This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft File: IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json) Hash identifier: 7vEA1ESlMDiqLO6BdrRmAyFjR042QrHqubuTOdaWyoE= Subject key identifier: A0:C0:4B:A1:FA:A8:38:D8:89:05:B6:F7:6C:B4:1C:8C:99:85:C0:A5 Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9 Certificate issuer: /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9 Certificate serial: 019B4B15B8873E60239373CD37EACA33858D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft Manifest number: 0721 Signing time: Tue 23 Dec 2025 12:01:13 +0000 Manifest this update: Tue 23 Dec 2025 12:01:13 +0000 Manifest next update: Wed 24 Dec 2025 12:01:13 +0000 Files and hashes: 1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: tfPUbMJ4AmNV3S1+VgrlTkrriFomz52QSCiSbmHLYWo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 12:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:15:b8:87:3e:60:23:93:73:cd:37:ea:ca:33:85:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9 Validity Not Before: Dec 23 12:01:13 2025 GMT Not After : Dec 24 12:01:13 2025 GMT Subject: CN=a0c04ba1faa838d88905b6f76cb41c8c9985c0a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:62:5a:d9:e7:db:10:9b:74:d2:7f:ea:7f:d6: fb:1d:2f:f6:ec:b3:40:fe:ae:9f:3d:5b:28:8a:e1: 04:7b:a2:9b:45:c8:d2:47:f9:82:f0:84:1a:b5:72: 07:0c:31:53:66:62:54:79:09:40:d3:0d:56:76:56: 7e:32:0a:6c:4c:08:4e:9a:9c:70:81:17:fa:61:21: c4:64:5d:0a:b7:9f:e0:12:7c:c4:c6:c2:c6:3b:75: 59:0c:bc:8b:3f:da:52:28:9f:33:e5:59:b2:f2:5a: 33:88:ea:c6:65:71:42:52:f4:85:6f:99:b2:cc:b5: e6:a2:27:47:a3:c2:ab:2a:1e:61:5e:33:b7:e5:a9: 97:96:1e:fa:f5:f7:8e:d4:b9:12:a3:30:39:c0:fe: b7:39:8e:0f:de:53:14:e0:02:64:b5:d6:ae:c8:c2: e0:da:6d:93:68:3e:8f:de:09:26:f3:66:f5:68:37: d5:f9:9f:4f:35:7e:9a:43:9f:11:d0:c9:7e:09:12: 32:a7:ed:7f:cd:4a:70:18:cd:24:5d:a4:5c:6d:6f: 5b:94:ec:48:f8:64:6c:8d:b6:4e:c3:6c:9f:1a:18: 87:7e:da:2a:01:97:64:f8:9a:e6:d3:c5:61:90:ee: 51:43:86:a7:f3:1e:3b:33:68:71:6a:f7:2f:60:4b: 16:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:C0:4B:A1:FA:A8:38:D8:89:05:B6:F7:6C:B4:1C:8C:99:85:C0:A5 X509v3 Authority Key Identifier: keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:c4:94:d2:e9:42:7d:ad:de:7f:cd:6e:9f:f5:75:79:ae:02: fc:29:37:fb:47:db:1f:7c:8e:e9:e0:37:3c:13:6b:8a:72:a8: 47:6a:f3:7c:3d:18:95:83:93:63:f8:d5:ad:52:14:cb:dd:09: d0:bb:53:78:bd:23:34:9d:95:41:ff:69:33:7b:f5:24:57:13: 2c:ae:90:d2:42:29:0d:d9:d7:1a:2f:6b:09:55:b1:95:d6:dd: fe:a5:f1:e5:89:df:b8:b0:19:33:f5:c7:60:5f:27:9f:9e:7d: 5a:a9:f1:30:08:58:c0:ab:b9:e2:f0:ad:a0:3b:21:8a:9b:5c: 2e:66:0d:77:e9:c9:78:82:55:5f:05:ec:ff:db:3d:5e:21:12: 82:59:43:a2:63:14:28:09:75:98:94:e9:f0:4a:cd:f6:fe:4f: 8c:d3:fb:ec:32:6b:25:03:64:f8:26:86:20:72:b0:23:67:b7: d1:64:90:d9:a8:c3:c5:2b:75:31:4a:2c:3d:52:d2:cc:e1:c3: be:b2:ff:3f:50:ab:64:ba:0d:03:92:68:d5:39:f5:2a:29:20: 61:0e:17:22:90:e9:7c:d8:a7:25:e7:2e:fb:6b:ec:3e:ce:da: c8:ca:2d:8b:dc:6b:f7:95:33:c5:da:04:04:6b:00:ed:69:26: 39:10:70:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLFbiHPmAjk3PNN+rKM4WNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3 MDhlYjkwHhcNMjUxMjIzMTIwMTEzWhcNMjUxMjI0MTIwMTEzWjAzMTEwLwYDVQQD EyhhMGMwNGJhMWZhYTgzOGQ4ODkwNWI2Zjc2Y2I0MWM4Yzk5ODVjMGE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7mJa2efbEJt00n/qf9b7HS/27LNA /q6fPVsoiuEEe6KbRcjSR/mC8IQatXIHDDFTZmJUeQlA0w1WdlZ+MgpsTAhOmpxw gRf6YSHEZF0Kt5/gEnzExsLGO3VZDLyLP9pSKJ8z5Vmy8loziOrGZXFCUvSFb5my zLXmoidHo8KrKh5hXjO35amXlh769feO1LkSozA5wP63OY4P3lMU4AJktdauyMLg 2m2TaD6P3gkm82b1aDfV+Z9PNX6aQ58R0Ml+CRIyp+1/zUpwGM0kXaRcbW9blOxI +GRsjbZOw2yfGhiHftoqAZdk+Jrm08VhkO5RQ4an8x47M2hxavcvYEsW2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKDAS6H6qDjYiQW292y0HIyZhcClMB8GA1UdIwQY MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARMSU0ulC fa3ef81un/V1ea4C/Ck3+0fbH3yO6eA3PBNrinKoR2rzfD0YlYOTY/jVrVIUy90J 0LtTeL0jNJ2VQf9pM3v1JFcTLK6Q0kIpDdnXGi9rCVWxldbd/qXx5YnfuLAZM/XH YF8nn559WqnxMAhYwKu54vCtoDshiptcLmYNd+nJeIJVXwXs/9s9XiESgllDomMU KAl1mJTp8ErN9v5PjNP77DJrJQNk+CaGIHKwI2e30WSQ2ajDxSt1MUosPVLSzOHD vrL/P1CrZLoNA5Jo1Tn1KikgYQ4XIpDpfNinJecu+2vsPs7ayMoti9xr95UzxdoE BGsA7WkmORBwsA== -----END CERTIFICATE-----Generated at Tue Dec 23 17:18:11 2025 by rpki-client