This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft File: iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json) Hash identifier: IVEOsNJW/LixwY6b+4AP9IlSZBj8hc3ume8SocIGbZE= Subject key identifier: 99:FC:39:20:94:95:E7:53:CD:3D:00:4F:73:EF:0E:A4:DB:AC:84:9F Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE Certificate issuer: /CN=88f75722db25b3723decda5d870df69bf0d865ae Certificate serial: 019B4249EDF140D4C916429BBE7E4E5A7387 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft Manifest number: 1183 Signing time: Sun 21 Dec 2025 19:01:39 +0000 Manifest this update: Sun 21 Dec 2025 19:01:39 +0000 Manifest next update: Mon 22 Dec 2025 19:01:39 +0000 Files and hashes: 1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: tK8+Zk6zpDxV4rB0C3e5b9LrcNap5ca7Sow7L43r5a0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:ed:f1:40:d4:c9:16:42:9b:be:7e:4e:5a:73:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae Validity Not Before: Dec 21 19:01:39 2025 GMT Not After : Dec 22 19:01:39 2025 GMT Subject: CN=99fc39209495e753cd3d004f73ef0ea4dbac849f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:2c:eb:01:3c:ac:d1:36:0b:77:ce:ab:44:08: b7:06:a4:d0:8f:57:cb:26:f9:fa:f1:9c:f6:e0:e5: 22:7b:2d:68:ab:4f:c1:36:f9:da:c1:11:62:dc:56: 53:a5:d1:ae:e9:ad:54:cd:d5:a3:b2:91:eb:40:c8: 87:ba:42:3d:7d:0f:30:3c:9a:82:15:c4:e0:10:1f: 3b:28:7d:91:0a:50:f5:dd:84:ce:99:e5:67:67:41: fe:9f:09:20:6f:9f:55:e6:20:58:74:6f:3f:36:9d: 39:45:c3:ec:86:e8:c0:01:e8:5e:fe:91:2d:f6:dc: 14:ce:c6:32:58:08:09:67:36:f8:6c:16:99:51:3b: 64:d8:fa:45:76:c7:bd:7c:ac:78:92:03:fd:a9:8b: 38:d6:cf:35:ea:9a:87:71:0e:9d:78:73:5a:dc:ab: 9c:f4:b9:7a:2a:9f:10:3b:80:a2:99:7e:a9:27:6c: 3a:dd:84:c5:7e:d1:40:18:59:5a:44:9b:d4:8b:2e: 60:ab:5b:76:89:2c:58:99:de:35:a7:09:70:18:fe: 7f:3f:12:1b:a1:5f:38:6b:33:a9:fb:75:96:85:32: 15:fe:bb:28:28:66:cc:7f:47:4c:cb:21:bb:73:27: bc:3a:61:ff:87:db:3f:23:1d:27:8f:a8:fa:ab:d1: 61:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:FC:39:20:94:95:E7:53:CD:3D:00:4F:73:EF:0E:A4:DB:AC:84:9F X509v3 Authority Key Identifier: keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:e9:ef:50:57:c3:c4:5a:45:f0:e0:c7:5c:09:9f:e7:93:48: 8b:2e:9f:0a:9c:e8:7f:57:c2:c5:dd:7e:58:0f:24:3f:00:9f: 1b:7f:47:2b:ef:20:b5:16:51:d1:40:4c:98:c0:8f:0a:93:3c: 7e:d5:84:49:46:50:01:22:1f:79:ad:31:3e:48:3a:6b:28:43: 70:46:95:ba:7b:38:47:46:02:d3:40:85:56:be:d8:64:67:74: 0a:96:89:a8:2f:10:53:5f:59:3f:7b:be:70:b8:4f:eb:d3:2c: ab:a6:1c:a2:8d:49:9c:80:0f:b2:cd:0e:d1:b6:c1:d6:cc:a7: 9e:a7:f1:33:2a:e0:ca:10:f4:7b:4d:02:88:3a:95:c3:f6:0a: 96:da:78:db:38:7c:3e:10:22:f2:4d:71:32:a7:44:9a:b7:c5: 14:66:72:77:90:4b:33:c5:c3:16:47:ad:9f:be:b1:96:51:fe: 94:6f:a6:f1:9b:c3:23:90:0f:75:cc:8b:d8:e8:6a:3f:f3:e9: 8c:7e:5c:4a:8b:8a:75:45:73:c7:9d:63:10:60:85:72:15:7c: 00:25:d5:70:49:7b:ff:4b:4e:af:71:b8:15:29:f9:8b:e4:8f: 6f:54:51:84:27:0c:5d:d6:32:91:38:8b:c6:09:d8:6c:23:f5: c0:ff:12:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSe3xQNTJFkKbvn5OWnOHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk ODY1YWUwHhcNMjUxMjIxMTkwMTM5WhcNMjUxMjIyMTkwMTM5WjAzMTEwLwYDVQQD Eyg5OWZjMzkyMDk0OTVlNzUzY2QzZDAwNGY3M2VmMGVhNGRiYWM4NDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2izrATys0TYLd86rRAi3BqTQj1fL Jvn68Zz24OUiey1oq0/BNvnawRFi3FZTpdGu6a1UzdWjspHrQMiHukI9fQ8wPJqC FcTgEB87KH2RClD13YTOmeVnZ0H+nwkgb59V5iBYdG8/Np05RcPshujAAehe/pEt 9twUzsYyWAgJZzb4bBaZUTtk2PpFdse9fKx4kgP9qYs41s816pqHcQ6deHNa3Kuc 9Ll6Kp8QO4CimX6pJ2w63YTFftFAGFlaRJvUiy5gq1t2iSxYmd41pwlwGP5/PxIb oV84azOp+3WWhTIV/rsoKGbMf0dMyyG7cye8OmH/h9s/Ix0nj6j6q9FhHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJn8OSCUledTzT0AT3PvDqTbrISfMB8GA1UdIwQY MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIenvUFfD xFpF8ODHXAmf55NIiy6fCpzof1fCxd1+WA8kPwCfG39HK+8gtRZR0UBMmMCPCpM8 ftWESUZQASIfea0xPkg6ayhDcEaVuns4R0YC00CFVr7YZGd0CpaJqC8QU19ZP3u+ cLhP69Msq6Ycoo1JnIAPss0O0bbB1synnqfxMyrgyhD0e00CiDqVw/YKltp42zh8 PhAi8k1xMqdEmrfFFGZyd5BLM8XDFketn76xllH+lG+m8ZvDI5APdcyL2OhqP/Pp jH5cSouKdUVzx51jEGCFchV8ACXVcEl7/0tOr3G4FSn5i+SPb1RRhCcMXdYykTiL xgnYbCP1wP8STw== -----END CERTIFICATE-----Generated at Sun Dec 21 22:27:14 2025 by rpki-client