This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft File: iOuqLxdpo932X4c9wx81HvB4rSU.mft (raw, json) Hash identifier: HAE+y3bihkG8ze5hpUf3D/aWIg7v3ld9o2NzD4T5Z7I= Subject key identifier: 5B:0C:77:33:51:60:DF:A4:D4:EB:18:81:41:55:0E:4A:D8:09:CB:AE Authority key identifier: 88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25 Certificate issuer: /CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25 Certificate serial: 019B7146DC28AC46C739E9F8EA95C09056E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft Manifest number: 0F41 Signing time: Tue 30 Dec 2025 22:00:27 +0000 Manifest this update: Tue 30 Dec 2025 22:00:27 +0000 Manifest next update: Wed 31 Dec 2025 22:00:27 +0000 Files and hashes: 1: P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa (hash: JFHWlXs6ts8+WEohOsphMs0bmJPDZeURLkqEXMqad1U=) 2: iOuqLxdpo932X4c9wx81HvB4rSU.crl (hash: eCS5/jWdcSp2SapYaeHRSo6VF5D9SxqDq97MZosn3nA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 15:21:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:46:dc:28:ac:46:c7:39:e9:f8:ea:95:c0:90:56:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25 Validity Not Before: Dec 30 22:00:27 2025 GMT Not After : Dec 31 22:00:27 2025 GMT Subject: CN=5b0c77335160dfa4d4eb188141550e4ad809cbae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:16:15:ba:0c:1a:20:e3:e5:9e:1e:09:3f:6b: 29:c2:c6:28:2a:7f:c1:3b:4c:4e:2d:fe:16:25:f0: 5f:f6:ff:21:98:3c:da:c6:4c:5d:6c:71:b2:80:46: 53:6c:47:f8:ef:8d:87:79:da:4e:b1:3f:1d:48:6a: d6:0d:18:a0:0d:3d:7c:04:06:df:a7:3b:cc:bd:9f: 2b:40:d4:56:76:79:c4:ad:e5:65:48:39:1e:e2:05: b3:25:f6:9c:02:16:39:0f:d9:b3:ee:ee:f3:c7:77: 9d:27:99:68:e5:7e:d5:0a:81:61:8d:8a:1a:03:b7: 5d:92:28:bb:63:f9:a3:ff:25:63:9e:8c:a6:8e:06: a6:dd:1a:95:48:e5:73:5d:f7:e8:6d:31:0f:4c:fc: 6d:3f:e1:fe:1e:32:f0:2f:90:46:10:da:68:57:ff: 5b:9d:84:3d:fd:5a:ba:bd:e5:0c:0b:d7:38:82:95: da:14:13:9c:9d:93:49:8f:95:64:6a:2f:5a:37:62: 2d:e3:2a:48:7e:34:e8:92:57:46:df:92:73:a4:91: 9a:4c:72:96:b0:19:db:25:98:f8:61:c3:b7:41:ec: 63:a7:9d:3e:55:76:3e:44:f4:fa:89:ab:5e:2c:1a: da:c6:73:fb:39:ea:0c:f5:76:38:38:67:c3:0b:9b: da:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:0C:77:33:51:60:DF:A4:D4:EB:18:81:41:55:0E:4A:D8:09:CB:AE X509v3 Authority Key Identifier: keyid:88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:b1:43:f3:93:bb:19:8c:f2:62:cf:35:a8:1d:ea:b2:17:ef: cc:8f:db:fa:f7:01:7e:56:c2:f4:10:0e:1a:5e:0d:1e:da:2c: d9:c2:8c:97:3f:0a:0b:47:0b:68:61:a2:4d:bf:6e:e2:21:02: 3b:2b:44:e8:31:fa:d1:2d:f4:84:03:51:c6:14:c2:21:1b:5a: d7:22:cf:8b:f7:71:97:62:e2:c4:8a:92:cb:6b:00:f3:48:25: cd:ca:55:46:8f:7f:b7:0e:96:13:33:b9:bc:f6:15:79:93:82: e1:00:42:e0:c4:2e:25:fd:a0:68:18:3e:ef:9c:ba:5e:4a:b8: 07:32:4a:f8:ff:f0:27:6b:29:d6:6d:be:4c:de:57:70:27:3d: 03:2f:8a:7f:4b:79:0f:68:cd:12:80:66:10:58:07:23:7c:4d: b3:a4:37:0c:51:12:f7:d8:5e:fa:2a:53:96:98:a5:6a:4c:e4: c5:ff:47:5b:be:96:3f:c5:1f:a0:68:9b:ff:75:36:c6:a6:67: 5a:92:70:43:ac:7a:e5:d0:1e:b4:ee:94:89:21:7b:49:24:e9: 37:48:94:ed:b5:5a:7a:a0:2c:87:35:d2:ef:45:59:3f:d5:df: e0:13:6c:ed:a0:8d:e3:d5:79:24:95:d5:c2:85:6b:82:14:e7: 93:44:d7:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtxRtworEbHOen46pXAkFbkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ZWJhYTJmMTc2OWEzZGRmNjVmODczZGMzMWYzNTFlZjA3 OGFkMjUwHhcNMjUxMjMwMjIwMDI3WhcNMjUxMjMxMjIwMDI3WjAzMTEwLwYDVQQD Eyg1YjBjNzczMzUxNjBkZmE0ZDRlYjE4ODE0MTU1MGU0YWQ4MDljYmFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxYVugwaIOPlnh4JP2spwsYoKn/B O0xOLf4WJfBf9v8hmDzaxkxdbHGygEZTbEf4742HedpOsT8dSGrWDRigDT18BAbf pzvMvZ8rQNRWdnnEreVlSDke4gWzJfacAhY5D9mz7u7zx3edJ5lo5X7VCoFhjYoa A7ddkii7Y/mj/yVjnoymjgam3RqVSOVzXffobTEPTPxtP+H+HjLwL5BGENpoV/9b nYQ9/Vq6veUMC9c4gpXaFBOcnZNJj5Vkai9aN2It4ypIfjTokldG35JzpJGaTHKW sBnbJZj4YcO3Qexjp50+VXY+RPT6iateLBraxnP7OeoM9XY4OGfDC5vaOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFsMdzNRYN+k1OsYgUFVDkrYCcuuMB8GA1UdIwQY MBaAFIjrqi8XaaPd9l+HPcMfNR7weK0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEt MmJiZjQ2ODg0NTg1LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEtMmJiZjQ2ODg0NTg1 LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEbFD85O7 GYzyYs81qB3qshfvzI/b+vcBflbC9BAOGl4NHtos2cKMlz8KC0cLaGGiTb9u4iEC OytE6DH60S30hANRxhTCIRta1yLPi/dxl2LixIqSy2sA80glzcpVRo9/tw6WEzO5 vPYVeZOC4QBC4MQuJf2gaBg+75y6Xkq4BzJK+P/wJ2sp1m2+TN5XcCc9Ay+Kf0t5 D2jNEoBmEFgHI3xNs6Q3DFES99he+ipTlpilakzkxf9HW76WP8UfoGib/3U2xqZn WpJwQ6x65dAetO6UiSF7SSTpN0iU7bVaeqAshzXS70VZP9Xf4BNs7aCN49V5JJXV woVrghTnk0TXvw== -----END CERTIFICATE-----Generated at Wed Dec 31 00:30:00 2025 by rpki-client