This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft File: IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft (raw, json) Hash identifier: MGLRRRPbz6VvnuRvATWLBnEjeoE4vOMHCkPQWrsg2ZU= Subject key identifier: D1:B4:29:3D:6C:B9:BC:E1:CB:A2:9A:99:9D:F4:85:46:75:40:8B:74 Authority key identifier: 21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35 Certificate issuer: /CN=214a0f42190944ac6b45e00a24ae41a345fdcb35 Certificate serial: 019B3C7DD9089CF609F3FB84222CFB825529 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft Manifest number: 1788 Signing time: Sat 20 Dec 2025 16:00:38 +0000 Manifest this update: Sat 20 Dec 2025 16:00:38 +0000 Manifest next update: Sun 21 Dec 2025 16:00:38 +0000 Files and hashes: 1: BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa (hash: 7T5AV/yHdfgZicPaqkaiWb9Osz7vZVkyB1rTGAClRcg=) 2: IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl (hash: qHyonDOUSzTgipONSDz/EgifO5hqqh7nnPUEHWzTCt4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 16:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7d:d9:08:9c:f6:09:f3:fb:84:22:2c:fb:82:55:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=214a0f42190944ac6b45e00a24ae41a345fdcb35 Validity Not Before: Dec 20 16:00:38 2025 GMT Not After : Dec 21 16:00:38 2025 GMT Subject: CN=d1b4293d6cb9bce1cba29a999df4854675408b74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ae:e2:4c:59:1e:2d:4d:b9:69:99:c9:44:a4: 8c:8e:33:c5:78:d6:5f:43:c5:49:2b:f6:c5:81:e7: ea:0f:cd:ca:97:a6:fd:9c:9b:8c:e0:5a:5d:6b:ff: 4a:38:7e:ca:df:4f:59:f0:d9:6b:d4:b2:bb:dc:e9: 93:ee:3c:df:d5:36:30:c2:55:c7:72:f2:84:f7:08: ce:a9:e0:d0:a3:69:01:01:6a:ee:f5:b7:87:09:b8: 82:ac:37:ea:4f:f6:36:de:8a:aa:15:dd:ed:c9:b2: 69:f6:99:51:51:da:7e:32:c0:a1:ae:1a:f7:bb:e9: d5:8e:db:35:29:f8:80:d5:de:96:4d:09:6d:3f:62: 49:8a:bd:9b:d2:a7:2b:da:c3:d7:af:03:9b:45:67: f4:d3:46:0d:bf:24:d2:77:7c:cb:aa:4b:c2:d0:59: 0e:c5:ff:6f:bb:2f:dc:56:6f:90:c3:38:8e:89:e3: 73:d1:45:20:68:86:59:7c:1d:40:83:67:07:a0:9b: 47:e3:a4:b6:f1:bb:50:52:3c:af:13:7e:ce:47:a2: 0a:fd:0a:7f:dc:dd:cd:41:8c:7c:c6:44:90:8d:0e: 27:43:38:91:c8:fd:1c:40:79:cf:9c:e1:5b:aa:45: cf:02:96:f9:30:51:c7:cb:2d:54:37:d5:c6:ef:82: c6:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:B4:29:3D:6C:B9:BC:E1:CB:A2:9A:99:9D:F4:85:46:75:40:8B:74 X509v3 Authority Key Identifier: keyid:21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:84:c7:ee:ec:d2:91:96:c4:6e:27:5e:fa:9a:6f:03:87:a7: 40:a0:77:1f:00:59:b6:7a:cf:18:60:64:ee:01:12:0c:21:0b: a8:95:1d:a8:04:c8:9d:90:15:61:69:7f:23:15:08:81:f4:e0: af:49:cc:f0:4b:f9:85:2c:a7:5a:74:8e:59:e9:65:b1:d9:ed: ae:1f:e0:d6:9a:b3:a0:8b:9d:fb:e0:0b:a2:f6:53:29:8b:91: d2:ab:f0:9c:a2:a4:3d:06:b6:9b:3c:cb:93:a3:5a:0f:6b:6b: c6:35:65:40:ba:3d:73:0e:00:6e:45:8e:42:9b:71:ce:6d:51: e4:6d:50:26:0f:04:02:ae:02:90:6d:ed:88:c6:1e:5b:64:e6: d4:d6:ad:68:11:34:3e:3b:2f:ca:b2:51:97:53:90:ba:49:a8: a8:a3:e2:01:56:fb:b3:4f:f2:7c:f9:00:f2:4a:4f:70:71:42: 6b:b2:27:36:24:a4:ac:03:9e:8e:37:70:8e:c2:a2:bb:06:65: f1:94:7a:f6:8b:39:b8:de:94:d8:79:00:3a:aa:39:85:94:d8: f0:af:6b:ac:b0:01:5a:89:ac:22:68:aa:dc:f3:2b:b1:2f:22: 7b:78:b8:3c:e3:48:80:d2:ac:ae:88:76:5d:25:f6:00:83:aa: d9:90:ab:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fdkInPYJ8/uEIiz7glUpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxNGEwZjQyMTkwOTQ0YWM2YjQ1ZTAwYTI0YWU0MWEzNDVm ZGNiMzUwHhcNMjUxMjIwMTYwMDM4WhcNMjUxMjIxMTYwMDM4WjAzMTEwLwYDVQQD EyhkMWI0MjkzZDZjYjliY2UxY2JhMjlhOTk5ZGY0ODU0Njc1NDA4Yjc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq7iTFkeLU25aZnJRKSMjjPFeNZf Q8VJK/bFgefqD83Kl6b9nJuM4Fpda/9KOH7K309Z8Nlr1LK73OmT7jzf1TYwwlXH cvKE9wjOqeDQo2kBAWru9beHCbiCrDfqT/Y23oqqFd3tybJp9plRUdp+MsChrhr3 u+nVjts1KfiA1d6WTQltP2JJir2b0qcr2sPXrwObRWf000YNvyTSd3zLqkvC0FkO xf9vuy/cVm+QwziOieNz0UUgaIZZfB1Ag2cHoJtH46S28btQUjyvE37OR6IK/Qp/ 3N3NQYx8xkSQjQ4nQziRyP0cQHnPnOFbqkXPApb5MFHHyy1UN9XG74LGtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNG0KT1subzhy6KamZ30hUZ1QIt0MB8GA1UdIwQY MBaAFCFKD0IZCUSsa0XgCiSuQaNF/cs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMt YjY2NTZjYzFiZDU5LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMtYjY2NTZjYzFiZDU5 LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4TH7uzS kZbEbide+ppvA4enQKB3HwBZtnrPGGBk7gESDCELqJUdqATInZAVYWl/IxUIgfTg r0nM8Ev5hSynWnSOWellsdntrh/g1pqzoIud++ALovZTKYuR0qvwnKKkPQa2mzzL k6NaD2trxjVlQLo9cw4AbkWOQptxzm1R5G1QJg8EAq4CkG3tiMYeW2Tm1NataBE0 PjsvyrJRl1OQukmoqKPiAVb7s0/yfPkA8kpPcHFCa7InNiSkrAOejjdwjsKiuwZl 8ZR69os5uN6U2HkAOqo5hZTY8K9rrLABWomsImiq3PMrsS8ie3i4PONIgNKsroh2 XSX2AIOq2ZCrgA== -----END CERTIFICATE-----Generated at Sun Dec 21 02:11:03 2025 by rpki-client