This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft File: iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft (raw, json) Hash identifier: z2UsYAMMpGDit5+URlpx30Dlye1KVHY2DYT+VZCdmv4= Subject key identifier: 6B:C6:38:70:CD:2D:21:05:C9:D8:A6:76:6F:CD:11:CF:55:50:EE:09 Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3 Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3 Certificate serial: 019B5D529170F90702AE79649B85606E4539 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft Manifest number: 161B Signing time: Sat 27 Dec 2025 01:00:50 +0000 Manifest this update: Sat 27 Dec 2025 01:00:50 +0000 Manifest next update: Sun 28 Dec 2025 01:00:50 +0000 Files and hashes: 1: iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl (hash: xG5nA9RNuAcqfJ0J0US5QAQxqsD4yior84wTYVM2cPE=) 2: zbnBRUeVPnEEwLI2vvj0r39FPtE.roa (hash: 4AvpkRySedv9+g3/SFfJUIRAayJwpWmaa1FdREtJu9E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:52:91:70:f9:07:02:ae:79:64:9b:85:60:6e:45:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3 Validity Not Before: Dec 27 01:00:50 2025 GMT Not After : Dec 28 01:00:50 2025 GMT Subject: CN=6bc63870cd2d2105c9d8a6766fcd11cf5550ee09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:1b:1d:fc:c8:9c:a9:56:69:7c:3e:3b:2e:be: 94:52:ac:f5:cd:30:56:2b:0a:eb:70:a3:a7:66:83: 89:21:fd:2a:0a:31:02:96:aa:21:e1:ac:ee:7e:d1: 7b:7e:a9:e1:db:60:cc:df:19:1c:f5:07:62:dc:b2: ea:4b:93:d2:07:d5:5f:33:ab:5d:7e:34:5b:c8:40: a1:e9:a8:c8:75:46:ac:47:f7:7f:1b:8f:56:3f:f7: 61:1d:d7:f2:7b:c5:0d:b7:0d:4d:d8:f0:89:9a:04: 64:0e:fa:6c:2a:54:c5:66:7b:25:a5:0f:11:c5:73: 05:a7:2c:df:89:e6:38:2f:77:6a:da:a1:2e:0d:f0: 8a:d9:6b:62:aa:83:19:a9:e1:4f:26:4f:83:fb:7d: 68:56:09:49:4f:66:04:db:02:95:25:40:99:a4:b3: 65:a8:a2:df:c5:3f:25:8f:2e:50:16:ba:3c:70:1b: d4:b2:93:b9:68:8e:7d:a4:08:dd:51:05:58:5c:ee: 60:e5:a5:a0:f8:ea:63:d9:ee:28:65:74:14:b9:ae: b2:56:4c:d9:1c:eb:90:18:09:44:11:fd:3f:e3:49: ab:a6:72:34:8e:da:3e:6e:a8:46:d9:9e:25:ff:de: dc:b5:75:14:64:26:15:8a:52:74:10:ce:6d:12:f5: 2e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:C6:38:70:CD:2D:21:05:C9:D8:A6:76:6F:CD:11:CF:55:50:EE:09 X509v3 Authority Key Identifier: keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:26:50:ed:a8:00:23:19:e5:95:56:1c:d0:d1:42:4f:26:3f: d9:31:26:46:ee:a2:cf:0e:d3:60:29:19:d1:95:b3:a9:c7:c9: 6f:6e:b5:0d:07:04:6b:24:c2:22:30:52:dd:0c:4a:1a:3a:22: b4:01:84:2a:1f:fd:06:2b:95:e0:34:b8:9c:e0:57:66:89:2a: 54:b1:52:d1:31:df:0c:99:87:2b:ba:a4:27:2d:ca:28:ec:3f: d5:f4:91:dc:8d:a1:22:b0:6c:f2:48:5b:2d:e5:1a:5c:e3:2f: b0:39:18:5f:f0:6e:a2:0f:a4:27:8a:60:2e:50:16:a5:ca:4d: 66:32:b7:f3:02:95:5e:c1:f0:0d:9e:f2:ca:57:e7:54:a7:b8: 5f:f8:25:e0:dd:2c:0e:e5:44:36:cd:66:65:d7:94:96:cc:55: 13:d1:0f:38:44:21:1d:bf:2c:be:dc:44:76:f3:35:c6:b1:2d: 65:fd:71:7b:08:e4:2b:67:ab:af:90:2d:9e:81:cb:97:86:c9: 1a:85:23:b0:81:06:a4:db:d6:85:59:fe:bc:7a:3b:44:18:f6: 40:e8:04:e8:d1:c9:73:57:ef:f5:58:e0:f4:47:fc:b9:1a:e9: e2:2f:db:8a:04:20:0c:09:c4:53:97:5f:90:9d:4f:9b:02:55: 5f:ad:77:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdUpFw+QcCrnlkm4VgbkU5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5ODgyNWQyZjA2NDk4OWIzOGM3ODFmMmE4NTM1MTg5YTI2 OTI4YzMwHhcNMjUxMjI3MDEwMDUwWhcNMjUxMjI4MDEwMDUwWjAzMTEwLwYDVQQD Eyg2YmM2Mzg3MGNkMmQyMTA1YzlkOGE2NzY2ZmNkMTFjZjU1NTBlZTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRsd/MicqVZpfD47Lr6UUqz1zTBW KwrrcKOnZoOJIf0qCjEClqoh4azuftF7fqnh22DM3xkc9Qdi3LLqS5PSB9VfM6td fjRbyECh6ajIdUasR/d/G49WP/dhHdfye8UNtw1N2PCJmgRkDvpsKlTFZnslpQ8R xXMFpyzfieY4L3dq2qEuDfCK2WtiqoMZqeFPJk+D+31oVglJT2YE2wKVJUCZpLNl qKLfxT8ljy5QFro8cBvUspO5aI59pAjdUQVYXO5g5aWg+Opj2e4oZXQUua6yVkzZ HOuQGAlEEf0/40mrpnI0jto+bqhG2Z4l/97ctXUUZCYVilJ0EM5tEvUuqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGvGOHDNLSEFydimdm/NEc9VUO4JMB8GA1UdIwQY MBaAFImIJdLwZJibOMeB8qhTUYmiaSjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgt ZWNhZTQxNDQ2Yjc3LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgtZWNhZTQxNDQ2Yjc3 LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXyZQ7agA IxnllVYc0NFCTyY/2TEmRu6izw7TYCkZ0ZWzqcfJb261DQcEayTCIjBS3QxKGjoi tAGEKh/9BiuV4DS4nOBXZokqVLFS0THfDJmHK7qkJy3KKOw/1fSR3I2hIrBs8khb LeUaXOMvsDkYX/Buog+kJ4pgLlAWpcpNZjK38wKVXsHwDZ7yylfnVKe4X/gl4N0s DuVENs1mZdeUlsxVE9EPOEQhHb8svtxEdvM1xrEtZf1xewjkK2err5AtnoHLl4bJ GoUjsIEGpNvWhVn+vHo7RBj2QOgE6NHJc1fv9Vjg9Ef8uRrp4i/bigQgDAnEU5df kJ1PmwJVX613lQ== -----END CERTIFICATE-----Generated at Sat Dec 27 04:10:38 2025 by rpki-client