This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft File: IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json) Hash identifier: DgkpoHdD6ihUGjoaFoTbRhTgoTrfBl5KfRavu/763Y0= Subject key identifier: 52:4E:46:BC:40:76:B6:77:2F:5D:78:93:0B:24:8A:2A:13:9C:B5:86 Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2 Certificate issuer: /CN=22e8c1b40ee579c183796455f4092573d995a1d2 Certificate serial: 019B650C7E51C120F21DECE65BED37DEEF26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft Manifest number: 0BFF Signing time: Sun 28 Dec 2025 13:01:16 +0000 Manifest this update: Sun 28 Dec 2025 13:01:16 +0000 Manifest next update: Mon 29 Dec 2025 13:01:16 +0000 Files and hashes: 1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: yJAmZFtUl4Ua4mi9lTAzCNXdwLled5T55xEPrtQMXH0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:0c:7e:51:c1:20:f2:1d:ec:e6:5b:ed:37:de:ef:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2 Validity Not Before: Dec 28 13:01:16 2025 GMT Not After : Dec 29 13:01:16 2025 GMT Subject: CN=524e46bc4076b6772f5d78930b248a2a139cb586 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:7a:2f:79:fa:b5:b3:d8:84:49:9c:84:a6:d0: 22:cc:e3:79:7a:9c:65:ba:e4:9d:b8:f1:8e:47:bb: e4:2b:24:ee:78:99:fc:af:67:48:7b:db:76:87:b7: 4f:11:70:69:16:87:03:e2:fa:73:ec:a8:93:f5:4d: 82:f3:19:14:a2:49:83:84:7c:d8:df:1d:d6:80:ea: f7:54:cc:22:3c:71:8d:8a:89:b1:14:2f:30:39:73: a4:c4:15:87:46:cb:02:8d:9e:0c:f4:5b:86:0c:05: 0b:fb:46:02:9f:6a:46:92:55:b4:9f:e8:b7:47:b2: c8:b3:53:29:2b:a9:27:e6:23:d8:f3:e8:e9:0e:b8: e5:5f:9b:35:3c:1a:71:30:35:02:0e:30:18:9b:52: 81:8a:0d:42:e3:41:e4:41:ee:d1:6c:de:44:5b:f2: a9:03:b2:4b:e3:f3:9c:e2:21:03:f5:55:fc:08:01: 3a:ca:e6:a3:13:6f:0f:fe:cc:b8:42:76:42:cb:25: d6:a6:00:0e:86:23:ff:f8:1c:59:ae:dd:01:16:e9: 4c:03:58:ad:eb:72:11:53:a7:cc:41:f4:0b:07:c1: 42:5e:e5:27:69:32:9a:a7:ae:28:0b:5d:f9:ca:4a: 02:2a:4d:cf:f7:ae:5f:89:f2:17:cf:21:21:d7:0a: 6b:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:4E:46:BC:40:76:B6:77:2F:5D:78:93:0B:24:8A:2A:13:9C:B5:86 X509v3 Authority Key Identifier: keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:ee:33:e7:67:59:4b:06:06:72:4d:e4:64:0c:a7:3b:73:77: e3:ed:8e:50:18:d8:bb:55:1d:a4:13:2e:3e:3b:c6:3a:ab:02: d9:0c:e0:a6:88:fb:c7:09:28:c1:8b:53:ba:70:89:ed:73:90: f1:63:89:95:9c:7c:7a:8a:02:98:25:98:4e:b2:c4:0b:47:77: 27:9b:f3:a3:02:94:37:eb:fb:a8:fe:82:45:b4:d5:fa:57:b8: 36:40:c6:b2:96:ed:22:dc:39:9c:37:9c:3c:c1:b5:d4:ec:f5: 21:e4:1d:60:02:99:30:a0:b5:43:36:4a:d5:5c:f8:03:9a:84: 97:e4:06:ed:a8:1e:e3:a4:e4:37:67:41:d8:ad:49:94:e1:dc: 54:06:e3:63:bc:ac:c9:01:99:52:ac:fc:b3:69:d7:13:2f:72: df:76:98:ec:05:14:be:df:e3:f9:ef:ba:d2:cb:c5:3b:6a:4f: 2e:c8:39:d6:38:ed:f4:9e:2e:b6:b3:f9:29:5b:e7:02:a4:f3: 57:76:7e:50:00:3b:47:22:dc:f6:6f:df:61:48:e5:b0:eb:99: 12:03:62:90:7b:a4:3e:ff:a0:b8:b4:a7:2a:5a:b5:4f:6f:d2: 8c:f3:2e:78:39:e8:c2:5c:b3:4e:98:89:8a:d2:42:ea:d5:33: 78:3e:2d:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtlDH5RwSDyHezmW+033u8mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5 NWExZDIwHhcNMjUxMjI4MTMwMTE2WhcNMjUxMjI5MTMwMTE2WjAzMTEwLwYDVQQD Eyg1MjRlNDZiYzQwNzZiNjc3MmY1ZDc4OTMwYjI0OGEyYTEzOWNiNTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXovefq1s9iESZyEptAizON5epxl uuSduPGOR7vkKyTueJn8r2dIe9t2h7dPEXBpFocD4vpz7KiT9U2C8xkUokmDhHzY 3x3WgOr3VMwiPHGNiomxFC8wOXOkxBWHRssCjZ4M9FuGDAUL+0YCn2pGklW0n+i3 R7LIs1MpK6kn5iPY8+jpDrjlX5s1PBpxMDUCDjAYm1KBig1C40HkQe7RbN5EW/Kp A7JL4/Oc4iED9VX8CAE6yuajE28P/sy4QnZCyyXWpgAOhiP/+BxZrt0BFulMA1it 63IRU6fMQfQLB8FCXuUnaTKap64oC135ykoCKk3P965fifIXzyEh1wprYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFJORrxAdrZ3L114kwskiioTnLWGMB8GA1UdIwQY MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk+4z52dZ SwYGck3kZAynO3N34+2OUBjYu1UdpBMuPjvGOqsC2Qzgpoj7xwkowYtTunCJ7XOQ 8WOJlZx8eooCmCWYTrLEC0d3J5vzowKUN+v7qP6CRbTV+le4NkDGspbtItw5nDec PMG11Oz1IeQdYAKZMKC1QzZK1Vz4A5qEl+QG7age46TkN2dB2K1JlOHcVAbjY7ys yQGZUqz8s2nXEy9y33aY7AUUvt/j+e+60svFO2pPLsg51jjt9J4utrP5KVvnAqTz V3Z+UAA7RyLc9m/fYUjlsOuZEgNikHukPv+guLSnKlq1T2/SjPMueDnowlyzTpiJ itJC6tUzeD4tuw== -----END CERTIFICATE-----Generated at Sun Dec 28 18:52:38 2025 by rpki-client