This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft File: IAxw024BOwfk5tjsPqTuQTtKqpg.mft (raw, json) Hash identifier: FRkGNM1z2EYfcLmsUTtxMXcOVRjaPHWtwBUuu/v0m0k= Subject key identifier: 94:1D:FF:0C:78:04:9D:F6:F9:92:6A:D2:33:97:13:50:D5:1C:91:7A Authority key identifier: 20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98 Certificate issuer: /CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98 Certificate serial: 019B5260D9688AFD1E21D573855DA9006530 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft Manifest number: 1795 Signing time: Wed 24 Dec 2025 22:00:37 +0000 Manifest this update: Wed 24 Dec 2025 22:00:37 +0000 Manifest next update: Thu 25 Dec 2025 22:00:37 +0000 Files and hashes: 1: IAxw024BOwfk5tjsPqTuQTtKqpg.crl (hash: hNHpIO4Lv/mi8C3jMzpN53DSjWThts3Pdp9HlU3NSnY=) 2: xInhnEQ1Wnjyaeg0NstEg1xaXmc.roa (hash: v0sQzu+7Kta5k4gVJi492esLH7WHwA4RWeUkfyAHe34=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:60:d9:68:8a:fd:1e:21:d5:73:85:5d:a9:00:65:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98 Validity Not Before: Dec 24 22:00:37 2025 GMT Not After : Dec 25 22:00:37 2025 GMT Subject: CN=941dff0c78049df6f9926ad233971350d51c917a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b3:1b:eb:d9:ff:45:e7:59:ae:53:9b:0a:0a: 26:9f:c2:f3:ed:0e:98:e6:a7:5f:c1:3e:63:b9:bb: 29:5e:6e:4b:b6:bf:f4:07:f8:14:20:ee:f0:60:6e: 25:38:eb:69:91:70:d0:3b:fb:7f:22:56:01:0d:ec: 92:06:4b:b6:1c:e5:b7:89:a9:e1:6c:5c:e1:27:62: 07:34:96:25:4b:87:26:7b:a5:7a:08:c6:0d:15:be: d8:cb:2a:4e:95:b3:4f:87:d5:27:02:ec:0c:d0:31: ed:d0:d7:3d:91:de:43:b0:67:fd:31:dc:a1:c5:9e: b4:1b:87:77:82:86:b1:05:ca:c3:30:e0:fd:32:85: 69:c4:44:07:4e:36:e7:1a:3a:38:b0:90:50:9d:32: 32:cb:a8:ee:7b:5b:cc:82:20:e7:41:a5:2d:e1:46: 65:c0:0b:73:6f:48:12:06:81:84:40:d7:51:85:d4: c2:ab:fb:c2:d3:87:c3:2a:5f:05:f7:aa:38:13:b5: e5:4d:9a:2a:d3:49:63:c5:f9:ae:b2:ce:7b:95:df: 8c:7c:63:28:1a:16:e8:7a:2b:c1:53:14:47:d5:c8: 97:74:7b:e7:33:d5:85:81:4b:80:98:65:4f:1e:47: e1:bd:47:ba:13:76:3b:73:d4:02:c7:10:fe:06:0d: 80:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:1D:FF:0C:78:04:9D:F6:F9:92:6A:D2:33:97:13:50:D5:1C:91:7A X509v3 Authority Key Identifier: keyid:20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:e1:32:0b:1d:1b:eb:ec:91:f7:79:d8:32:7a:cd:6b:8e:bb: 85:98:b8:e4:77:bc:2f:80:fc:38:5b:33:de:5c:98:cc:07:2b: 84:52:be:58:45:0d:e5:6f:43:34:5d:23:a0:26:be:88:d9:48: 21:73:92:02:ca:18:af:a9:00:02:3c:ac:6e:9b:5f:e6:e4:dd: a4:2d:f4:75:b7:81:26:b4:d0:58:b0:3a:25:b6:fe:6b:40:09: 9d:81:45:a0:de:21:d7:a6:aa:12:f7:11:4c:c7:a6:d2:55:e4: 1d:ee:bb:e8:91:a9:7c:b8:00:dd:4d:27:c5:3b:bb:5a:60:74: f8:b9:ee:fb:87:69:78:84:a7:68:dc:98:6e:05:6d:31:bf:1d: 7e:d3:4a:d9:10:e4:ec:59:5f:49:a6:e2:fc:76:a8:48:67:64: 5a:aa:fb:6b:47:b4:55:03:b1:52:24:67:b1:0e:8d:1a:6a:f5: 21:68:cd:db:a7:cd:14:5c:49:e5:25:9a:bc:5d:fd:99:91:58: e0:cb:f4:23:df:a9:fd:4f:d6:7c:77:d2:01:a2:a3:10:cf:63: f7:c5:54:2b:75:f6:82:51:bb:51:e1:3a:ee:90:50:39:f3:4d: 4c:21:df:6d:fd:d5:55:11:f2:1d:5c:fc:30:24:85:b8:29:68: 0a:90:e9:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSYNloiv0eIdVzhV2pAGUwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMGM3MGQzNmUwMTNiMDdlNGU2ZDhlYzNlYTRlZTQxM2I0 YWFhOTgwHhcNMjUxMjI0MjIwMDM3WhcNMjUxMjI1MjIwMDM3WjAzMTEwLwYDVQQD Eyg5NDFkZmYwYzc4MDQ5ZGY2Zjk5MjZhZDIzMzk3MTM1MGQ1MWM5MTdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bMb69n/RedZrlObCgomn8Lz7Q6Y 5qdfwT5jubspXm5Ltr/0B/gUIO7wYG4lOOtpkXDQO/t/IlYBDeySBku2HOW3ianh bFzhJ2IHNJYlS4cme6V6CMYNFb7YyypOlbNPh9UnAuwM0DHt0Nc9kd5DsGf9Mdyh xZ60G4d3goaxBcrDMOD9MoVpxEQHTjbnGjo4sJBQnTIyy6jue1vMgiDnQaUt4UZl wAtzb0gSBoGEQNdRhdTCq/vC04fDKl8F96o4E7XlTZoq00ljxfmuss57ld+MfGMo GhboeivBUxRH1ciXdHvnM9WFgUuAmGVPHkfhvUe6E3Y7c9QCxxD+Bg2AoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJQd/wx4BJ32+ZJq0jOXE1DVHJF6MB8GA1UdIwQY MBaAFCAMcNNuATsH5ObY7D6k7kE7SqqYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUt MTU4MDNmZmIxNzQ2LzEvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUtMTU4MDNmZmIxNzQ2 LzEvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPuEyCx0b 6+yR93nYMnrNa467hZi45He8L4D8OFsz3lyYzAcrhFK+WEUN5W9DNF0joCa+iNlI IXOSAsoYr6kAAjysbptf5uTdpC30dbeBJrTQWLA6Jbb+a0AJnYFFoN4h16aqEvcR TMem0lXkHe676JGpfLgA3U0nxTu7WmB0+Lnu+4dpeISnaNyYbgVtMb8dftNK2RDk 7FlfSabi/HaoSGdkWqr7a0e0VQOxUiRnsQ6NGmr1IWjN26fNFFxJ5SWavF39mZFY 4Mv0I9+p/U/WfHfSAaKjEM9j98VUK3X2glG7UeE67pBQOfNNTCHfbf3VVRHyHVz8 MCSFuCloCpDpCg== -----END CERTIFICATE-----Generated at Thu Dec 25 03:27:40 2025 by rpki-client