This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft File: iveEdzfnSUKyvnS5P9AtkA0wmyA.mft (raw, json) Hash identifier: e5CvefR/5t5DRmHnTrV4OCK8sNWiDbpSWguUQCvkXkk= Subject key identifier: 36:EB:C3:B5:A8:B6:5A:D9:2E:4D:9C:16:87:37:31:46:E8:39:8E:4B Authority key identifier: 8A:F7:84:77:37:E7:49:42:B2:BE:74:B9:3F:D0:2D:90:0D:30:9B:20 Certificate issuer: /CN=8af7847737e74942b2be74b93fd02d900d309b20 Certificate serial: 019B3C7EA364207DE5C82121F4B993AE5CFF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 16:01:30 +0000 Manifest this update: Sat 20 Dec 2025 16:01:30 +0000 Manifest next update: Sun 21 Dec 2025 16:01:30 +0000 Files and hashes: 1: gl5jVkYAoBFN7cdrLnkDFxT9xzs.roa (hash: DKhlihYjJGtiikGfA1O1zHxswQCNAc4gtqIYH1Qddqc=) 2: iveEdzfnSUKyvnS5P9AtkA0wmyA.crl (hash: Co3M1pRPYIv2KoZojPG44doOqbCatMwB5fHvj7swt0E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.crl rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 16:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:a3:64:20:7d:e5:c8:21:21:f4:b9:93:ae:5c:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8af7847737e74942b2be74b93fd02d900d309b20 Validity Not Before: Dec 20 16:01:30 2025 GMT Not After : Dec 21 16:01:30 2025 GMT Subject: CN=36ebc3b5a8b65ad92e4d9c1687373146e8398e4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:3c:71:e4:e7:85:33:9d:38:22:07:42:38:73: 37:99:29:55:88:57:ae:ee:1b:56:3c:74:3e:40:15: e0:b9:57:2b:b1:7f:26:32:02:93:8b:c2:39:31:1f: 55:53:d6:c5:49:88:fc:4f:aa:00:b2:79:07:30:48: c1:61:72:15:fb:59:bb:a5:01:e5:e4:e2:62:66:63: 17:11:1c:13:38:87:11:2e:73:d0:26:3a:e5:24:3a: 4b:9a:b0:61:49:7b:1f:97:c5:00:7d:7e:1f:dd:9b: b9:cd:2c:da:2d:f1:05:91:ac:19:fa:97:f6:a7:b3: bf:46:f4:0b:a1:5a:f6:cd:16:53:a3:1b:7b:84:c5: 33:61:90:7e:8c:0d:74:15:25:3f:2e:01:15:fa:61: 82:d7:28:2e:ca:48:ce:3e:06:11:e7:2e:eb:cd:54: 79:0b:fc:86:9b:42:fd:f4:2d:fa:38:45:d8:49:a2: 34:04:72:0d:32:aa:1a:5f:11:19:35:2d:52:af:75: c2:26:af:ec:50:ae:8d:ee:e3:17:c6:8f:f4:1c:0f: 25:b0:dc:e5:27:da:3f:be:80:a3:69:f1:81:af:0e: d4:f3:12:9b:26:b8:53:35:ce:dc:b4:b0:5d:c7:6e: 6e:66:f8:6b:5c:a1:94:fe:60:63:aa:0c:a3:75:08: ea:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:EB:C3:B5:A8:B6:5A:D9:2E:4D:9C:16:87:37:31:46:E8:39:8E:4B X509v3 Authority Key Identifier: keyid:8A:F7:84:77:37:E7:49:42:B2:BE:74:B9:3F:D0:2D:90:0D:30:9B:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c5:90:96:23:ef:38:a7:81:85:6c:d0:00:3f:1f:4c:62:20:55: f3:41:fb:96:76:b3:f3:dd:64:30:3d:da:77:db:9e:59:19:be: c1:d7:df:0c:77:2b:65:d5:44:b3:ec:db:29:29:71:25:3b:3d: b6:74:5f:ac:8f:3c:bc:9b:b0:b0:d0:55:ce:de:58:57:9f:0e: 22:af:e7:3a:4f:eb:ef:18:53:35:51:e4:fd:95:f2:ab:ff:3a: 8a:d4:9e:93:b9:eb:a5:d9:37:f9:e0:ea:6b:ee:c9:34:7d:e5: d0:84:d7:3a:03:3d:22:99:48:37:f8:55:a5:fc:7b:b0:3f:f0: 89:f7:0b:09:ec:bc:14:6d:70:0d:6a:2a:ff:12:f2:68:8f:a9: d8:d8:2f:55:dd:ff:75:70:39:56:15:ae:e9:bf:6c:c2:64:cd: a2:8a:5d:3b:db:4b:90:99:55:35:22:40:5b:af:d3:69:37:35: 5f:51:c2:d6:f6:e4:f8:fa:17:62:9b:f0:58:e2:db:9f:b5:d2: d3:80:55:1f:84:00:d7:da:0c:ba:a8:c7:66:99:4c:1f:44:74: 5d:1a:9f:cb:05:3d:61:e6:f0:ae:40:60:b9:52:c7:83:ed:a4: 02:06:03:02:e9:0e:39:35:b9:c8:66:ac:62:db:47:05:c8:62: 93:34:7d:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fqNkIH3lyCEh9LmTrlz/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhZjc4NDc3MzdlNzQ5NDJiMmJlNzRiOTNmZDAyZDkwMGQz MDliMjAwHhcNMjUxMjIwMTYwMTMwWhcNMjUxMjIxMTYwMTMwWjAzMTEwLwYDVQQD EygzNmViYzNiNWE4YjY1YWQ5MmU0ZDljMTY4NzM3MzE0NmU4Mzk4ZTRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTxx5OeFM504IgdCOHM3mSlViFeu 7htWPHQ+QBXguVcrsX8mMgKTi8I5MR9VU9bFSYj8T6oAsnkHMEjBYXIV+1m7pQHl 5OJiZmMXERwTOIcRLnPQJjrlJDpLmrBhSXsfl8UAfX4f3Zu5zSzaLfEFkawZ+pf2 p7O/RvQLoVr2zRZToxt7hMUzYZB+jA10FSU/LgEV+mGC1yguykjOPgYR5y7rzVR5 C/yGm0L99C36OEXYSaI0BHINMqoaXxEZNS1Sr3XCJq/sUK6N7uMXxo/0HA8lsNzl J9o/voCjafGBrw7U8xKbJrhTNc7ctLBdx25uZvhrXKGU/mBjqgyjdQjqyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDbrw7WotlrZLk2cFoc3MUboOY5LMB8GA1UdIwQY MBaAFIr3hHc350lCsr50uT/QLZANMJsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81MjM4NGItZTdhNC00MjY5LWEwY2Mt N2VmYzI4MDhkMTI1LzEvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni81MjM4NGItZTdhNC00MjY5LWEwY2MtN2VmYzI4MDhkMTI1 LzEvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxZCWI+84 p4GFbNAAPx9MYiBV80H7lnaz891kMD3ad9ueWRm+wdffDHcrZdVEs+zbKSlxJTs9 tnRfrI88vJuwsNBVzt5YV58OIq/nOk/r7xhTNVHk/ZXyq/86itSek7nrpdk3+eDq a+7JNH3l0ITXOgM9IplIN/hVpfx7sD/wifcLCey8FG1wDWoq/xLyaI+p2NgvVd3/ dXA5VhWu6b9swmTNoopdO9tLkJlVNSJAW6/TaTc1X1HC1vbk+PoXYpvwWOLbn7XS 04BVH4QA19oMuqjHZplMH0R0XRqfywU9YebwrkBguVLHg+2kAgYDAukOOTW5yGas YttHBchikzR98Q== -----END CERTIFICATE-----Generated at Sun Dec 21 02:30:14 2025 by rpki-client