This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft File: rkIjS6xhcScD45im1b8EjFyfQDI.mft (raw, json) Hash identifier: jXnk9j59VGYuiQuxcQbWWyhHJvJkCZNaSoFiJj+40ac= Subject key identifier: FC:64:DE:81:79:CB:44:56:3D:E4:39:09:D5:D3:16:54:0A:DE:50:A5 Authority key identifier: AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32 Certificate issuer: /CN=ae42234bac61712703e398a6d5bf048c5c9f4032 Certificate serial: 019B31C3FBC106F00B67CA49D1A304452CCB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft Manifest number: 08B4 Signing time: Thu 18 Dec 2025 14:01:26 +0000 Manifest this update: Thu 18 Dec 2025 14:01:26 +0000 Manifest next update: Fri 19 Dec 2025 14:01:26 +0000 Files and hashes: 1: rkIjS6xhcScD45im1b8EjFyfQDI.crl (hash: kaJSwVAwGnXIAzdH8xlnxEScXvzZTfYPuR9+7wsNz/c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:c3:fb:c1:06:f0:0b:67:ca:49:d1:a3:04:45:2c:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae42234bac61712703e398a6d5bf048c5c9f4032 Validity Not Before: Dec 18 14:01:26 2025 GMT Not After : Dec 19 14:01:26 2025 GMT Subject: CN=fc64de8179cb44563de43909d5d316540ade50a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:62:1c:38:99:42:f8:3a:92:e4:d8:5b:73:46: 7d:87:ea:39:ee:e4:15:fd:52:cd:82:ca:5b:ca:b9: 81:83:2b:ab:7f:41:af:5a:4b:26:07:59:61:de:13: f1:8d:88:8e:d3:6d:a6:cd:1d:ad:05:5b:d1:4c:a5: 05:c4:a5:1a:4b:70:60:61:c0:7f:af:82:74:97:bb: bb:d6:66:6a:36:c5:d1:bb:76:0d:50:16:ba:82:0c: 4d:f4:ce:87:67:85:07:93:d1:a1:75:7f:04:2e:9b: aa:4f:7d:bd:e5:21:be:81:e6:52:45:fa:46:36:5a: e1:14:c6:15:cc:1f:f4:40:25:57:d1:4d:c8:57:f0: 7d:b1:ca:55:fa:48:23:c5:10:2d:5e:b8:8f:83:fc: a1:45:97:f6:b7:53:00:2d:34:f5:8f:0d:6c:88:bb: e8:66:94:65:fb:4d:d5:79:b7:3a:09:83:90:92:69: 72:63:3f:ce:ea:e7:73:82:9f:dc:e8:ef:02:82:f8: 5c:9e:1f:41:cb:8b:dc:bc:2b:25:a4:93:40:47:71: a6:8a:10:74:3e:07:c0:fb:0e:f8:c3:e3:93:50:ed: 95:7a:12:17:79:df:89:ef:25:c5:5d:1a:b6:69:74: 6f:c8:0a:1d:fb:31:a7:88:9f:66:6f:a6:49:fa:c0: 88:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:64:DE:81:79:CB:44:56:3D:E4:39:09:D5:D3:16:54:0A:DE:50:A5 X509v3 Authority Key Identifier: keyid:AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:e4:8d:88:4d:ae:a5:87:c4:09:fa:24:b5:1b:ef:80:8e:65: 4a:ca:4a:06:55:e1:4b:b6:cf:16:fa:77:e9:61:42:31:29:70: e2:54:56:41:17:49:55:7c:03:f7:f4:b9:e0:78:03:9f:3e:05: e9:ca:e0:c9:8b:5d:8a:ee:5c:b7:44:d1:ae:2c:36:6d:2b:37: 07:ed:52:b2:93:b1:79:3f:0e:fb:dd:9a:ae:93:7a:1c:d6:19: 1d:f7:4d:3c:fa:36:5a:d2:94:45:9d:63:b1:3f:a5:97:aa:9c: ca:a3:ee:b0:3c:9f:15:ff:60:5e:6a:4f:4c:76:89:be:b1:20: b6:e7:bb:14:c8:8b:20:9f:8b:84:e3:d9:4a:a7:c9:6d:7f:5c: 89:ce:4f:74:3c:d7:60:6a:0f:80:26:64:aa:0f:a0:bd:1a:30: ff:74:7b:ba:c0:b1:66:9d:58:e6:2e:d7:7d:50:77:ee:a3:70: 58:ae:25:6e:3f:80:0f:9c:ac:4e:bf:95:28:4d:03:d4:12:95: 40:17:ab:10:2e:2a:c6:ee:3f:e4:85:9a:6f:f8:c1:15:3a:78: 90:9e:22:e7:bb:78:b7:5f:27:b9:78:fe:43:5d:96:60:bc:6a: db:15:ac:d4:67:42:e3:8c:e4:2e:d8:fd:55:95:14:e4:59:93: 0a:26:96:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxw/vBBvALZ8pJ0aMERSzLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlNDIyMzRiYWM2MTcxMjcwM2UzOThhNmQ1YmYwNDhjNWM5 ZjQwMzIwHhcNMjUxMjE4MTQwMTI2WhcNMjUxMjE5MTQwMTI2WjAzMTEwLwYDVQQD EyhmYzY0ZGU4MTc5Y2I0NDU2M2RlNDM5MDlkNWQzMTY1NDBhZGU1MGE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWIcOJlC+DqS5Nhbc0Z9h+o57uQV /VLNgspbyrmBgyurf0GvWksmB1lh3hPxjYiO022mzR2tBVvRTKUFxKUaS3BgYcB/ r4J0l7u71mZqNsXRu3YNUBa6ggxN9M6HZ4UHk9GhdX8ELpuqT3295SG+geZSRfpG NlrhFMYVzB/0QCVX0U3IV/B9scpV+kgjxRAtXriPg/yhRZf2t1MALTT1jw1siLvo ZpRl+03Vebc6CYOQkmlyYz/O6udzgp/c6O8Cgvhcnh9By4vcvCslpJNAR3GmihB0 PgfA+w74w+OTUO2VehIXed+J7yXFXRq2aXRvyAod+zGniJ9mb6ZJ+sCI5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPxk3oF5y0RWPeQ5CdXTFlQK3lClMB8GA1UdIwQY MBaAFK5CI0usYXEnA+OYptW/BIxcn0AyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1Yjct ZWUyYmNmMTg2ZjI0LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1YjctZWUyYmNmMTg2ZjI0 LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAROSNiE2u pYfECfoktRvvgI5lSspKBlXhS7bPFvp36WFCMSlw4lRWQRdJVXwD9/S54HgDnz4F 6crgyYtdiu5ct0TRriw2bSs3B+1SspOxeT8O+92arpN6HNYZHfdNPPo2WtKURZ1j sT+ll6qcyqPusDyfFf9gXmpPTHaJvrEgtue7FMiLIJ+LhOPZSqfJbX9cic5PdDzX YGoPgCZkqg+gvRow/3R7usCxZp1Y5i7XfVB37qNwWK4lbj+AD5ysTr+VKE0D1BKV QBerEC4qxu4/5IWab/jBFTp4kJ4i57t4t18nuXj+Q12WYLxq2xWs1GdC44zkLtj9 VZUU5FmTCiaWNQ== -----END CERTIFICATE-----Generated at Thu Dec 18 18:34:57 2025 by rpki-client