This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft File: 9zQlckyuJz8pYwYNyGXG8LBCXK0.mft (raw, json) Hash identifier: f1ArtLvZ/Pr/Wdw/cgqQLMPBLHGHqbO89FMS5bVB4jU= Subject key identifier: 8B:1A:AF:9B:3D:99:46:D1:89:87:55:F5:58:1E:3C:23:05:5A:42:EF Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad Certificate serial: 019B390EE317A058519C9B852EE11F07250E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft Manifest number: 0148 Signing time: Sat 20 Dec 2025 00:00:35 +0000 Manifest this update: Sat 20 Dec 2025 00:00:35 +0000 Manifest next update: Sun 21 Dec 2025 00:00:35 +0000 Files and hashes: 1: 4pRecLSQ-xIl4IPEZzRcqIax3-I.roa (hash: H+a8jrfauVXAPTlOBPXoA0IxSm3rMjg8mh86PIxmueU=) 2: 9zQlckyuJz8pYwYNyGXG8LBCXK0.crl (hash: OkALg6AUSNg5OMzYECBhHjAASS/R/VmmrqZLs4UjtM8=) 3: HS9PpWT4FCSSstlIOFCaEuTYhZA.roa (hash: dTpJ+Vqey+wyIsJCiKM1TfllRZ7B3eMpNoAigDi5hoo=) 4: JNDj7IkhbQ_3xrbEz4uAXQ1Yv3Q.roa (hash: Wl0WwrfiuzHjyAyUMW+l+iPzUUYZzp7CP7Vher9u5s8=) 5: TDs3SCHkSwxi2Xb9E5-5lxldSWA.roa (hash: UmMaqKmCtjb0oErlYVHbczcMBZ32+2r0z5hmDOfKCCM=) 6: V6wlyE81nOSUZZNevO5fwFq_yuI.roa (hash: BJWgiCN26bDpqIeJaukxrOIxIn7K1eaqwr8a29JJlYg=) 7: Y6E3ztUNuP-EkxZVJnP3QMV8f34.roa (hash: 5ZMvfHfzXA3N5iMX/egkwzxlZHE1t5ELeXRMtB3b6GA=) 8: g_xhFlxALcLse_-Oj4PBePBZJnY.roa (hash: ZZWn8HGPLGkcu+1b7mxcw+bmNtXcMX/Z/tSj0BCyotA=) 9: kRIa94MWYWrUOVwjc9XA73SAMOA.roa (hash: CLFC01EOAmxOj0g9Emkl9wa15kGO2yyt+4qXoqbGCJI=) 10: wMrCQWEm2lPKU1aAl1mFhi-JWnE.roa (hash: hT7L1jOf2Ub3XumgetpA4h0Ys4xPjaNTHFtmr8cP4hQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 00:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:0e:e3:17:a0:58:51:9c:9b:85:2e:e1:1f:07:25:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad Validity Not Before: Dec 20 00:00:35 2025 GMT Not After : Dec 21 00:00:35 2025 GMT Subject: CN=8b1aaf9b3d9946d1898755f5581e3c23055a42ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8a:ea:5f:66:24:e5:9a:d4:2b:75:e4:a9:6f: 39:85:fc:ec:bc:51:3e:f3:5f:27:c0:77:b5:1f:5d: f9:2a:1f:ad:18:38:08:66:ed:f4:0c:8c:4f:5f:19: 15:89:aa:19:db:16:68:37:b7:7e:af:80:f6:94:05: 6a:26:6a:1e:f0:34:7b:42:11:05:d9:d9:ef:16:b7: 49:87:2c:a1:d8:23:62:ff:ec:89:70:40:3f:e9:3b: 85:71:5e:4e:1d:4e:db:2c:db:11:0a:f7:fa:58:36: 14:92:5e:03:a3:9b:1e:ff:da:67:3c:ba:f6:00:9f: b8:1a:38:c7:b0:97:3a:2a:b4:86:7c:00:bc:26:31: ba:fb:b3:82:41:22:2b:d3:4c:4c:5a:4b:13:1d:d5: 07:68:5b:50:90:6a:15:c0:a1:3d:f4:71:77:2d:51: 55:a5:0e:7b:fd:a6:00:74:88:f9:fa:db:fa:64:20: d4:4d:b7:df:24:8e:5c:e3:a3:75:a0:3c:79:d8:13: 4e:35:be:1b:b6:0f:6f:8b:c3:d8:db:54:3b:0f:92: 9f:a0:81:a5:c8:0b:bc:1f:64:9c:1a:e9:2f:c8:fd: 1e:1c:86:9d:4d:65:ac:55:05:7a:ce:84:59:21:68: 1c:c6:f1:dd:dd:27:c6:99:9c:f3:44:8d:fa:7c:f3: 77:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:1A:AF:9B:3D:99:46:D1:89:87:55:F5:58:1E:3C:23:05:5A:42:EF X509v3 Authority Key Identifier: keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:9b:4e:36:6a:ac:44:c6:59:5a:07:44:73:6a:d0:4b:b1:dc: f1:ea:52:ad:d7:95:52:64:d9:ff:85:7d:96:21:fd:49:11:9b: bd:10:69:d0:34:83:fb:01:a3:2f:9d:07:67:6a:33:ea:a0:89: fc:d5:1b:b2:29:ac:d3:ae:90:11:98:ec:45:56:c0:c5:18:73: 32:be:06:41:d0:c7:25:31:4b:d7:0b:64:c1:5b:2a:fd:48:b4: 80:f9:31:10:b8:c2:3d:3d:25:22:e8:9f:25:8a:35:76:fa:49: 39:f0:cc:c1:51:c4:09:6d:08:06:17:1d:84:5c:f5:15:4c:d1: 9a:d6:10:f5:e2:e3:d4:c0:d9:9c:c0:f1:71:e6:7c:39:cf:66: 2e:58:ab:89:41:a6:5d:32:f9:93:52:33:82:f2:a9:4f:cc:cd: fb:f1:d6:bf:4f:ed:5d:63:46:ed:20:d9:70:3c:2f:5a:19:60: 09:2c:3b:22:fd:b9:72:2f:ec:54:5c:80:38:ad:aa:f1:33:b7: a3:78:4d:0b:7c:27:03:49:ae:1c:63:30:50:ba:9b:4f:ae:0a: 7d:db:61:4e:78:ac:71:05:ff:2a:3d:85:0f:cd:e7:69:67:ba: aa:63:29:56:4a:87:20:c4:f9:7b:78:29:c0:40:db:6c:74:59: d3:da:25:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5DuMXoFhRnJuFLuEfByUOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0 MjVjYWQwHhcNMjUxMjIwMDAwMDM1WhcNMjUxMjIxMDAwMDM1WjAzMTEwLwYDVQQD Eyg4YjFhYWY5YjNkOTk0NmQxODk4NzU1ZjU1ODFlM2MyMzA1NWE0MmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYrqX2Yk5ZrUK3XkqW85hfzsvFE+ 818nwHe1H135Kh+tGDgIZu30DIxPXxkViaoZ2xZoN7d+r4D2lAVqJmoe8DR7QhEF 2dnvFrdJhyyh2CNi/+yJcEA/6TuFcV5OHU7bLNsRCvf6WDYUkl4Do5se/9pnPLr2 AJ+4GjjHsJc6KrSGfAC8JjG6+7OCQSIr00xMWksTHdUHaFtQkGoVwKE99HF3LVFV pQ57/aYAdIj5+tv6ZCDUTbffJI5c46N1oDx52BNONb4btg9vi8PY21Q7D5KfoIGl yAu8H2ScGukvyP0eHIadTWWsVQV6zoRZIWgcxvHd3SfGmZzzRI36fPN3JQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIsar5s9mUbRiYdV9VgePCMFWkLvMB8GA1UdIwQY MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt ZTg3MWIyMTc5MGRlLzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMJtONmqs RMZZWgdEc2rQS7Hc8epSrdeVUmTZ/4V9liH9SRGbvRBp0DSD+wGjL50HZ2oz6qCJ /NUbsims066QEZjsRVbAxRhzMr4GQdDHJTFL1wtkwVsq/Ui0gPkxELjCPT0lIuif JYo1dvpJOfDMwVHECW0IBhcdhFz1FUzRmtYQ9eLj1MDZnMDxceZ8Oc9mLliriUGm XTL5k1IzgvKpT8zN+/HWv0/tXWNG7SDZcDwvWhlgCSw7Iv25ci/sVFyAOK2q8TO3 o3hNC3wnA0muHGMwULqbT64KfdthTniscQX/Kj2FD83naWe6qmMpVkqHIMT5e3gp wEDbbHRZ09olMA== -----END CERTIFICATE-----Generated at Sat Dec 20 08:46:08 2025 by rpki-client