA1XRmdnJqKY1c=) 2: NZtS_yd4-bo9e2cvGKzyKvYI3pE.roa (hash: +rJHNNOfAgRLW2AYZ2GQZ4sJIXJPzKob0SOJ3Knzwec=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:38:bf:fd:aa:c1:86:e6:41:0b:04:e0:49:68:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43 Validity Not Before: Dec 20 18:01:12 2025 GMT Not After : Dec 21 18:01:12 2025 GMT Subject: CN=b439d22eb979aa51ffabd1e1263ce0018fdb36d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:2d:f1:f7:31:74:93:40:60:94:c2:c5:6b:70: ef:a0:d2:7f:e9:71:8b:bb:f0:22:de:91:26:c1:43: ce:02:8a:5b:a7:81:8b:cb:ac:b0:2a:a2:a6:11:61: 41:11:2f:27:ed:db:7c:b5:7f:6c:0d:71:55:c6:22: f5:3e:28:ac:f0:18:ce:2c:4b:18:a9:80:c5:df:12: 7e:5c:4d:02:ce:40:dc:c5:13:8f:d5:69:94:86:94: 59:cc:3f:55:10:fb:fe:8f:e0:ef:f9:55:28:70:4b: f7:c6:a8:9d:29:13:49:d8:a0:40:e6:9e:13:d6:2a: 9f:4a:e4:aa:e7:88:c1:71:4b:9f:a7:19:7a:27:e6: af:19:ff:28:e5:7f:13:46:70:b7:36:81:40:c5:ee: b0:4e:a6:9a:35:75:ee:20:23:5a:ff:e8:12:00:4a: 1c:e0:6f:ed:83:a0:49:27:c1:2a:fd:33:61:58:eb: f7:90:81:2b:7b:4a:ec:f8:f9:04:af:5d:3a:9b:bb: d5:d3:de:43:6f:49:08:12:08:8d:45:a5:99:40:27: 42:a2:97:60:58:ee:d4:f6:e7:51:30:12:d1:bb:e5: 75:a5:f7:3e:10:59:ad:f9:f8:cd:cd:c5:10:05:bf: bc:11:b9:9d:4b:22:0c:d4:3c:9a:25:34:20:ce:c3: 56:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:39:D2:2E:B9:79:AA:51:FF:AB:D1:E1:26:3C:E0:01:8F:DB:36:D9 X509v3 Authority Key Identifier: keyid:DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:9e:e0:24:b0:73:c5:af:e0:6e:79:14:78:d1:d3:4a:bc:f6: d1:3f:ad:8c:63:0c:e4:ba:ea:c6:47:93:11:52:5d:1c:46:dd: 21:06:29:8f:5a:9b:6f:34:1c:aa:3e:72:c9:57:90:c0:0e:ab: ea:1b:9e:5c:10:8e:8d:99:28:a0:be:5e:16:5a:58:59:8e:33: 0a:5c:26:2c:b5:25:df:29:57:ac:a1:bc:b9:c7:1f:22:90:0b: 1e:72:0d:45:33:63:90:29:c5:7e:aa:27:98:1b:08:da:5f:55: 4e:d7:ec:7f:50:c0:8a:cf:1b:79:65:75:73:93:6f:57:81:70: 7d:97:a9:0b:eb:ec:29:c0:1f:56:c1:ef:3d:25:60:31:27:59: 3f:e3:ef:15:77:a2:6f:1d:9a:b4:5f:1c:2b:75:71:67:12:c1: 5e:a6:b5:c0:53:5e:fa:5d:12:15:7f:74:82:b8:b3:0f:b1:b5: 3b:d2:d7:d5:23:88:b4:f5:36:7a:fa:a8:8e:7b:44:03:43:37: 97:2c:ce:26:36:9f:2a:9f:23:cd:2a:a1:74:bb:2f:d3:14:f3: bf:1d:84:f4:a2:12:c7:0d:a3:d6:95:7b:49:2c:c9:8d:29:d8: 24:3e:9c:29:1a:fd:6c:e4:01:f7:30:95:8b:68:10:18:2e:e7: b6:39:8a:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87Di//arBhuZBCwTgSWjkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmYjFmNmUwMDE1M2E0OTE4NjExYjE0YjZiMDNmNjgxMmVk ODhhNDMwHhcNMjUxMjIwMTgwMTEyWhcNMjUxMjIxMTgwMTEyWjAzMTEwLwYDVQQD EyhiNDM5ZDIyZWI5NzlhYTUxZmZhYmQxZTEyNjNjZTAwMThmZGIzNmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS3x9zF0k0BglMLFa3DvoNJ/6XGL u/Ai3pEmwUPOAopbp4GLy6ywKqKmEWFBES8n7dt8tX9sDXFVxiL1Piis8BjOLEsY qYDF3xJ+XE0CzkDcxROP1WmUhpRZzD9VEPv+j+Dv+VUocEv3xqidKRNJ2KBA5p4T 1iqfSuSq54jBcUufpxl6J+avGf8o5X8TRnC3NoFAxe6wTqaaNXXuICNa/+gSAEoc 4G/tg6BJJ8Eq/TNhWOv3kIEre0rs+PkEr106m7vV095Db0kIEgiNRaWZQCdCopdg WO7U9udRMBLRu+V1pfc+EFmt+fjNzcUQBb+8EbmdSyIM1DyaJTQgzsNWLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLQ50i65eapR/6vR4SY84AGP2zbZMB8GA1UdIwQY MBaAFN+x9uABU6SRhhGxS2sD9oEu2IpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEt ODEwNjI3ZmIyNjcxLzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEtODEwNjI3ZmIyNjcx LzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJ7gJLBz xa/gbnkUeNHTSrz20T+tjGMM5LrqxkeTEVJdHEbdIQYpj1qbbzQcqj5yyVeQwA6r 6hueXBCOjZkooL5eFlpYWY4zClwmLLUl3ylXrKG8uccfIpALHnINRTNjkCnFfqon mBsI2l9VTtfsf1DAis8beWV1c5NvV4FwfZepC+vsKcAfVsHvPSVgMSdZP+PvFXei bx2atF8cK3VxZxLBXqa1wFNe+l0SFX90grizD7G1O9LX1SOItPU2evqojntEA0M3 lyzOJjafKp8jzSqhdLsv0xTzvx2E9KISxw2j1pV7SSzJjSnYJD6cKRr9bOQB9zCV i2gQGC7ntjmKWw== -----END CERTIFICATE-----Generated at Sat Dec 20 22:38:35 2025 by rpki-client