This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft File: iW81xeAyGs0CFn3viAfwu29xwo0.mft (raw, json) Hash identifier: Lu2rov38+LOov7v9p8idhk1CFavGvTCrf04mtXcXDOs= Subject key identifier: 19:A7:19:9F:46:D8:24:82:9C:B1:5F:A1:E3:08:E6:FF:AF:44:B0:36 Authority key identifier: 89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D Certificate issuer: /CN=896f35c5e0321acd02167def8807f0bb6f71c28d Certificate serial: 019B405C438F316C99D26E899B3AE56618FE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft Manifest number: 134C Signing time: Sun 21 Dec 2025 10:02:26 +0000 Manifest this update: Sun 21 Dec 2025 10:02:26 +0000 Manifest next update: Mon 22 Dec 2025 10:02:26 +0000 Files and hashes: 1: KzxZqybvsz4qWRvLNMoGl_b-dg0.roa (hash: waO3ZFTQ9Kiow9t+yCx6WlAToF1IQKM9UgVqX7Ju9ms=) 2: iW81xeAyGs0CFn3viAfwu29xwo0.crl (hash: Z2Y2Wfzz7nM4xH+t2UHLVdVb5pHbeq1iWtzj/D55lLQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:02:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5c:43:8f:31:6c:99:d2:6e:89:9b:3a:e5:66:18:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896f35c5e0321acd02167def8807f0bb6f71c28d Validity Not Before: Dec 21 10:02:26 2025 GMT Not After : Dec 22 10:02:26 2025 GMT Subject: CN=19a7199f46d824829cb15fa1e308e6ffaf44b036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:75:1b:b7:d0:2a:ca:5a:ed:f9:7c:d9:aa:d6: c6:1c:48:2d:f1:aa:14:bc:b3:06:89:f6:d1:37:92: bb:43:f1:56:ef:f6:42:b0:4e:fd:bf:c3:89:cf:66: 4b:ac:17:fc:b1:88:4b:e9:42:29:cf:53:4e:6d:6c: 90:f0:fc:16:d5:11:18:8a:58:6c:7f:31:24:50:0a: 85:a1:81:54:82:ec:a5:00:eb:e9:7f:7b:71:fe:f6: 03:85:48:e9:d9:d5:1d:97:1d:0f:e7:39:94:5f:41: 02:69:0d:67:63:64:cf:4f:74:aa:82:c2:33:93:3f: 0b:dc:c0:1b:92:4e:6d:23:d3:1e:3c:72:aa:bc:0e: ed:27:6a:98:de:f8:6b:00:ee:dd:4a:4e:7c:36:48: de:28:06:03:1c:ff:2b:70:f8:62:64:a7:00:a4:a3: e6:92:5c:91:4d:82:a1:a2:cc:00:0b:ac:be:55:5e: 41:16:d6:18:41:9b:8d:f1:68:69:67:ac:ef:52:77: f4:36:36:6f:45:6e:da:e4:97:13:f8:6a:01:6e:54: b9:52:1f:6d:3d:7b:b4:3f:a5:64:cc:87:81:21:0f: 82:1d:bd:81:fd:17:fe:a1:da:36:2d:b5:f0:85:80: b5:3b:6d:8c:d2:8d:68:36:19:6a:22:ce:c0:dd:b5: 3f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:A7:19:9F:46:D8:24:82:9C:B1:5F:A1:E3:08:E6:FF:AF:44:B0:36 X509v3 Authority Key Identifier: keyid:89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:76:7c:8d:24:35:23:e3:48:f4:7b:05:6c:d8:19:58:2c:2d: 48:d6:63:25:54:6e:e4:c5:9e:a2:65:5c:8f:ed:62:73:88:3f: f8:a7:b2:c0:ba:bb:5a:20:02:aa:88:41:30:1d:17:4b:af:80: 8c:79:72:db:9c:78:f3:46:4b:09:d5:05:d0:88:e9:45:02:b6: 80:7a:d8:92:6e:fd:8f:13:ea:57:f8:82:6d:f5:f4:bf:3e:4a: 7c:37:ff:8d:3a:cc:aa:39:19:3c:a1:ad:9a:c2:2b:ae:0a:7f: 48:d8:4e:ba:4d:ca:f1:65:0d:19:a2:5b:15:32:f4:d8:a0:03: 69:1e:61:49:e6:8b:dd:c0:5c:bf:62:69:89:1d:00:8b:67:97: 47:2d:0b:f0:c3:23:a2:5b:bd:5c:2b:e1:40:00:ad:d1:94:e0: bb:21:05:78:5d:0b:83:1d:3a:64:07:12:51:7c:6e:83:a7:e2: 5b:bb:ba:73:3a:2f:eb:2c:a6:4d:14:2d:dd:c6:cf:df:9c:02: 55:4a:da:1d:b5:06:77:f5:20:41:ac:61:12:c9:01:49:44:a7: 81:1b:c5:ce:10:d6:e9:36:fa:dc:5b:1c:16:8f:94:b0:0d:30: 12:3d:f7:37:03:e4:97:8d:2c:da:da:7c:93:fb:2c:ee:84:27: 6f:a3:bf:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAXEOPMWyZ0m6JmzrlZhj+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5NmYzNWM1ZTAzMjFhY2QwMjE2N2RlZjg4MDdmMGJiNmY3 MWMyOGQwHhcNMjUxMjIxMTAwMjI2WhcNMjUxMjIyMTAwMjI2WjAzMTEwLwYDVQQD EygxOWE3MTk5ZjQ2ZDgyNDgyOWNiMTVmYTFlMzA4ZTZmZmFmNDRiMDM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHUbt9Aqylrt+XzZqtbGHEgt8aoU vLMGifbRN5K7Q/FW7/ZCsE79v8OJz2ZLrBf8sYhL6UIpz1NObWyQ8PwW1REYilhs fzEkUAqFoYFUguylAOvpf3tx/vYDhUjp2dUdlx0P5zmUX0ECaQ1nY2TPT3SqgsIz kz8L3MAbkk5tI9MePHKqvA7tJ2qY3vhrAO7dSk58NkjeKAYDHP8rcPhiZKcApKPm klyRTYKhoswAC6y+VV5BFtYYQZuN8WhpZ6zvUnf0NjZvRW7a5JcT+GoBblS5Uh9t PXu0P6VkzIeBIQ+CHb2B/Rf+odo2LbXwhYC1O22M0o1oNhlqIs7A3bU/awIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBmnGZ9G2CSCnLFfoeMI5v+vRLA2MB8GA1UdIwQY MBaAFIlvNcXgMhrNAhZ974gH8LtvccKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYt MjI5OWE2N2U2MDAxLzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYtMjI5OWE2N2U2MDAx LzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPXZ8jSQ1 I+NI9HsFbNgZWCwtSNZjJVRu5MWeomVcj+1ic4g/+KeywLq7WiACqohBMB0XS6+A jHly25x480ZLCdUF0IjpRQK2gHrYkm79jxPqV/iCbfX0vz5KfDf/jTrMqjkZPKGt msIrrgp/SNhOuk3K8WUNGaJbFTL02KADaR5hSeaL3cBcv2JpiR0Ai2eXRy0L8MMj olu9XCvhQACt0ZTguyEFeF0Lgx06ZAcSUXxug6fiW7u6czov6yymTRQt3cbP35wC VUraHbUGd/UgQaxhEskBSUSngRvFzhDW6Tb63FscFo+UsA0wEj33NwPkl40s2tp8 k/ss7oQnb6O/BA== -----END CERTIFICATE-----Generated at Sun Dec 21 17:27:11 2025 by rpki-client