This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft File: iydIPcFsMY5a__gyKTDIF_0ZLJE.mft (raw, json) Hash identifier: RXTh3XjpFv5HScnCY9DbooYdDna971/wnRXzRiwv1mI= Subject key identifier: 00:7F:1E:9E:F2:D9:AD:04:D7:10:0A:9A:02:7E:92:7C:CD:5C:7D:2C Authority key identifier: 8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91 Certificate issuer: /CN=8b27483dc16c318e5afff8322930c817fd192c91 Certificate serial: 019B2FD5A0E953E3FC1A66B07761F2D63D8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft Manifest number: 0AE1 Signing time: Thu 18 Dec 2025 05:01:27 +0000 Manifest this update: Thu 18 Dec 2025 05:01:27 +0000 Manifest next update: Fri 19 Dec 2025 05:01:27 +0000 Files and hashes: 1: WG1KTWwRB1pYbj2P1y-YbJWElMQ.roa (hash: /RcbZ2ujStzbSPjPDGEz6Qg57WsDieIVmjOcowRraSQ=) 2: iydIPcFsMY5a__gyKTDIF_0ZLJE.crl (hash: 2G3QA2p+NUDK1gRe1nYOL8R+21sfBcNsbg8TPy0h9ac=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d5:a0:e9:53:e3:fc:1a:66:b0:77:61:f2:d6:3d:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b27483dc16c318e5afff8322930c817fd192c91 Validity Not Before: Dec 18 05:01:27 2025 GMT Not After : Dec 19 05:01:27 2025 GMT Subject: CN=007f1e9ef2d9ad04d7100a9a027e927ccd5c7d2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:c2:c5:9e:f1:66:b1:05:0b:38:cf:d4:9c:08: 51:65:25:76:e5:25:03:f2:52:59:91:bd:b6:81:95: 49:fb:8a:34:5b:f5:f5:49:e9:7b:26:ed:4e:20:99: 1f:a4:35:a9:a3:01:07:01:b5:f2:13:e4:94:44:6f: 1d:1c:46:38:2c:a9:c0:ed:2c:67:53:46:99:dc:b9: 5a:01:ff:0d:ba:99:8d:0c:ed:01:bb:36:69:5e:ac: 20:b5:36:77:c7:15:47:46:09:54:79:e8:bc:3e:1d: 8e:97:9f:bf:73:76:e7:95:09:98:f8:25:a3:3d:42: 35:6a:cf:81:9f:ce:d0:ba:19:04:e8:22:0c:53:11: f5:99:fb:a4:33:fc:e4:27:7f:b6:ea:7d:2e:ec:6f: b8:e9:32:64:09:c6:32:3f:9d:65:b1:c4:4d:2a:70: df:d1:29:27:52:f7:cb:33:e1:9d:d7:29:12:cf:51: a9:80:27:4c:8d:aa:b2:78:7d:f7:72:ec:b2:c6:99: 77:96:a2:ce:a8:f5:46:35:82:19:45:53:97:15:71: b1:75:db:0e:b4:5d:e3:0d:9d:e0:06:b7:96:41:f2: 35:be:80:32:69:63:5e:28:33:55:89:ee:e8:c6:ea: 81:cf:e2:d7:82:88:37:71:36:43:29:5f:92:5f:6b: 98:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:7F:1E:9E:F2:D9:AD:04:D7:10:0A:9A:02:7E:92:7C:CD:5C:7D:2C X509v3 Authority Key Identifier: keyid:8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:a2:60:b8:cc:d1:e4:27:5c:68:bb:76:9c:39:45:3f:dc:78: 4d:c7:39:5a:77:e8:51:43:5d:2d:b5:70:16:79:c2:15:ba:ba: 7d:fc:6e:db:b3:ce:31:cd:a0:e0:0b:44:a6:d9:4d:1c:bb:5b: ff:5d:20:f7:f4:c0:ee:e6:e2:0a:a3:f7:86:a0:28:09:e5:20: 0c:df:5a:93:ef:ad:4d:0f:97:fe:ee:e2:51:d5:0d:56:45:5d: f2:07:8a:c2:f3:8f:e9:f4:4e:fa:e9:93:d4:b1:96:1f:97:f9: ed:55:5b:12:8a:49:16:26:2d:1a:70:47:15:ed:68:0f:25:b1: 0f:31:e1:4a:1d:b2:3c:f7:5f:c3:41:9d:7b:99:e7:92:8d:d6: 92:ef:71:59:1e:a5:9b:1e:5b:7b:15:9c:2e:c9:ad:9a:73:87: 3b:a9:ff:10:b7:0e:c1:99:1f:31:d0:1f:42:c8:8c:f5:84:6b: 5a:64:6d:73:08:78:17:26:a3:56:1a:6c:3d:88:4a:2e:5c:88: d5:c6:ef:f4:bb:01:82:2c:9e:0a:c5:e8:4b:8e:84:1e:be:ee: 5c:c1:03:5d:88:8d:c2:ad:e8:5f:3e:47:b2:40:26:d7:01:22: 4f:ea:70:21:ee:28:e8:0c:74:c0:f5:0a:22:01:99:bb:1f:c3: cc:fb:b1:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1aDpU+P8Gmawd2Hy1j2OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiMjc0ODNkYzE2YzMxOGU1YWZmZjgzMjI5MzBjODE3ZmQx OTJjOTEwHhcNMjUxMjE4MDUwMTI3WhcNMjUxMjE5MDUwMTI3WjAzMTEwLwYDVQQD EygwMDdmMWU5ZWYyZDlhZDA0ZDcxMDBhOWEwMjdlOTI3Y2NkNWM3ZDJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8LFnvFmsQULOM/UnAhRZSV25SUD 8lJZkb22gZVJ+4o0W/X1Sel7Ju1OIJkfpDWpowEHAbXyE+SURG8dHEY4LKnA7Sxn U0aZ3LlaAf8NupmNDO0BuzZpXqwgtTZ3xxVHRglUeei8Ph2Ol5+/c3bnlQmY+CWj PUI1as+Bn87QuhkE6CIMUxH1mfukM/zkJ3+26n0u7G+46TJkCcYyP51lscRNKnDf 0SknUvfLM+Gd1ykSz1GpgCdMjaqyeH33cuyyxpl3lqLOqPVGNYIZRVOXFXGxddsO tF3jDZ3gBreWQfI1voAyaWNeKDNVie7oxuqBz+LXgog3cTZDKV+SX2uYjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAB/Hp7y2a0E1xAKmgJ+knzNXH0sMB8GA1UdIwQY MBaAFIsnSD3BbDGOWv/4MikwyBf9GSyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4Yzct ZmI4OTNlMzkwOGQyLzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4YzctZmI4OTNlMzkwOGQy LzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuKJguMzR 5CdcaLt2nDlFP9x4Tcc5WnfoUUNdLbVwFnnCFbq6ffxu27POMc2g4AtEptlNHLtb /10g9/TA7ubiCqP3hqAoCeUgDN9ak++tTQ+X/u7iUdUNVkVd8geKwvOP6fRO+umT 1LGWH5f57VVbEopJFiYtGnBHFe1oDyWxDzHhSh2yPPdfw0Gde5nnko3Wku9xWR6l mx5bexWcLsmtmnOHO6n/ELcOwZkfMdAfQsiM9YRrWmRtcwh4FyajVhpsPYhKLlyI 1cbv9LsBgiyeCsXoS46EHr7uXMEDXYiNwq3oXz5HskAm1wEiT+pwIe4o6Ax0wPUK IgGZux/DzPuxpg== -----END CERTIFICATE-----Generated at Thu Dec 18 12:43:04 2025 by rpki-client