This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.mft File: SujQiQnRha9B0KDDvl6ijDUvAiY.mft (raw, json) Hash identifier: YGdwA+HKIRwGMAQpMggZXHOuGrGyBXPbR5khbMHTPAQ= Subject key identifier: 0E:B6:E5:EE:DD:99:C6:BD:BF:40:74:A6:4F:B9:79:81:12:A6:3F:12 Authority key identifier: 4A:E8:D0:89:09:D1:85:AF:41:D0:A0:C3:BE:5E:A2:8C:35:2F:02:26 Certificate issuer: /CN=4ae8d08909d185af41d0a0c3be5ea28c352f0226 Certificate serial: 019B43251580A4DABF7D6AFAD6A99D913E8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SujQiQnRha9B0KDDvl6ijDUvAiY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.mft Manifest number: 160A Signing time: Sun 21 Dec 2025 23:01:02 +0000 Manifest this update: Sun 21 Dec 2025 23:01:02 +0000 Manifest next update: Mon 22 Dec 2025 23:01:02 +0000 Files and hashes: 1: SujQiQnRha9B0KDDvl6ijDUvAiY.crl (hash: Om1tMvdHfG6BpIP5r0uzjiZ6JKdKP3NcwaDF9gntuy0=) 2: nP21AC5prEFloL4b-rvpds4zVIk.roa (hash: uwmza4+iHSYo9L5fLNkaMpr9S0IJA2DNF48xVtFHmFo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.mft rsync://rpki.ripe.net/repository/DEFAULT/SujQiQnRha9B0KDDvl6ijDUvAiY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:25:15:80:a4:da:bf:7d:6a:fa:d6:a9:9d:91:3e:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ae8d08909d185af41d0a0c3be5ea28c352f0226 Validity Not Before: Dec 21 23:01:02 2025 GMT Not After : Dec 22 23:01:02 2025 GMT Subject: CN=0eb6e5eedd99c6bdbf4074a64fb9798112a63f12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:fe:bc:9d:d3:33:08:45:c4:2f:80:0b:44:20: b3:76:71:7e:7d:f3:87:1a:fb:4e:4e:72:65:4f:1d: 2c:4e:da:3f:40:18:3b:43:c7:5c:5a:42:c3:da:ca: fa:c4:e9:40:96:de:87:36:b4:ec:70:a7:39:65:e0: 91:c9:0a:44:a6:76:34:43:45:c2:22:a3:59:57:56: 88:d9:dc:a7:08:ca:31:4b:b0:ff:ab:22:1a:a8:ed: c4:17:55:0f:d4:00:74:a9:de:75:fc:2d:55:49:70: a2:6f:f0:d3:69:a6:7e:3a:6f:53:55:4f:ee:59:b1: f0:7d:e6:9f:78:eb:97:c8:6f:60:41:43:d6:c3:c8: 74:29:1f:dc:fa:42:5e:df:03:b1:c7:5f:c3:fb:4c: 2c:85:7f:fb:a3:0d:4b:c6:d6:c8:6d:35:56:ba:55: 78:34:50:cf:85:a6:65:e3:b3:74:b9:29:86:57:c8: 0c:91:fb:c9:08:7b:21:ba:05:0e:85:74:2b:51:f2: ca:1a:27:93:e5:2c:05:1d:07:14:39:3d:41:e3:02: 2d:cc:6d:31:8f:ac:92:1c:f2:db:b3:21:40:0f:84: a8:f6:ce:df:c6:af:c0:d9:3a:7e:5a:45:17:75:d1: 47:22:9b:4c:e5:4c:75:cd:89:59:e2:c8:54:38:c0: a4:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:B6:E5:EE:DD:99:C6:BD:BF:40:74:A6:4F:B9:79:81:12:A6:3F:12 X509v3 Authority Key Identifier: keyid:4A:E8:D0:89:09:D1:85:AF:41:D0:A0:C3:BE:5E:A2:8C:35:2F:02:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SujQiQnRha9B0KDDvl6ijDUvAiY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:34:db:c3:4b:bd:da:df:70:91:09:5f:7f:ab:a1:df:87:59: 2e:5d:8d:67:d5:d6:2a:c8:f9:3c:2a:6f:bf:9a:34:e6:a5:a5: e9:f6:10:2f:87:1e:77:c5:f2:ca:70:87:49:d3:da:12:42:46: 32:59:a7:4c:f2:f9:be:38:61:c5:5f:96:a1:af:6d:64:4f:3f: e1:d9:af:19:bc:e8:55:7c:ae:72:41:c1:b3:40:53:f8:fd:7b: 6a:ee:c6:fe:b5:4a:29:aa:34:53:5f:11:69:76:7a:fc:12:d0: 92:81:e9:4c:6e:46:92:01:fa:86:ae:12:ab:1b:89:fd:72:a3: c9:86:27:98:bb:d3:26:b1:cf:2e:79:7a:93:d0:f5:09:1a:55: ac:cb:51:99:c2:9b:69:43:91:18:fe:02:45:89:05:61:53:22: b7:f5:3b:a7:fa:14:71:36:e9:08:f0:3e:db:83:64:30:d8:d4: d7:55:74:09:05:d9:f9:fb:0a:60:6b:e3:4c:29:69:3d:3b:4a: 83:1f:b5:6b:12:9c:dc:31:8b:21:42:59:9c:54:4f:0e:7b:a9: 0d:8d:3c:33:19:5d:a4:b3:ce:a4:2b:ac:4a:1c:90:da:1d:b8: b9:81:51:45:14:a3:ac:02:cb:58:92:25:e2:b9:0d:d5:69:2c: ee:8e:ef:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDJRWApNq/fWr61qmdkT6MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhZThkMDg5MDlkMTg1YWY0MWQwYTBjM2JlNWVhMjhjMzUy ZjAyMjYwHhcNMjUxMjIxMjMwMTAyWhcNMjUxMjIyMjMwMTAyWjAzMTEwLwYDVQQD EygwZWI2ZTVlZWRkOTljNmJkYmY0MDc0YTY0ZmI5Nzk4MTEyYTYzZjEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP68ndMzCEXEL4ALRCCzdnF+ffOH GvtOTnJlTx0sTto/QBg7Q8dcWkLD2sr6xOlAlt6HNrTscKc5ZeCRyQpEpnY0Q0XC IqNZV1aI2dynCMoxS7D/qyIaqO3EF1UP1AB0qd51/C1VSXCib/DTaaZ+Om9TVU/u WbHwfeafeOuXyG9gQUPWw8h0KR/c+kJe3wOxx1/D+0wshX/7ow1LxtbIbTVWulV4 NFDPhaZl47N0uSmGV8gMkfvJCHshugUOhXQrUfLKGieT5SwFHQcUOT1B4wItzG0x j6ySHPLbsyFAD4So9s7fxq/A2Tp+WkUXddFHIptM5Ux1zYlZ4shUOMCkMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA625e7dmca9v0B0pk+5eYESpj8SMB8GA1UdIwQY MBaAFEro0IkJ0YWvQdCgw75eoow1LwImMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3VqUWlRblJoYTlCMEtERHZsNmlqRFV2QWlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80MTQ0NmItZTQ5YS00YWU3LTgxZTUt OTQyNTg1NmVjNTQyLzEvU3VqUWlRblJoYTlCMEtERHZsNmlqRFV2QWlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS80MTQ0NmItZTQ5YS00YWU3LTgxZTUtOTQyNTg1NmVjNTQy LzEvU3VqUWlRblJoYTlCMEtERHZsNmlqRFV2QWlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaDTbw0u9 2t9wkQlff6uh34dZLl2NZ9XWKsj5PCpvv5o05qWl6fYQL4ced8XyynCHSdPaEkJG MlmnTPL5vjhhxV+Woa9tZE8/4dmvGbzoVXyuckHBs0BT+P17au7G/rVKKao0U18R aXZ6/BLQkoHpTG5GkgH6hq4SqxuJ/XKjyYYnmLvTJrHPLnl6k9D1CRpVrMtRmcKb aUORGP4CRYkFYVMit/U7p/oUcTbpCPA+24NkMNjU11V0CQXZ+fsKYGvjTClpPTtK gx+1axKc3DGLIUJZnFRPDnupDY08MxldpLPOpCusShyQ2h24uYFRRRSjrALLWJIl 4rkN1Wks7o7vJg== -----END CERTIFICATE-----Generated at Mon Dec 22 05:34:02 2025 by rpki-client