This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft File: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft (raw, json) Hash identifier: Vyrs8kzS80TN1yddpGjy4PYA5qu69cK84I1MAaqgpZM= Subject key identifier: 89:E6:28:09:E7:98:0D:D3:C5:00:7F:13:00:09:00:44:4F:E1:87:9D Authority key identifier: 23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98 Certificate issuer: /CN=232872f431ada9b6826c5f0897ec4e5342092e98 Certificate serial: 019B72229C2973E74D1954BB76EFD608C04E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft Manifest number: 0504 Signing time: Wed 31 Dec 2025 02:00:29 +0000 Manifest this update: Wed 31 Dec 2025 02:00:29 +0000 Manifest next update: Thu 01 Jan 2026 02:00:29 +0000 Files and hashes: 1: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl (hash: 6SRlLOsJxAp8uOY7xKCoYiOqSakznw45XpxX0aU/Bj4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:72:22:9c:29:73:e7:4d:19:54:bb:76:ef:d6:08:c0:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=232872f431ada9b6826c5f0897ec4e5342092e98 Validity Not Before: Dec 31 02:00:29 2025 GMT Not After : Jan 1 02:00:29 2026 GMT Subject: CN=89e62809e7980dd3c5007f13000900444fe1879d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:96:b5:ad:e5:3f:56:79:6d:1e:f7:b1:35:e2: 47:ec:01:51:42:03:b8:13:7e:60:27:2b:11:1d:02: 00:41:ca:f4:39:d6:62:8d:90:91:ea:67:06:34:d7: 4c:37:3f:19:e8:9d:0f:7b:60:93:51:c5:58:06:97: d7:88:51:ae:fc:98:39:d2:e1:df:2b:27:f2:5f:a1: c9:d5:81:c7:40:40:9a:98:a3:17:4a:78:06:fe:32: b3:1b:b7:2c:a5:cf:a6:be:b3:52:c1:c9:15:5d:bd: b6:5c:f7:dd:50:eb:3c:95:c5:c7:dc:1b:24:d2:23: af:4c:58:66:a7:b5:eb:3b:c4:f5:cb:77:90:33:86: e3:08:ff:eb:a6:e9:3a:ca:9d:1f:5a:df:75:82:3c: 4b:ed:78:50:7c:5a:a7:f9:86:de:71:3c:02:04:01: 84:16:49:02:e4:8b:3e:3f:24:a7:46:c6:7a:40:b2: 67:01:6b:f7:e8:7e:61:e7:71:90:5d:97:33:db:1d: 79:ac:26:e4:71:05:6c:8c:10:ba:88:21:b2:eb:04: 8d:7a:a7:a1:c8:c4:a3:e7:2f:6e:77:c0:01:39:9c: 9e:fd:5a:1b:fb:7a:a4:94:0c:8b:c3:48:ab:92:7f: fe:9a:f8:04:ef:4b:1d:71:eb:01:72:21:ff:8a:ea: 44:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E6:28:09:E7:98:0D:D3:C5:00:7F:13:00:09:00:44:4F:E1:87:9D X509v3 Authority Key Identifier: keyid:23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:3a:42:94:7c:0c:c5:54:e1:e7:ad:f6:c0:86:ec:33:16:13: 61:4f:41:e1:3b:ec:b2:cb:15:ae:ae:92:a6:74:8a:71:9f:21: c5:27:71:8c:87:81:4e:c0:9c:e2:21:6e:df:70:a5:52:e0:47: 6c:f7:e9:10:c7:da:95:8f:be:8f:27:83:cb:ba:df:49:22:fb: 48:f9:b5:df:ae:a0:2b:8b:16:fc:78:82:e9:78:b7:6e:29:6c: 04:13:7c:09:59:ff:ec:35:a6:88:dd:00:26:ad:b0:cb:22:7d: f7:5c:d2:59:e1:21:43:ae:7a:61:7b:ac:1b:f8:31:76:0a:bd: 96:9c:d4:0e:2e:36:df:2d:b2:86:d6:a8:95:1f:b2:77:59:df: 3a:3a:7a:57:ed:8e:c9:00:82:0d:81:b8:7a:8f:ab:08:eb:e0: 6e:2c:12:fc:ca:e7:c1:eb:b5:7b:bd:52:33:bc:6e:3e:07:b3: 0e:da:17:df:af:21:06:2f:81:b1:dc:4f:a6:63:4a:2e:45:17: 77:09:83:11:82:46:79:52:33:da:8f:03:eb:65:32:f9:06:8f: 44:cc:fd:87:5e:ba:e0:87:6b:45:c3:e3:29:6e:4a:03:28:d6: d3:e2:18:0b:cb:f9:40:06:8b:2a:46:46:3a:c4:0b:b7:f1:ec: 12:c3:9c:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtyIpwpc+dNGVS7du/WCMBOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMjg3MmY0MzFhZGE5YjY4MjZjNWYwODk3ZWM0ZTUzNDIw OTJlOTgwHhcNMjUxMjMxMDIwMDI5WhcNMjYwMTAxMDIwMDI5WjAzMTEwLwYDVQQD Eyg4OWU2MjgwOWU3OTgwZGQzYzUwMDdmMTMwMDA5MDA0NDRmZTE4NzlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJa1reU/VnltHvexNeJH7AFRQgO4 E35gJysRHQIAQcr0OdZijZCR6mcGNNdMNz8Z6J0Pe2CTUcVYBpfXiFGu/Jg50uHf KyfyX6HJ1YHHQECamKMXSngG/jKzG7cspc+mvrNSwckVXb22XPfdUOs8lcXH3Bsk 0iOvTFhmp7XrO8T1y3eQM4bjCP/rpuk6yp0fWt91gjxL7XhQfFqn+YbecTwCBAGE FkkC5Is+PySnRsZ6QLJnAWv36H5h53GQXZcz2x15rCbkcQVsjBC6iCGy6wSNeqeh yMSj5y9ud8ABOZye/Vob+3qklAyLw0irkn/+mvgE70sdcesBciH/iupEkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFInmKAnnmA3TxQB/EwAJAERP4YedMB8GA1UdIwQY MBaAFCMocvQxram2gmxfCJfsTlNCCS6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYt NzFhYTYzMTI1MTI4LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYtNzFhYTYzMTI1MTI4 LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUjpClHwM xVTh5632wIbsMxYTYU9B4TvssssVrq6SpnSKcZ8hxSdxjIeBTsCc4iFu33ClUuBH bPfpEMfalY++jyeDy7rfSSL7SPm1366gK4sW/HiC6Xi3bilsBBN8CVn/7DWmiN0A Jq2wyyJ991zSWeEhQ656YXusG/gxdgq9lpzUDi423y2yhtaolR+yd1nfOjp6V+2O yQCCDYG4eo+rCOvgbiwS/Mrnweu1e71SM7xuPgezDtoX368hBi+BsdxPpmNKLkUX dwmDEYJGeVIz2o8D62Uy+QaPRMz9h1664IdrRcPjKW5KAyjW0+IYC8v5QAaLKkZG OsQLt/HsEsOciQ== -----END CERTIFICATE-----Generated at Wed Dec 31 05:55:12 2025 by rpki-client