This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.mft File: iGeMo0w8Y2X7YWpmB3FgpJSm6dY.mft (raw, json) Hash identifier: GYSebCdN4UvmZk7Q5j90xuH/O5q7rY4s2F/BPXbIZqM= Subject key identifier: 54:2E:B0:E7:B5:89:0E:91:0F:BD:AF:C3:22:6B:CB:44:6E:6B:50:DC Authority key identifier: 88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6 Certificate issuer: /CN=88678ca34c3c6365fb616a66077160a494a6e9d6 Certificate serial: 019B3DC77DB4F628F4E3698FC2619034D5A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.mft Manifest number: 0785 Signing time: Sat 20 Dec 2025 22:00:42 +0000 Manifest this update: Sat 20 Dec 2025 22:00:42 +0000 Manifest next update: Sun 21 Dec 2025 22:00:42 +0000 Files and hashes: 1: iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl (hash: 1597CHfJUMLCVNMIXbR3dzN3/m/ajsWKaQHaSmRlZHA=) 2: jjED_o84pmfAqHGfZ4W5FzMfdgQ.roa (hash: g8fQ9HXrdjwXLWaeOVd7NIoIybhbQ6Vz//ncwHFTshk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.mft rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:7d:b4:f6:28:f4:e3:69:8f:c2:61:90:34:d5:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88678ca34c3c6365fb616a66077160a494a6e9d6 Validity Not Before: Dec 20 22:00:42 2025 GMT Not After : Dec 21 22:00:42 2025 GMT Subject: CN=542eb0e7b5890e910fbdafc3226bcb446e6b50dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:4f:0f:74:71:d6:a9:c9:ac:b1:93:ee:60:40: 19:a4:66:19:ca:4c:6f:ff:e1:05:c1:d1:26:63:3a: 9d:d5:c5:20:a7:63:1a:71:ec:fb:c4:ca:e9:c0:c5: 9a:5d:ba:64:83:2b:db:e5:e5:18:70:bc:16:5e:60: b4:74:da:b4:76:1a:cb:db:59:1d:f7:39:4a:1b:7b: 48:0a:d0:5f:dc:be:ed:1d:73:f9:bd:7c:8d:e7:55: d1:68:21:30:0c:ef:05:12:0b:27:33:5f:b0:f5:7f: 40:a4:69:07:d1:f1:34:87:77:cf:ca:00:0c:00:32: 20:8a:b9:23:b3:41:c9:3f:eb:e6:1b:3b:76:a8:e4: d9:50:79:6f:bb:58:b2:83:bc:06:35:34:3d:c8:87: ba:f4:42:88:cd:90:2e:b9:c1:28:b8:1c:e1:81:f8: b0:7f:1f:7e:68:1c:ac:bc:85:17:51:fa:ed:e7:b9: bf:79:5e:fb:94:87:87:03:99:37:cd:17:d8:8b:ca: 17:5e:22:b7:fa:ea:6c:32:63:9d:d1:ce:da:94:5f: b6:38:3c:ca:d8:a8:05:3f:fb:b1:1d:01:ac:12:a0: a9:25:fa:08:9a:52:a3:8f:b3:32:55:93:fb:6f:3d: 6e:9a:fd:8d:84:34:0e:c5:49:27:d3:74:16:6c:b6: 6c:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:2E:B0:E7:B5:89:0E:91:0F:BD:AF:C3:22:6B:CB:44:6E:6B:50:DC X509v3 Authority Key Identifier: keyid:88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:12:be:bc:b9:12:2c:a2:8d:65:da:4f:dd:8a:ae:7e:ab:43: 3b:85:34:9d:4c:e8:1d:3c:b1:fb:ec:75:09:da:04:59:30:fa: 62:65:54:7b:52:6e:48:7e:c8:7e:13:7d:5d:f2:ab:87:d2:8b: 58:a2:1b:85:ec:b7:90:f7:cd:05:5b:4b:03:4b:a2:41:ca:a5: 74:df:94:25:5e:e5:ba:d3:15:c6:3a:ae:b1:be:94:43:ff:20: ee:8e:e2:c3:a6:93:6f:4f:41:ba:3b:42:89:b9:fc:38:f8:04: e9:f4:43:72:52:8f:e6:e5:12:3c:80:07:4c:a4:33:fa:cb:f3: 61:4c:22:99:64:d3:79:33:50:f3:e5:00:c7:12:a8:34:d4:03: 6a:70:20:92:fc:12:e5:a3:c3:60:76:4e:e0:27:b7:00:fe:38: 61:29:81:6d:76:f2:54:97:b5:08:71:c3:f3:a0:a6:14:fc:6d: 07:2e:76:69:0a:ad:f2:4f:63:60:56:70:42:84:a8:b7:c1:9c: 38:a6:ec:35:36:22:d9:20:56:68:6a:ae:3c:9b:aa:35:82:2e: 93:d4:3b:bd:15:14:43:78:43:f4:c5:f9:67:a3:19:8a:40:2d: 67:b9:f7:a4:be:42:25:6b:5a:f4:1b:5e:a7:3e:1b:9e:5d:76: 3d:72:d9:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x3209ij042mPwmGQNNWlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4Njc4Y2EzNGMzYzYzNjVmYjYxNmE2NjA3NzE2MGE0OTRh NmU5ZDYwHhcNMjUxMjIwMjIwMDQyWhcNMjUxMjIxMjIwMDQyWjAzMTEwLwYDVQQD Eyg1NDJlYjBlN2I1ODkwZTkxMGZiZGFmYzMyMjZiY2I0NDZlNmI1MGRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8U8PdHHWqcmssZPuYEAZpGYZykxv /+EFwdEmYzqd1cUgp2Macez7xMrpwMWaXbpkgyvb5eUYcLwWXmC0dNq0dhrL21kd 9zlKG3tICtBf3L7tHXP5vXyN51XRaCEwDO8FEgsnM1+w9X9ApGkH0fE0h3fPygAM ADIgirkjs0HJP+vmGzt2qOTZUHlvu1iyg7wGNTQ9yIe69EKIzZAuucEouBzhgfiw fx9+aBysvIUXUfrt57m/eV77lIeHA5k3zRfYi8oXXiK3+upsMmOd0c7alF+2ODzK 2KgFP/uxHQGsEqCpJfoImlKjj7MyVZP7bz1umv2NhDQOxUkn03QWbLZsXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFQusOe1iQ6RD72vwyJry0Rua1DcMB8GA1UdIwQY MBaAFIhnjKNMPGNl+2FqZgdxYKSUpunWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQt Zjg1ZjcyMWZiMWI4LzEvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQtZjg1ZjcyMWZiMWI4 LzEvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBK+vLkS LKKNZdpP3YqufqtDO4U0nUzoHTyx++x1CdoEWTD6YmVUe1JuSH7IfhN9XfKrh9KL WKIbhey3kPfNBVtLA0uiQcqldN+UJV7lutMVxjqusb6UQ/8g7o7iw6aTb09BujtC ibn8OPgE6fRDclKP5uUSPIAHTKQz+svzYUwimWTTeTNQ8+UAxxKoNNQDanAgkvwS 5aPDYHZO4Ce3AP44YSmBbXbyVJe1CHHD86CmFPxtBy52aQqt8k9jYFZwQoSot8Gc OKbsNTYi2SBWaGquPJuqNYIuk9Q7vRUUQ3hD9MX5Z6MZikAtZ7n3pL5CJWta9Bte pz4bnl12PXLZsQ== -----END CERTIFICATE-----Generated at Sun Dec 21 03:54:24 2025 by rpki-client