This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3a98e2-8ae8-4723-8959-ce2d8e3fc804/1/iBLpJPysuGLPO2T1bnZ7wybyf8o.mft File: iBLpJPysuGLPO2T1bnZ7wybyf8o.mft (raw, json) Hash identifier: PZOMkGY0rW529i4OBcjFby2uS8mKJn5XazD1Cvg6rGE= Subject key identifier: B4:CD:46:11:D2:68:13:27:46:C0:C0:D4:F7:F5:CD:CE:9C:78:5E:94 Authority key identifier: 88:12:E9:24:FC:AC:B8:62:CF:3B:64:F5:6E:76:7B:C3:26:F2:7F:CA Certificate issuer: /CN=8812e924fcacb862cf3b64f56e767bc326f27fca Certificate serial: 019B3DC79D074583F403B4EE0109DC881E1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBLpJPysuGLPO2T1bnZ7wybyf8o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3a98e2-8ae8-4723-8959-ce2d8e3fc804/1/iBLpJPysuGLPO2T1bnZ7wybyf8o.mft Manifest number: 1786 Signing time: Sat 20 Dec 2025 22:00:50 +0000 Manifest this update: Sat 20 Dec 2025 22:00:50 +0000 Manifest next update: Sun 21 Dec 2025 22:00:50 +0000 Files and hashes: 1: QKCpBgruuyz3i6ikVFdg6qQ3F0Y.roa (hash: G88p/gWLQ6tFindRbDEI4oT0jR5gYy6dY2FWfseB5AQ=) 2: iBLpJPysuGLPO2T1bnZ7wybyf8o.crl (hash: 2psApRjq4RQaG5nVpsZldcIh/UmHOmUGqHu6zLpYiZE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3a98e2-8ae8-4723-8959-ce2d8e3fc804/1/iBLpJPysuGLPO2T1bnZ7wybyf8o.crl rsync://rpki.ripe.net/repository/DEFAULT/33/3a98e2-8ae8-4723-8959-ce2d8e3fc804/1/iBLpJPysuGLPO2T1bnZ7wybyf8o.mft rsync://rpki.ripe.net/repository/DEFAULT/iBLpJPysuGLPO2T1bnZ7wybyf8o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 22:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:9d:07:45:83:f4:03:b4:ee:01:09:dc:88:1e:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8812e924fcacb862cf3b64f56e767bc326f27fca Validity Not Before: Dec 20 22:00:50 2025 GMT Not After : Dec 21 22:00:50 2025 GMT Subject: CN=b4cd4611d268132746c0c0d4f7f5cdce9c785e94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:18:fa:f7:ec:7a:77:8b:12:4c:0a:eb:9b:ec: 68:43:f3:6a:86:bc:68:65:87:d5:e1:4d:7e:50:72: 20:3c:3a:57:92:9b:c8:24:9f:5b:1d:b4:12:c4:29: e7:43:ad:e3:2f:ae:8e:f6:e8:95:07:0b:c4:3a:7c: 61:94:84:33:fd:96:90:ae:71:48:83:30:57:3a:e9: f4:67:a0:de:73:4d:3c:15:68:20:61:48:29:95:71: c3:e2:d2:59:bd:a1:45:aa:ca:87:47:d8:1a:50:a3: db:3c:d4:52:df:87:cc:e2:83:58:05:93:74:a4:75: d1:34:23:ed:2e:f5:5f:b2:89:64:07:3f:92:36:f5: 62:c2:19:c0:52:71:22:96:aa:34:41:d5:7d:59:2d: 99:ef:24:2d:23:89:77:a2:87:aa:67:72:ab:90:b6: e6:8b:40:12:60:fa:2c:9c:6b:12:dc:51:6a:39:28: 1b:d8:e4:60:38:5e:b4:95:10:37:ef:2e:33:ef:cc: 0a:9d:d4:ef:78:a0:27:0c:3a:d0:6d:23:23:3c:8a: 22:1d:a9:2e:3c:22:35:89:d4:81:84:3a:d1:79:b2: d4:18:25:b7:f9:e4:84:b0:b9:6a:6a:f0:8c:fe:c0: 4d:6b:a5:6b:ea:50:8a:28:b8:d6:19:48:67:1b:1c: 51:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:CD:46:11:D2:68:13:27:46:C0:C0:D4:F7:F5:CD:CE:9C:78:5E:94 X509v3 Authority Key Identifier: keyid:88:12:E9:24:FC:AC:B8:62:CF:3B:64:F5:6E:76:7B:C3:26:F2:7F:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBLpJPysuGLPO2T1bnZ7wybyf8o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3a98e2-8ae8-4723-8959-ce2d8e3fc804/1/iBLpJPysuGLPO2T1bnZ7wybyf8o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3a98e2-8ae8-4723-8959-ce2d8e3fc804/1/iBLpJPysuGLPO2T1bnZ7wybyf8o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:1e:86:f1:ac:c4:3d:64:56:88:ad:54:16:19:78:9b:50:79: 40:c9:25:c6:7d:ec:1d:9d:a3:b6:7e:3e:80:32:e8:43:c2:59: 2e:53:45:91:ed:b0:40:c1:66:d9:62:17:f1:70:67:9f:fa:ed: 68:4e:13:e9:ab:0c:ed:e7:07:22:71:5a:19:18:10:d5:c0:c7: 48:da:ef:07:3d:b2:51:06:a3:ce:c6:56:2a:36:37:85:74:50: 17:ee:54:b1:e1:62:67:e4:2b:69:ee:92:63:72:fe:97:6c:d5: 17:51:d9:90:6c:79:ef:b7:39:64:57:b9:32:8f:e1:38:ec:7b: cc:a1:cb:8b:8a:52:58:ae:f4:14:b1:1f:e9:08:43:a5:d3:9b: 63:54:05:6b:07:5d:70:71:7d:7f:1b:39:2a:69:3f:5c:a1:3d: 0d:f6:ea:e6:a4:20:6e:6f:ef:ee:37:0e:18:b1:b1:e9:4e:03: 3a:c8:42:4e:01:66:c8:4b:94:5d:c3:bc:3f:3c:6b:60:ed:af: 45:78:b9:9d:f2:df:6b:aa:27:2d:a9:94:8c:67:6c:c2:2a:a6: e3:ac:c4:4a:66:9b:b1:4a:59:bc:ac:cd:b9:9d:9a:96:79:ef: fd:35:b4:be:3d:8b:9b:f1:c4:a1:1a:a5:ba:2b:44:ff:d3:6d: 08:55:3c:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x50HRYP0A7TuAQnciB4aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MTJlOTI0ZmNhY2I4NjJjZjNiNjRmNTZlNzY3YmMzMjZm MjdmY2EwHhcNMjUxMjIwMjIwMDUwWhcNMjUxMjIxMjIwMDUwWjAzMTEwLwYDVQQD EyhiNGNkNDYxMWQyNjgxMzI3NDZjMGMwZDRmN2Y1Y2RjZTljNzg1ZTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Bj69+x6d4sSTArrm+xoQ/Nqhrxo ZYfV4U1+UHIgPDpXkpvIJJ9bHbQSxCnnQ63jL66O9uiVBwvEOnxhlIQz/ZaQrnFI gzBXOun0Z6Dec008FWggYUgplXHD4tJZvaFFqsqHR9gaUKPbPNRS34fM4oNYBZN0 pHXRNCPtLvVfsolkBz+SNvViwhnAUnEilqo0QdV9WS2Z7yQtI4l3ooeqZ3KrkLbm i0ASYPosnGsS3FFqOSgb2ORgOF60lRA37y4z78wKndTveKAnDDrQbSMjPIoiHaku PCI1idSBhDrRebLUGCW3+eSEsLlqavCM/sBNa6Vr6lCKKLjWGUhnGxxRVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLTNRhHSaBMnRsDA1Pf1zc6ceF6UMB8GA1UdIwQY MBaAFIgS6ST8rLhizztk9W52e8Mm8n/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUJMcEpQeXN1R0xQTzJUMWJuWjd3eWJ5ZjhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zYTk4ZTItOGFlOC00NzIzLTg5NTkt Y2UyZDhlM2ZjODA0LzEvaUJMcEpQeXN1R0xQTzJUMWJuWjd3eWJ5ZjhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zYTk4ZTItOGFlOC00NzIzLTg5NTktY2UyZDhlM2ZjODA0 LzEvaUJMcEpQeXN1R0xQTzJUMWJuWjd3eWJ5ZjhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVh6G8azE PWRWiK1UFhl4m1B5QMklxn3sHZ2jtn4+gDLoQ8JZLlNFke2wQMFm2WIX8XBnn/rt aE4T6asM7ecHInFaGRgQ1cDHSNrvBz2yUQajzsZWKjY3hXRQF+5UseFiZ+Qrae6S Y3L+l2zVF1HZkGx577c5ZFe5Mo/hOOx7zKHLi4pSWK70FLEf6QhDpdObY1QFawdd cHF9fxs5Kmk/XKE9Dfbq5qQgbm/v7jcOGLGx6U4DOshCTgFmyEuUXcO8PzxrYO2v RXi5nfLfa6onLamUjGdswiqm46zESmabsUpZvKzNuZ2alnnv/TW0vj2Lm/HEoRql uitE/9NtCFU8tA== -----END CERTIFICATE-----Generated at Sun Dec 21 06:46:01 2025 by rpki-client