This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft File: IPblO2l60mO0uk6kmBQ2aog7VK0.mft (raw, json) Hash identifier: 7zM6rognygmFTmy0dkdIc5GncqBTM1KpgdXzjBnWOSE= Subject key identifier: C0:C0:E8:C3:CF:71:B3:9F:E5:03:70:9F:42:50:CA:DB:B9:88:6A:DB Authority key identifier: 20:F6:E5:3B:69:7A:D2:63:B4:BA:4E:A4:98:14:36:6A:88:3B:54:AD Certificate issuer: /CN=20f6e53b697ad263b4ba4ea49814366a883b54ad Certificate serial: 019B5599654A9AC0D4C9FA199FD8E959A87A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft Manifest number: 1794 Signing time: Thu 25 Dec 2025 13:01:14 +0000 Manifest this update: Thu 25 Dec 2025 13:01:14 +0000 Manifest next update: Fri 26 Dec 2025 13:01:14 +0000 Files and hashes: 1: APkFGhaR8YtianTelxgsgSDeVhM.roa (hash: 2Pdlo7CTCPlVPPRVRRuXnXVCI5TavhpFPnrp+xkks5o=) 2: IPblO2l60mO0uk6kmBQ2aog7VK0.crl (hash: oF79m/mPYrQdgf259DvM2Jbq2uoMmnc5RgTluOqBW9I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.crl rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:99:65:4a:9a:c0:d4:c9:fa:19:9f:d8:e9:59:a8:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20f6e53b697ad263b4ba4ea49814366a883b54ad Validity Not Before: Dec 25 13:01:14 2025 GMT Not After : Dec 26 13:01:14 2025 GMT Subject: CN=c0c0e8c3cf71b39fe503709f4250cadbb9886adb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:24:f9:78:49:54:32:8b:40:90:5b:93:e4:0a: cf:6e:66:b9:99:68:75:5d:fd:f4:1b:7b:c4:f6:3f: 1e:ec:35:5d:6a:5e:be:3a:bb:9a:d5:36:39:5d:3c: f3:c6:e0:01:d7:3f:e0:c9:9c:57:f7:09:3b:f2:72: 86:c7:5b:3e:66:c2:e1:40:6f:ae:45:92:33:41:69: ac:21:22:ca:39:df:be:d4:3d:6d:04:2e:05:1a:b0: 44:7b:11:bb:a5:ed:83:ab:9d:fd:0f:41:6a:61:23: 11:ca:20:fd:a3:e9:91:f2:20:5a:82:11:c0:2f:ca: f3:2a:63:65:b7:a3:9f:1e:72:92:f4:a2:85:58:e1: 6c:0c:a8:5b:ea:04:9c:8e:c2:bd:a2:d4:ad:ba:26: da:c0:c4:6a:90:07:70:04:6c:5a:90:9e:cb:e5:50: 0b:28:1a:94:8e:11:98:de:d7:2d:6c:d3:4a:f2:a5: 89:84:ce:a0:09:c9:a5:d6:be:ee:f1:4f:0d:50:a9: 72:19:22:75:f0:55:84:43:47:e4:a3:4f:c7:c7:14: bd:e6:3a:0e:b5:47:9a:98:f9:44:bf:ce:1b:01:81: 7b:ea:e2:9a:fa:2b:fd:eb:65:b9:6e:ea:3f:44:28: a8:5a:c5:d7:7b:b1:8b:d9:b9:0b:f3:9c:31:7e:48: 7f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:C0:E8:C3:CF:71:B3:9F:E5:03:70:9F:42:50:CA:DB:B9:88:6A:DB X509v3 Authority Key Identifier: keyid:20:F6:E5:3B:69:7A:D2:63:B4:BA:4E:A4:98:14:36:6A:88:3B:54:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:0b:10:1d:83:9b:b5:93:4d:d4:25:bc:28:c3:95:86:c8:22: 21:80:3a:b1:74:dc:29:31:40:df:db:4d:cb:29:3a:7f:fa:c5: 09:28:7a:ac:5a:2f:b6:f3:51:ac:88:f5:24:ca:69:61:8a:cd: fb:3a:cd:0e:53:30:1b:78:d2:ea:cc:d4:39:50:e0:cf:1f:84: 7c:33:21:d5:42:cb:33:93:96:4d:08:72:03:d7:f6:cf:90:9f: ee:4b:03:cb:30:80:82:a7:ae:75:a9:60:1d:fb:f5:21:97:45: 9b:70:44:dd:bb:6d:5e:48:12:34:c4:39:01:09:73:f4:1d:b2: d3:ba:13:a4:d3:0b:3e:81:0c:89:ee:73:0e:79:d2:3e:08:ac: 60:cc:dd:43:49:4e:2b:ca:68:48:2e:72:1d:b0:54:37:dc:63: 94:57:e4:78:6d:02:e8:c8:dd:a6:07:bc:fa:93:a7:e5:9d:81: 25:3f:cd:5d:a9:28:45:60:f5:e3:3c:c5:7c:75:e5:15:c0:38: 07:77:4b:b9:77:1b:eb:54:7b:f1:c1:79:49:40:96:99:00:13: f7:5e:c1:3f:db:ff:59:b5:e9:9a:b2:2e:6d:bc:26:12:04:01: 81:72:d4:f3:5d:cf:9f:8e:1e:23:5d:d0:67:e6:f7:cd:60:50: 4a:57:03:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtVmWVKmsDUyfoZn9jpWah6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZjZlNTNiNjk3YWQyNjNiNGJhNGVhNDk4MTQzNjZhODgz YjU0YWQwHhcNMjUxMjI1MTMwMTE0WhcNMjUxMjI2MTMwMTE0WjAzMTEwLwYDVQQD EyhjMGMwZThjM2NmNzFiMzlmZTUwMzcwOWY0MjUwY2FkYmI5ODg2YWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ST5eElUMotAkFuT5ArPbma5mWh1 Xf30G3vE9j8e7DVdal6+Orua1TY5XTzzxuAB1z/gyZxX9wk78nKGx1s+ZsLhQG+u RZIzQWmsISLKOd++1D1tBC4FGrBEexG7pe2Dq539D0FqYSMRyiD9o+mR8iBaghHA L8rzKmNlt6OfHnKS9KKFWOFsDKhb6gScjsK9otStuibawMRqkAdwBGxakJ7L5VAL KBqUjhGY3tctbNNK8qWJhM6gCcml1r7u8U8NUKlyGSJ18FWEQ0fko0/HxxS95joO tUeamPlEv84bAYF76uKa+iv962W5buo/RCioWsXXe7GL2bkL85wxfkh/TQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMDA6MPPcbOf5QNwn0JQytu5iGrbMB8GA1UdIwQY MBaAFCD25TtpetJjtLpOpJgUNmqIO1StMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lNzU3NmEtNDM2My00OTg0LWI0Yzct YjFmMjljY2NjZTU1LzEvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9lNzU3NmEtNDM2My00OTg0LWI0YzctYjFmMjljY2NjZTU1 LzEvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcQsQHYOb tZNN1CW8KMOVhsgiIYA6sXTcKTFA39tNyyk6f/rFCSh6rFovtvNRrIj1JMppYYrN +zrNDlMwG3jS6szUOVDgzx+EfDMh1ULLM5OWTQhyA9f2z5Cf7ksDyzCAgqeudalg Hfv1IZdFm3BE3bttXkgSNMQ5AQlz9B2y07oTpNMLPoEMie5zDnnSPgisYMzdQ0lO K8poSC5yHbBUN9xjlFfkeG0C6Mjdpge8+pOn5Z2BJT/NXakoRWD14zzFfHXlFcA4 B3dLuXcb61R78cF5SUCWmQAT917BP9v/WbXpmrIubbwmEgQBgXLU813Pn44eI13Q Z+b3zWBQSlcDaA== -----END CERTIFICATE-----Generated at Thu Dec 25 15:40:57 2025 by rpki-client