This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft File: isfq5knZVHsK0KsAerTopI3tTV0.mft (raw, json) Hash identifier: 11QjDUqQQMYfNEQvARf5HiwutK3NzqkZQkgreey+gS0= Subject key identifier: FD:63:23:AF:4F:D5:E7:A8:1D:30:31:09:8C:14:B0:32:81:2C:36:2F Authority key identifier: 8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D Certificate issuer: /CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d Certificate serial: 019B432585EF8CE9A130D22CE5F58F817399 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft Manifest number: 1791 Signing time: Sun 21 Dec 2025 23:01:31 +0000 Manifest this update: Sun 21 Dec 2025 23:01:31 +0000 Manifest next update: Mon 22 Dec 2025 23:01:31 +0000 Files and hashes: 1: VnjAZXEV2IpEDwg3p4BnaouHiwY.roa (hash: +OjGTLOvqNCpLYSjRU9GeBSRZeFRlVpWW6Mj3HPVgqw=) 2: isfq5knZVHsK0KsAerTopI3tTV0.crl (hash: zneyzvXJRVJ6uzoY+JvLbvptiJPoA2+gsE+6+KgthGo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:25:85:ef:8c:e9:a1:30:d2:2c:e5:f5:8f:81:73:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d Validity Not Before: Dec 21 23:01:31 2025 GMT Not After : Dec 22 23:01:31 2025 GMT Subject: CN=fd6323af4fd5e7a81d3031098c14b032812c362f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e9:14:aa:51:68:31:07:08:d5:56:f0:45:7e: 38:3e:d5:14:a6:c5:56:99:22:cd:a2:69:f8:78:b2: 5e:82:8c:55:20:7e:a1:9b:9a:c3:df:74:de:15:7d: 48:f1:e5:4b:0a:71:4d:6b:47:ec:28:61:80:4d:8e: de:73:48:9f:dc:f6:4d:b0:d7:f2:5a:f6:05:7e:d3: 2f:25:59:c6:9c:a0:12:03:a2:fe:9b:c6:9a:98:89: 0c:d4:65:c1:11:7d:9e:59:a3:0d:eb:96:fb:37:65: b5:68:37:c9:5a:4c:49:50:db:0a:b7:09:ed:16:05: fa:f4:c4:22:d0:e5:f3:a8:2f:23:44:0b:e9:d6:f2: 30:69:8e:ac:07:b5:52:5a:b0:3d:01:03:b6:a2:89: 41:13:2a:42:c0:e3:01:ab:7c:f2:24:14:1f:e8:d2: 15:21:a0:27:e9:6e:d3:83:e1:1e:da:b0:13:09:ae: b4:c2:0c:d7:81:8b:65:ea:d8:1a:a2:83:95:d4:11: af:9c:cc:c7:b2:25:e1:ad:6d:c8:c4:75:cc:47:ab: a6:33:e0:a1:46:4b:de:dd:4a:d6:2d:26:41:09:a6: 80:b5:e1:c5:ee:61:d7:83:17:27:fe:63:15:8c:90: c5:b2:ef:6c:48:05:75:90:07:36:99:a2:04:cd:2c: 2b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:63:23:AF:4F:D5:E7:A8:1D:30:31:09:8C:14:B0:32:81:2C:36:2F X509v3 Authority Key Identifier: keyid:8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:4e:e7:27:4d:cd:56:e1:ae:69:46:51:46:28:3b:59:4e:a6: e3:28:08:2f:5f:94:94:59:17:22:93:dc:8c:1e:fa:27:10:1e: e3:05:8b:64:19:b9:f8:f7:6e:4e:1c:de:47:11:1c:d6:d2:78: 3a:74:77:5b:0b:47:25:8d:ec:70:5e:f8:c2:05:88:47:36:2e: f1:d7:44:a1:77:a4:80:26:4e:65:83:65:4e:a0:6b:fa:9e:b4: 27:e5:e4:27:17:41:ff:1f:5f:97:9a:06:21:a5:cc:2f:d1:21: 2f:f9:77:c2:32:02:3c:39:4a:43:d9:dd:c2:83:4c:10:0b:a2: 18:8d:3d:bd:cf:fc:40:92:bf:39:74:b9:4d:ea:c9:43:43:1f: 31:37:40:e0:65:51:c1:e2:af:49:60:9f:96:e1:57:21:ed:02: 92:b7:fe:5f:39:b7:01:3b:38:38:5b:10:2b:bf:46:3f:34:c2: e0:7e:8e:16:0c:75:4c:ec:49:4b:f1:ad:98:b9:fa:e3:5b:8d: 36:94:52:07:e9:59:8a:ee:59:de:e9:ee:01:12:ba:77:3a:2e: b9:d2:a3:54:a8:0e:ca:5b:4a:9f:71:71:04:d2:47:6f:0e:3e: b5:4a:78:59:62:6d:be:82:06:ef:af:2b:13:7b:fa:3a:21:fd: e1:a6:3b:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDJYXvjOmhMNIs5fWPgXOZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhYzdlYWU2NDlkOTU0N2IwYWQwYWIwMDdhYjRlOGE0OGRl ZDRkNWQwHhcNMjUxMjIxMjMwMTMxWhcNMjUxMjIyMjMwMTMxWjAzMTEwLwYDVQQD EyhmZDYzMjNhZjRmZDVlN2E4MWQzMDMxMDk4YzE0YjAzMjgxMmMzNjJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOkUqlFoMQcI1VbwRX44PtUUpsVW mSLNomn4eLJegoxVIH6hm5rD33TeFX1I8eVLCnFNa0fsKGGATY7ec0if3PZNsNfy WvYFftMvJVnGnKASA6L+m8aamIkM1GXBEX2eWaMN65b7N2W1aDfJWkxJUNsKtwnt FgX69MQi0OXzqC8jRAvp1vIwaY6sB7VSWrA9AQO2oolBEypCwOMBq3zyJBQf6NIV IaAn6W7Tg+Ee2rATCa60wgzXgYtl6tgaooOV1BGvnMzHsiXhrW3IxHXMR6umM+Ch Rkve3UrWLSZBCaaAteHF7mHXgxcn/mMVjJDFsu9sSAV1kAc2maIEzSwrEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP1jI69P1eeoHTAxCYwUsDKBLDYvMB8GA1UdIwQY MBaAFIrH6uZJ2VR7CtCrAHq06KSN7U1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYt YWMwMWYwYzU2NjJiLzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYtYWMwMWYwYzU2NjJi LzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYk7nJ03N VuGuaUZRRig7WU6m4ygIL1+UlFkXIpPcjB76JxAe4wWLZBm5+PduThzeRxEc1tJ4 OnR3WwtHJY3scF74wgWIRzYu8ddEoXekgCZOZYNlTqBr+p60J+XkJxdB/x9fl5oG IaXML9EhL/l3wjICPDlKQ9ndwoNMEAuiGI09vc/8QJK/OXS5TerJQ0MfMTdA4GVR weKvSWCfluFXIe0Ckrf+Xzm3ATs4OFsQK79GPzTC4H6OFgx1TOxJS/GtmLn641uN NpRSB+lZiu5Z3unuARK6dzouudKjVKgOyltKn3FxBNJHbw4+tUp4WWJtvoIG768r E3v6OiH94aY7fA== -----END CERTIFICATE-----Generated at Mon Dec 22 03:22:38 2025 by rpki-client