This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json) Hash identifier: HMitKfQNuVbq/vQFHEgPiehR1PaqmwF7cq+ScNB3pGQ= Subject key identifier: B2:6E:78:04:34:CF:1F:FC:9F:0A:BF:40:DD:7C:13:6F:E8:B3:25:39 Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124 Certificate serial: 019B6D340B84AFF0B7417C07D7B47DB49F85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft Manifest number: 0A9D Signing time: Tue 30 Dec 2025 03:01:25 +0000 Manifest this update: Tue 30 Dec 2025 03:01:25 +0000 Manifest next update: Wed 31 Dec 2025 03:01:25 +0000 Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: unmNxHzDR/Y9NhQ0Opk6DIH2+vh2Yfk+nECDRcJZivQ=) 2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:34:0b:84:af:f0:b7:41:7c:07:d7:b4:7d:b4:9f:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db42059ce291d49a66920731c767da563ef21124 Validity Not Before: Dec 30 03:01:25 2025 GMT Not After : Dec 31 03:01:25 2025 GMT Subject: CN=b26e780434cf1ffc9f0abf40dd7c136fe8b32539 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:1d:e8:e4:a8:11:9f:b1:92:66:c2:50:08:9e: 6a:ca:b0:fc:d7:bf:48:2c:c5:0c:d0:6d:0f:dc:e1: e6:f2:17:d9:3a:53:74:8e:25:2a:e5:37:f8:78:35: 42:52:91:fc:78:40:0c:51:dc:66:e3:80:ed:bf:9f: 15:4d:84:71:84:08:c7:ca:58:8a:67:c9:e7:3b:1a: 53:71:df:78:c2:55:9e:03:8e:31:88:c4:1d:88:19: 73:45:0f:ae:26:10:cd:bb:ba:ee:dd:52:56:41:e3: fb:25:30:5c:be:69:93:4b:3f:b7:df:03:a8:76:86: e0:22:40:52:85:0a:93:40:68:8c:9d:0a:14:1a:da: 9f:c1:f0:0c:72:96:5e:d1:c6:ef:4c:81:c5:a5:b0: 84:7e:5f:9f:38:52:8c:9d:6e:ff:86:80:8b:9b:61: 2b:dc:12:61:65:f4:74:b6:44:5c:c9:4f:92:75:a1: 08:7f:39:2a:67:c1:57:28:df:cc:52:0a:46:31:7b: ff:30:b8:ba:da:79:bb:32:7a:2a:0e:95:2f:58:41: ae:aa:63:f8:3c:b4:22:54:35:1f:b8:d1:de:b2:71: 10:61:35:36:53:c1:79:bb:cb:fe:ca:8e:21:9e:9c: e6:a3:04:df:d3:1a:a9:68:ab:32:4b:7f:dc:d7:12: 73:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:6E:78:04:34:CF:1F:FC:9F:0A:BF:40:DD:7C:13:6F:E8:B3:25:39 X509v3 Authority Key Identifier: keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:67:17:1f:d0:37:2f:09:dd:90:80:71:48:ea:d1:7c:4c:7e: bb:2c:26:7a:8c:e8:dc:17:bb:d9:33:b0:27:da:7a:93:c6:25: 2a:8f:49:6c:46:4f:c3:4b:45:cd:0d:0e:5a:d6:f7:86:c9:cf: dc:c2:09:78:7f:f1:1b:cd:0d:83:34:ee:6d:36:1d:50:8d:ca: 9b:61:55:61:ce:ba:c2:c6:fc:ca:9c:6a:d6:88:2d:85:46:43: b7:07:d6:1a:0e:a3:fd:aa:e5:54:41:aa:b5:11:c9:e7:1f:dc: f9:1f:86:36:b2:0b:98:71:db:c9:2f:b3:87:7a:18:d6:71:2f: 6b:37:be:c2:1f:90:cf:5d:39:0f:c4:91:a8:4f:ed:07:8f:66: 81:fd:41:ec:42:96:7d:1d:44:60:1a:12:ca:3c:77:d3:0b:4b: d7:8b:1f:1e:23:01:b4:f2:db:79:e7:ca:81:49:54:51:61:7d: 51:c1:96:29:63:a1:88:e0:57:6b:da:73:73:40:90:4d:02:b3: 6e:b1:ab:ae:d3:62:2a:66:66:f8:37:8f:b7:bc:03:4a:28:f0: 1f:ae:2b:2c:41:ff:7c:9c:49:8c:30:9a:f3:9d:de:92:04:dd: d9:e9:a0:c3:bd:61:07:32:ad:fc:55:98:4e:c3:32:9c:69:a7: 2b:d6:e7:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttNAuEr/C3QXwH17R9tJ+FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm MjExMjQwHhcNMjUxMjMwMDMwMTI1WhcNMjUxMjMxMDMwMTI1WjAzMTEwLwYDVQQD EyhiMjZlNzgwNDM0Y2YxZmZjOWYwYWJmNDBkZDdjMTM2ZmU4YjMyNTM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwx3o5KgRn7GSZsJQCJ5qyrD8179I LMUM0G0P3OHm8hfZOlN0jiUq5Tf4eDVCUpH8eEAMUdxm44Dtv58VTYRxhAjHyliK Z8nnOxpTcd94wlWeA44xiMQdiBlzRQ+uJhDNu7ru3VJWQeP7JTBcvmmTSz+33wOo dobgIkBShQqTQGiMnQoUGtqfwfAMcpZe0cbvTIHFpbCEfl+fOFKMnW7/hoCLm2Er 3BJhZfR0tkRcyU+SdaEIfzkqZ8FXKN/MUgpGMXv/MLi62nm7MnoqDpUvWEGuqmP4 PLQiVDUfuNHesnEQYTU2U8F5u8v+yo4hnpzmowTf0xqpaKsyS3/c1xJzowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLJueAQ0zx/8nwq/QN18E2/osyU5MB8GA1UdIwQY MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnmcXH9A3 LwndkIBxSOrRfEx+uywmeozo3Be72TOwJ9p6k8YlKo9JbEZPw0tFzQ0OWtb3hsnP 3MIJeH/xG80NgzTubTYdUI3Km2FVYc66wsb8ypxq1ogthUZDtwfWGg6j/arlVEGq tRHJ5x/c+R+GNrILmHHbyS+zh3oY1nEvaze+wh+Qz105D8SRqE/tB49mgf1B7EKW fR1EYBoSyjx30wtL14sfHiMBtPLbeefKgUlUUWF9UcGWKWOhiOBXa9pzc0CQTQKz brGrrtNiKmZm+DePt7wDSijwH64rLEH/fJxJjDCa853ekgTd2emgw71hBzKt/FWY TsMynGmnK9bn4Q== -----END CERTIFICATE-----Generated at Tue Dec 30 06:22:12 2025 by rpki-client