This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft File: IATWKTJ0OW9ajWkUhdaHagogcdk.mft (raw, json) Hash identifier: hMfrcPO4YRWrjgR6mTlh+v2dMywlWNfygXF2mr8y4Us= Subject key identifier: 03:D3:18:80:5C:84:4E:67:F8:C0:79:BC:CD:75:C8:B5:85:04:BD:EA Authority key identifier: 20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9 Certificate issuer: /CN=2004d6293274396f5a8d691485d6876a0a2071d9 Certificate serial: 019B522AA206F054D2D456C907387B7C1E77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft Manifest number: 1434 Signing time: Wed 24 Dec 2025 21:01:24 +0000 Manifest this update: Wed 24 Dec 2025 21:01:24 +0000 Manifest next update: Thu 25 Dec 2025 21:01:24 +0000 Files and hashes: 1: IATWKTJ0OW9ajWkUhdaHagogcdk.crl (hash: 22NX89hqjUsG43APsv6i3sKrdi+hCf7709TycHYI9fQ=) 2: aEJUX-P3iWzm8iZ2YmNhX1BUm-w.roa (hash: UCW6fp2JBu8X3L8wVEatff2uZp8yn3edNh91K1NyH88=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:2a:a2:06:f0:54:d2:d4:56:c9:07:38:7b:7c:1e:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2004d6293274396f5a8d691485d6876a0a2071d9 Validity Not Before: Dec 24 21:01:24 2025 GMT Not After : Dec 25 21:01:24 2025 GMT Subject: CN=03d318805c844e67f8c079bccd75c8b58504bdea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:5f:8b:38:94:50:ce:8a:0d:8d:68:9f:60:7b: c7:a4:55:9c:c5:89:7f:fc:4e:2a:89:d1:fb:37:f9: 5d:ec:de:c0:77:2e:77:6f:ba:37:17:4b:fe:9c:12: fc:76:16:3d:c7:72:68:69:2d:9f:8f:b3:55:7e:4e: 70:0d:be:92:dd:f9:cc:d1:26:d2:1c:95:01:12:4e: 6a:aa:65:fa:63:2b:75:83:4b:e2:2e:72:5f:21:21: 28:1a:4b:11:3e:82:ee:e7:0e:d7:df:f6:7d:81:d8: d9:96:9f:61:95:83:8c:1c:e4:20:22:41:31:2b:b4: 0e:7c:a7:9e:73:18:73:6e:53:c0:ca:28:f3:68:37: 9d:48:1d:5f:6f:5e:7f:c6:4b:c7:7f:9c:ad:d6:a6: 74:dd:9f:33:11:58:39:2f:ba:5b:5d:1e:fa:09:76: 8b:7b:d7:63:6b:65:f3:28:2a:77:27:79:bf:88:d7: 96:21:89:e5:6e:95:ac:f7:fd:3a:f6:3d:bd:ef:22: c6:b1:90:c6:42:e1:db:85:63:a9:57:3a:a7:e2:0b: e2:e5:6b:5b:95:53:07:5e:f4:eb:69:89:2b:a4:52: bf:16:60:27:6a:cb:1f:41:5e:0f:2d:54:f8:d2:ef: 8f:fe:71:55:7e:91:c7:02:ed:ac:2c:28:32:20:e8: 0e:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:D3:18:80:5C:84:4E:67:F8:C0:79:BC:CD:75:C8:B5:85:04:BD:EA X509v3 Authority Key Identifier: keyid:20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:8e:11:87:4a:ec:c5:54:e5:74:2d:e0:f4:ce:58:51:55:0d: 97:74:f4:b0:55:fd:5b:ef:b7:36:2d:d0:53:c6:60:3e:ad:47: 04:4a:36:76:f1:c8:59:c1:44:42:7b:47:4c:77:18:ed:45:0f: a3:ca:c1:5f:2b:34:04:1c:22:0f:b6:12:f8:30:ed:d2:ff:18: a6:5a:21:fc:d6:aa:38:93:d1:21:e7:8f:20:b1:5d:8a:73:7e: 94:3d:ef:ff:38:d1:1d:a0:03:c9:d2:66:e4:91:6a:2e:bc:35: 84:74:b0:5c:6f:99:0c:1d:98:17:e3:d4:ea:05:5e:3e:68:83: b4:bf:7d:d8:a9:d0:2e:3b:67:3a:d0:ec:08:09:1f:e5:2c:3c: 20:dd:34:7c:84:ee:0a:97:73:a5:01:0f:d2:f4:62:e8:76:6c: 85:9d:14:13:49:d8:1b:92:15:21:81:67:d2:d1:ed:d0:6a:fa: 07:c3:8b:13:7e:ad:0d:d1:95:03:93:8a:9d:b1:b6:02:a3:b7: 5f:00:02:82:96:b5:46:78:5c:5c:55:15:c2:4e:7c:76:95:54: 78:4f:da:fb:d5:87:65:10:ed:64:30:8b:ba:2d:7f:c0:e0:52: 45:7c:f1:d9:57:75:db:01:00:97:71:82:38:fa:43:69:55:35: ff:d6:fa:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSKqIG8FTS1FbJBzh7fB53MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMDRkNjI5MzI3NDM5NmY1YThkNjkxNDg1ZDY4NzZhMGEy MDcxZDkwHhcNMjUxMjI0MjEwMTI0WhcNMjUxMjI1MjEwMTI0WjAzMTEwLwYDVQQD EygwM2QzMTg4MDVjODQ0ZTY3ZjhjMDc5YmNjZDc1YzhiNTg1MDRiZGVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F+LOJRQzooNjWifYHvHpFWcxYl/ /E4qidH7N/ld7N7Ady53b7o3F0v+nBL8dhY9x3JoaS2fj7NVfk5wDb6S3fnM0SbS HJUBEk5qqmX6Yyt1g0viLnJfISEoGksRPoLu5w7X3/Z9gdjZlp9hlYOMHOQgIkEx K7QOfKeecxhzblPAyijzaDedSB1fb15/xkvHf5yt1qZ03Z8zEVg5L7pbXR76CXaL e9dja2XzKCp3J3m/iNeWIYnlbpWs9/069j297yLGsZDGQuHbhWOpVzqn4gvi5Wtb lVMHXvTraYkrpFK/FmAnassfQV4PLVT40u+P/nFVfpHHAu2sLCgyIOgOawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAPTGIBchE5n+MB5vM11yLWFBL3qMB8GA1UdIwQY MBaAFCAE1ikydDlvWo1pFIXWh2oKIHHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzIt NGVmOWNjNzUxNTE3LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzItNGVmOWNjNzUxNTE3 LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp44Rh0rs xVTldC3g9M5YUVUNl3T0sFX9W++3Ni3QU8ZgPq1HBEo2dvHIWcFEQntHTHcY7UUP o8rBXys0BBwiD7YS+DDt0v8Yploh/NaqOJPRIeePILFdinN+lD3v/zjRHaADydJm 5JFqLrw1hHSwXG+ZDB2YF+PU6gVePmiDtL992KnQLjtnOtDsCAkf5Sw8IN00fITu CpdzpQEP0vRi6HZshZ0UE0nYG5IVIYFn0tHt0Gr6B8OLE36tDdGVA5OKnbG2AqO3 XwACgpa1RnhcXFUVwk58dpVUeE/a+9WHZRDtZDCLui1/wOBSRXzx2Vd12wEAl3GC OPpDaVU1/9b69A== -----END CERTIFICATE-----Generated at Thu Dec 25 00:36:36 2025 by rpki-client