This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft File: lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft (raw, json) Hash identifier: a92TngopzJLJhU6bq2kpjJnZ5s97dYhMoPXMgjK5SAI= Subject key identifier: 21:AD:C1:5E:D9:20:6F:16:B0:B6:E3:BC:FD:71:F5:92:98:CF:72:C6 Authority key identifier: 94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6 Certificate issuer: /CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6 Certificate serial: 019B6BE9BD7521D7A90B7F0E969DB8987FDA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft Manifest number: 17A6 Signing time: Mon 29 Dec 2025 21:00:39 +0000 Manifest this update: Mon 29 Dec 2025 21:00:39 +0000 Manifest next update: Tue 30 Dec 2025 21:00:39 +0000 Files and hashes: 1: 5UBdfwa59JnO3TC0RbPoMbXcwMI.roa (hash: BXAoKRzIsnGpyUD97PKhyGWEISH1mZLvzMgOl4ru7To=) 2: lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl (hash: 6KTcXNvIa3yh3XKhHXlAP4hceX/3GOqG1i5d6ID/Fdg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 21:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:e9:bd:75:21:d7:a9:0b:7f:0e:96:9d:b8:98:7f:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6 Validity Not Before: Dec 29 21:00:39 2025 GMT Not After : Dec 30 21:00:39 2025 GMT Subject: CN=21adc15ed9206f16b0b6e3bcfd71f59298cf72c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:26:ba:71:f5:0b:7f:eb:24:0d:18:29:d1:47: b6:9e:ac:2b:4b:d1:89:cc:e3:13:84:d2:74:b2:08: 9b:1e:f0:01:28:d1:04:12:2b:de:63:6c:e3:a0:fa: b9:e4:78:0e:06:5d:6c:1a:1e:e8:f0:af:02:04:42: ab:50:36:a2:5f:f5:08:e0:9f:17:bf:7b:67:1f:85: dd:3c:ad:69:47:9e:db:87:72:3c:1a:9e:f3:62:7f: 88:7a:f8:51:46:84:8f:7c:b4:0a:43:08:58:9b:f8: 5e:fc:3a:d3:62:33:42:96:42:8d:fd:f7:d6:10:0a: 56:4d:31:2a:c7:8e:a7:84:e1:2b:84:4d:1c:bf:95: 63:4f:e0:16:d9:b1:7f:25:12:d3:8e:5d:68:06:60: 6a:90:83:06:4d:5a:97:81:9b:55:16:57:24:42:cc: 8d:dc:02:41:05:2a:49:dd:33:30:74:64:01:68:b2: c6:ed:83:04:6c:a6:dd:8b:64:5f:14:09:1f:7e:db: 05:04:00:cc:98:f9:a6:dc:ba:9c:da:c8:7c:60:01: 9a:fd:27:a2:01:08:77:62:5d:d1:fe:b3:43:66:49: a8:5f:3c:24:dc:67:67:6c:93:f5:15:3b:48:95:c8: c3:4d:ea:9a:29:0f:e8:97:16:d8:c1:08:9f:12:65: 4f:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:AD:C1:5E:D9:20:6F:16:B0:B6:E3:BC:FD:71:F5:92:98:CF:72:C6 X509v3 Authority Key Identifier: keyid:94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:b9:28:b2:24:50:38:fe:bb:79:c6:ca:ec:d6:18:97:63:18: 48:db:b4:53:ca:85:de:97:fb:aa:56:b1:f9:57:1c:80:b9:74: 45:8a:8e:fc:2f:68:6d:6a:e7:36:29:52:f3:fe:99:94:0d:48: b6:1b:9c:2d:50:b9:c8:d0:04:11:8d:aa:17:2f:e3:d5:b1:a2: c7:91:1f:9a:68:1e:d5:a3:38:86:21:d7:7a:39:a1:05:d1:89: 05:a2:e1:a7:38:0c:8e:b4:40:9f:15:c4:9d:65:8a:91:72:ac: a6:45:94:6a:3d:63:4a:8a:86:fe:00:20:fa:3c:c5:e1:6c:6b: 4f:d8:e3:ea:e6:ce:5a:42:08:a6:3f:01:fe:fd:04:6c:1c:23: b8:b3:b2:2e:43:5a:2c:a0:8f:3f:19:b0:35:11:89:9a:c0:20: 05:d6:44:62:93:a9:6c:10:2c:c1:bf:13:be:86:4e:0f:e2:18: 29:0f:c6:48:70:e9:d5:f9:10:70:13:63:89:28:17:b2:7d:24: 11:8d:4d:1e:61:2a:07:31:71:f4:b9:4c:ab:38:61:60:e6:c1: 8f:0a:aa:80:a7:98:6a:f7:38:03:a0:54:88:4a:db:24:35:0b: da:ca:16:89:57:fb:e3:34:c3:f0:87:08:55:86:e6:32:f1:93: a2:8b:9d:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtr6b11IdepC38Olp24mH/aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0OGQ0NWNmZTM0ODJiOGY2MWRhZTAwMGIwMDdhNDY3ZWNk ZDRlZTYwHhcNMjUxMjI5MjEwMDM5WhcNMjUxMjMwMjEwMDM5WjAzMTEwLwYDVQQD EygyMWFkYzE1ZWQ5MjA2ZjE2YjBiNmUzYmNmZDcxZjU5Mjk4Y2Y3MmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsia6cfULf+skDRgp0Ue2nqwrS9GJ zOMThNJ0sgibHvABKNEEEiveY2zjoPq55HgOBl1sGh7o8K8CBEKrUDaiX/UI4J8X v3tnH4XdPK1pR57bh3I8Gp7zYn+IevhRRoSPfLQKQwhYm/he/DrTYjNClkKN/ffW EApWTTEqx46nhOErhE0cv5VjT+AW2bF/JRLTjl1oBmBqkIMGTVqXgZtVFlckQsyN 3AJBBSpJ3TMwdGQBaLLG7YMEbKbdi2RfFAkfftsFBADMmPmm3Lqc2sh8YAGa/Sei AQh3Yl3R/rNDZkmoXzwk3GdnbJP1FTtIlcjDTeqaKQ/olxbYwQifEmVP7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCGtwV7ZIG8WsLbjvP1x9ZKYz3LGMB8GA1UdIwQY MBaAFJSNRc/jSCuPYdrgALAHpGfs3U7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAt NDJkYWZiNGI1MWQyLzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAtNDJkYWZiNGI1MWQy LzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATLkosiRQ OP67ecbK7NYYl2MYSNu0U8qF3pf7qlax+VccgLl0RYqO/C9obWrnNilS8/6ZlA1I thucLVC5yNAEEY2qFy/j1bGix5Efmmge1aM4hiHXejmhBdGJBaLhpzgMjrRAnxXE nWWKkXKspkWUaj1jSoqG/gAg+jzF4WxrT9jj6ubOWkIIpj8B/v0EbBwjuLOyLkNa LKCPPxmwNRGJmsAgBdZEYpOpbBAswb8TvoZOD+IYKQ/GSHDp1fkQcBNjiSgXsn0k EY1NHmEqBzFx9LlMqzhhYObBjwqqgKeYavc4A6BUiErbJDUL2soWiVf74zTD8IcI VYbmMvGTooud2g== -----END CERTIFICATE-----Generated at Tue Dec 30 06:37:50 2025 by rpki-client