This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft File: idaknSMAf7sSRxkvu3vZgus3M18.mft (raw, json) Hash identifier: PD/FLCTlMd3gn9Lzk1QUnHcJbmIizh59EkYGWcCR038= Subject key identifier: 8E:A0:B6:C3:31:96:88:29:4B:81:4A:E9:D6:12:0D:C6:23:22:81:7B Authority key identifier: 89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F Certificate issuer: /CN=89d6a49d23007fbb1247192fbb7bd982eb37335f Certificate serial: 019B3C1020F221B931A7CC588A5307C60512 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft Manifest number: 028D Signing time: Sat 20 Dec 2025 14:00:48 +0000 Manifest this update: Sat 20 Dec 2025 14:00:48 +0000 Manifest next update: Sun 21 Dec 2025 14:00:48 +0000 Files and hashes: 1: h5XDYzeHNRC78pQldSdBc3wtmlU.roa (hash: y/jCUDtK6aEdyycsVox6EyAhTQt3+YacMPTfw4ggZeM=) 2: idaknSMAf7sSRxkvu3vZgus3M18.crl (hash: g/SGoxYvSIx5C5sLlCAS6dJa+ClZ67IjSHhFCIfGZTQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:20:f2:21:b9:31:a7:cc:58:8a:53:07:c6:05:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89d6a49d23007fbb1247192fbb7bd982eb37335f Validity Not Before: Dec 20 14:00:48 2025 GMT Not After : Dec 21 14:00:48 2025 GMT Subject: CN=8ea0b6c3319688294b814ae9d6120dc62322817b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:2e:ba:ca:a7:94:9d:7f:61:bb:c0:e5:51:5a: 8d:f7:06:f4:09:e5:82:09:cb:29:ee:2f:61:5b:54: 2f:52:8f:36:45:dd:22:fa:46:d2:a8:e2:dc:2b:86: e3:bc:ad:d4:04:a6:ac:6a:93:c2:b7:27:26:fa:60: c9:02:c2:d8:bc:21:82:a0:3d:93:74:e3:72:83:94: 92:83:3a:7e:b1:9e:63:54:a7:be:4c:ab:79:df:1f: 51:28:19:1b:95:e6:11:d6:c0:d7:d7:8c:11:c6:6b: a5:02:eb:c2:86:f3:7f:dd:77:0c:61:78:7c:e6:4b: 5f:0c:7f:dc:8d:97:b8:b7:72:ab:f1:55:95:28:2a: 2c:f3:58:f8:4b:a2:21:52:62:07:30:ff:55:e7:d2: 7d:c7:13:b7:a5:c3:4e:bd:9c:d3:84:d0:6b:39:b4: b1:98:81:b1:77:30:b2:b0:fe:a7:d0:ce:88:ad:23: ce:75:cc:46:ec:7f:4a:eb:53:7d:ac:64:d1:ca:72: 43:69:a3:3d:27:dc:52:5c:1a:c2:18:1c:9d:93:b7: 97:96:00:79:46:1e:35:bc:39:f3:72:1a:46:32:28: 25:72:19:1d:2a:bf:dc:fb:91:a9:2e:87:31:24:43: 81:32:3a:ba:25:05:cd:0c:4a:6e:bb:84:74:6c:77: f7:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A0:B6:C3:31:96:88:29:4B:81:4A:E9:D6:12:0D:C6:23:22:81:7B X509v3 Authority Key Identifier: keyid:89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:fb:7a:f7:00:fb:24:ca:c1:bd:90:8b:12:9b:fc:86:de:cd: 8d:4d:92:68:74:b0:d7:ba:9d:2c:fa:77:95:e5:fd:4c:7c:2b: 2d:85:ca:68:ec:99:16:02:a1:12:c2:24:27:0c:82:4f:78:96: 67:d5:0a:ac:ed:a7:40:cb:eb:16:97:2d:48:1a:db:12:3d:29: e9:8d:c0:39:36:0b:84:6f:5d:61:87:88:3f:6f:a8:46:c6:a0: 23:9a:be:d5:22:98:ce:a2:3e:d0:a2:86:65:e5:33:09:0f:9f: ef:d4:06:93:29:73:b7:43:6e:df:fa:71:24:91:10:c0:65:bc: ec:d4:b7:05:2d:d6:8f:42:8a:62:95:b3:c9:60:87:43:6a:68: b4:fb:4a:51:5f:67:7f:11:6b:08:8e:b1:da:a9:0e:19:31:e8: cd:ed:73:b9:82:87:a2:92:07:f6:3e:8e:ab:73:88:71:b6:aa: 31:99:5e:38:2f:9a:5a:3b:c9:67:75:dc:bd:89:14:50:75:28: 25:74:9e:70:30:49:16:19:a4:62:c8:df:74:1a:b4:83:71:63: 35:b5:69:4a:94:02:e5:61:52:f3:46:56:5a:ce:ee:85:ba:f8: 58:64:74:af:a0:84:10:fa:ac:bc:63:3d:cc:45:cf:8a:65:dd: 0f:e9:e4:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8ECDyIbkxp8xYilMHxgUSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5ZDZhNDlkMjMwMDdmYmIxMjQ3MTkyZmJiN2JkOTgyZWIz NzMzNWYwHhcNMjUxMjIwMTQwMDQ4WhcNMjUxMjIxMTQwMDQ4WjAzMTEwLwYDVQQD Eyg4ZWEwYjZjMzMxOTY4ODI5NGI4MTRhZTlkNjEyMGRjNjIzMjI4MTdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS66yqeUnX9hu8DlUVqN9wb0CeWC Ccsp7i9hW1QvUo82Rd0i+kbSqOLcK4bjvK3UBKasapPCtycm+mDJAsLYvCGCoD2T dONyg5SSgzp+sZ5jVKe+TKt53x9RKBkbleYR1sDX14wRxmulAuvChvN/3XcMYXh8 5ktfDH/cjZe4t3Kr8VWVKCos81j4S6IhUmIHMP9V59J9xxO3pcNOvZzThNBrObSx mIGxdzCysP6n0M6IrSPOdcxG7H9K61N9rGTRynJDaaM9J9xSXBrCGBydk7eXlgB5 Rh41vDnzchpGMiglchkdKr/c+5GpLocxJEOBMjq6JQXNDEpuu4R0bHf3gQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI6gtsMxlogpS4FK6dYSDcYjIoF7MB8GA1UdIwQY MBaAFInWpJ0jAH+7EkcZL7t72YLrNzNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQt NmZkNzUxZGU3MTdhLzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQtNmZkNzUxZGU3MTdh LzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABft69wD7 JMrBvZCLEpv8ht7NjU2SaHSw17qdLPp3leX9THwrLYXKaOyZFgKhEsIkJwyCT3iW Z9UKrO2nQMvrFpctSBrbEj0p6Y3AOTYLhG9dYYeIP2+oRsagI5q+1SKYzqI+0KKG ZeUzCQ+f79QGkylzt0Nu3/pxJJEQwGW87NS3BS3Wj0KKYpWzyWCHQ2potPtKUV9n fxFrCI6x2qkOGTHoze1zuYKHopIH9j6Oq3OIcbaqMZleOC+aWjvJZ3XcvYkUUHUo JXSecDBJFhmkYsjfdBq0g3FjNbVpSpQC5WFS80ZWWs7uhbr4WGR0r6CEEPqsvGM9 zEXPimXdD+nkQg== -----END CERTIFICATE-----Generated at Sat Dec 20 19:47:12 2025 by rpki-client