This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft File: sCBx_ye9CehFJRchNknb9nvK1dE.mft (raw, json) Hash identifier: /kLX1p2eCf1KlQkGb9L+24p+SRdz5jRPZ+vR5tqyCc8= Subject key identifier: D5:6B:53:F8:4A:57:FA:CA:D1:17:D7:5B:9A:C6:86:79:1B:BC:8D:B9 Authority key identifier: B0:20:71:FF:27:BD:09:E8:45:25:17:21:36:49:DB:F6:7B:CA:D5:D1 Certificate issuer: /CN=b02071ff27bd09e8452517213649dbf67bcad5d1 Certificate serial: 019B2740415F4C4AECDD0665A415F6B91F53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft Manifest number: 0409 Signing time: Tue 16 Dec 2025 13:01:20 +0000 Manifest this update: Tue 16 Dec 2025 13:01:20 +0000 Manifest next update: Wed 17 Dec 2025 13:01:20 +0000 Files and hashes: 1: sCBx_ye9CehFJRchNknb9nvK1dE.crl (hash: kA6b+USsVSfnwIPUkn2kVdeEeiNy7hvYQ/R3uhG2jAQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 13:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:40:41:5f:4c:4a:ec:dd:06:65:a4:15:f6:b9:1f:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b02071ff27bd09e8452517213649dbf67bcad5d1 Validity Not Before: Dec 16 13:01:20 2025 GMT Not After : Dec 17 13:01:20 2025 GMT Subject: CN=d56b53f84a57facad117d75b9ac686791bbc8db9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:35:fa:50:7f:7d:bf:76:65:8e:da:07:1e:b2: f1:0b:d8:13:20:f9:d9:d4:74:23:16:46:77:d5:90: cc:0b:bf:d1:3a:2d:a9:03:46:6c:4d:3f:89:b0:b5: f5:83:a1:1b:10:60:7d:7e:87:4a:26:89:0c:85:22: a3:83:83:d3:24:fd:07:6f:7a:db:f5:94:95:bc:e7: fb:0e:4c:6c:44:25:46:28:40:7e:89:c4:72:5b:47: 40:39:32:d3:8f:37:17:f7:b3:7d:50:ac:b1:6b:70: 03:7a:89:fe:0e:81:1e:47:7b:5a:d0:a0:e9:13:25: 5a:5e:c8:91:42:8b:a1:98:89:fb:ae:fb:6e:4a:5b: 60:97:bd:f1:ee:23:5f:ac:f7:79:64:07:fa:b2:31: 01:58:a2:f8:f7:fa:cb:b3:ff:18:83:98:72:42:1e: 6e:4c:80:70:47:f8:ad:d5:08:78:c3:2c:90:28:47: 69:d7:8d:a9:7f:9d:bf:1f:c0:d6:a4:2a:8b:7b:7b: 26:7e:ef:b9:95:07:70:d8:b7:9e:6d:45:49:4e:b8: 55:eb:e5:1e:3a:ec:ab:e4:5a:79:8d:dd:5e:75:16: 70:11:49:55:dd:c1:67:c5:ed:05:38:b8:a6:5a:b3: 1f:1f:26:be:bd:b7:b4:ef:dc:62:00:80:67:b5:22: c3:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:6B:53:F8:4A:57:FA:CA:D1:17:D7:5B:9A:C6:86:79:1B:BC:8D:B9 X509v3 Authority Key Identifier: keyid:B0:20:71:FF:27:BD:09:E8:45:25:17:21:36:49:DB:F6:7B:CA:D5:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCBx_ye9CehFJRchNknb9nvK1dE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/566dba-8179-4c13-9d3f-bc895f731695/1/sCBx_ye9CehFJRchNknb9nvK1dE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:bc:65:8b:b8:1f:27:e0:61:5e:85:c8:02:8b:cf:e2:8c:aa: ed:6a:b9:14:75:d4:db:dc:a1:58:22:db:19:5b:a2:a0:1f:df: 2f:95:5c:bd:f2:23:3f:32:fd:eb:07:e3:a9:13:7a:0c:be:f4: 52:4c:0b:8d:84:17:a7:82:8c:d4:ee:2e:98:4e:73:a8:aa:c0: f0:d3:37:bf:36:cb:0b:bd:dc:4a:7d:dd:9d:57:3f:30:67:3c: ae:09:95:df:93:ff:9e:c9:48:e1:c1:78:70:52:0f:0b:cf:a7: e2:cb:29:28:a2:54:1a:67:2e:02:18:ed:6e:07:fd:6d:db:96: 50:85:da:e6:f0:28:c1:a9:ff:b0:c1:84:35:08:85:d2:12:cf: 68:0a:31:bf:af:20:c2:ac:dc:97:bf:b8:d5:06:6e:11:68:d8: 44:ea:2d:3e:64:e8:62:72:ca:92:20:39:8c:9a:7d:bd:93:60: fb:8d:cb:06:7a:89:7a:a2:9b:b7:e7:8d:56:c0:e8:84:13:b5: 1c:0d:4e:b2:0c:0e:75:e7:08:8a:49:68:99:8b:4e:71:ee:27: 51:f5:b2:b1:cd:20:20:4d:8d:db:94:43:90:ba:c4:ce:0a:12: 16:ae:fb:b7:bd:7c:f9:d3:6d:03:a3:79:03:fd:6d:30:b5:0a: 5d:aa:4d:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsnQEFfTErs3QZlpBX2uR9TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIwMjA3MWZmMjdiZDA5ZTg0NTI1MTcyMTM2NDlkYmY2N2Jj YWQ1ZDEwHhcNMjUxMjE2MTMwMTIwWhcNMjUxMjE3MTMwMTIwWjAzMTEwLwYDVQQD EyhkNTZiNTNmODRhNTdmYWNhZDExN2Q3NWI5YWM2ODY3OTFiYmM4ZGI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozX6UH99v3ZljtoHHrLxC9gTIPnZ 1HQjFkZ31ZDMC7/ROi2pA0ZsTT+JsLX1g6EbEGB9fodKJokMhSKjg4PTJP0Hb3rb 9ZSVvOf7DkxsRCVGKEB+icRyW0dAOTLTjzcX97N9UKyxa3ADeon+DoEeR3ta0KDp EyVaXsiRQouhmIn7rvtuSltgl73x7iNfrPd5ZAf6sjEBWKL49/rLs/8Yg5hyQh5u TIBwR/it1Qh4wyyQKEdp142pf52/H8DWpCqLe3smfu+5lQdw2LeebUVJTrhV6+Ue Ouyr5Fp5jd1edRZwEUlV3cFnxe0FOLimWrMfHya+vbe079xiAIBntSLDrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNVrU/hKV/rK0RfXW5rGhnkbvI25MB8GA1UdIwQY MBaAFLAgcf8nvQnoRSUXITZJ2/Z7ytXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81NjZkYmEtODE3OS00YzEzLTlkM2Yt YmM4OTVmNzMxNjk1LzEvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC81NjZkYmEtODE3OS00YzEzLTlkM2YtYmM4OTVmNzMxNjk1 LzEvc0NCeF95ZTlDZWhGSlJjaE5rbmI5bnZLMWRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLxli7gf J+BhXoXIAovP4oyq7Wq5FHXU29yhWCLbGVuioB/fL5VcvfIjPzL96wfjqRN6DL70 UkwLjYQXp4KM1O4umE5zqKrA8NM3vzbLC73cSn3dnVc/MGc8rgmV35P/nslI4cF4 cFIPC8+n4sspKKJUGmcuAhjtbgf9bduWUIXa5vAowan/sMGENQiF0hLPaAoxv68g wqzcl7+41QZuEWjYROotPmToYnLKkiA5jJp9vZNg+43LBnqJeqKbt+eNVsDohBO1 HA1OsgwOdecIiklomYtOce4nUfWysc0gIE2N25RDkLrEzgoSFq77t718+dNtA6N5 A/1tMLUKXapN8Q== -----END CERTIFICATE-----Generated at Tue Dec 16 23:20:48 2025 by rpki-client