This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft File: I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json) Hash identifier: lfVX3K9i1AX8V1q2yZOyjWty7rEJMYk3zIKN6njtoVc= Subject key identifier: 73:14:C4:AB:FD:39:3E:78:9A:75:BD:74:91:2D:9D:14:28:BA:28:62 Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC Certificate issuer: /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc Certificate serial: 019B6768683C0812194556251BA37117A16A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft Manifest number: 1798 Signing time: Mon 29 Dec 2025 00:00:54 +0000 Manifest this update: Mon 29 Dec 2025 00:00:54 +0000 Manifest next update: Tue 30 Dec 2025 00:00:54 +0000 Files and hashes: 1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: 420GDYv3s+nhRAnNrFclVq1hYBI6mVcwNzg7KngMDro=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 20:59:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:67:68:68:3c:08:12:19:45:56:25:1b:a3:71:17:a1:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc Validity Not Before: Dec 29 00:00:54 2025 GMT Not After : Dec 30 00:00:54 2025 GMT Subject: CN=7314c4abfd393e789a75bd74912d9d1428ba2862 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b6:72:52:87:1c:f1:36:3e:70:5c:15:61:65: 52:05:49:8c:80:5d:e7:f9:ae:72:cf:98:d1:7c:68: c2:59:44:ca:59:a9:94:04:94:2f:ac:cb:4f:c6:d1: 46:24:c2:ac:d2:1a:d8:d8:d7:4a:72:d3:eb:db:d9: 05:62:9b:7e:5e:c4:6c:df:aa:ae:5b:e0:ba:82:60: 7a:3a:c4:f7:50:b1:d0:e6:20:71:4b:47:2c:b8:ed: bb:2b:6d:d8:dd:c3:ee:47:d1:10:67:3e:cf:46:1d: 97:17:6f:39:2c:6b:e6:fa:ab:b3:7a:15:9b:a7:dc: 8f:af:49:ab:d3:20:88:2a:03:fe:25:85:0c:18:fe: 58:0f:b3:1b:f9:01:14:ab:f1:02:c1:fe:45:7e:ac: 7b:fc:72:6d:85:83:f7:cf:f2:f3:53:75:38:e8:3e: 06:3d:85:ad:cc:6a:af:15:cc:35:c7:a4:28:76:2f: ab:06:bb:6e:1e:8c:42:9e:a6:1f:b1:a5:c0:d3:cf: 33:a9:31:91:28:f4:8e:07:db:6c:c7:5a:33:be:9d: b1:33:ef:1c:c7:d8:be:35:a5:45:bf:cd:09:1b:89: 7b:a7:0d:75:4d:6f:eb:4c:0e:f2:59:38:f2:6c:03: c7:e7:eb:64:ef:49:d6:c7:f6:5a:76:c7:dc:a8:36: e7:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:14:C4:AB:FD:39:3E:78:9A:75:BD:74:91:2D:9D:14:28:BA:28:62 X509v3 Authority Key Identifier: keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:a1:c2:7e:a6:d3:34:f2:1b:67:43:9f:86:92:84:53:92:81: 22:89:77:03:b6:83:8b:00:eb:b0:8a:7d:c4:c9:dd:32:bd:c4: 65:f8:19:12:fb:c8:07:d1:cd:cc:c2:a6:03:63:26:ac:0b:0e: e9:71:50:3f:34:da:60:34:00:81:c0:54:9c:3d:4c:d4:53:aa: f4:61:ae:e4:24:65:79:b4:b6:34:b2:c3:59:25:93:06:18:c9: 39:fa:13:c6:8c:75:1d:a2:0c:c0:89:aa:26:44:5e:17:19:ab: 39:64:84:5d:f2:38:7e:6a:f5:5c:68:3e:47:81:57:75:39:6f: ee:ec:e0:8b:cb:ab:7c:5d:9b:ea:c5:f6:8e:35:17:fd:c3:56: b6:14:83:38:f7:8b:e8:55:3a:36:df:7d:c6:b1:52:bd:df:34: ed:27:0b:36:91:21:70:5e:ca:b2:d0:9d:0d:d3:2a:d9:93:0b: d3:da:7d:47:b4:47:c1:50:02:8a:ea:6a:b1:49:0d:0a:e0:af: bd:1a:0a:f2:94:f1:05:cc:73:a5:eb:50:71:9a:fe:d0:65:49: 8e:88:72:cf:ad:c2:19:9d:38:2f:7a:26:21:5b:80:be:62:f1: 14:82:19:49:53:f0:fe:16:bc:99:62:51:f1:5d:f6:a0:77:6c: e6:1e:a0:b1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtnaGg8CBIZRVYlG6NxF6FqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm NDJiYmMwHhcNMjUxMjI5MDAwMDU0WhcNMjUxMjMwMDAwMDU0WjAzMTEwLwYDVQQD Eyg3MzE0YzRhYmZkMzkzZTc4OWE3NWJkNzQ5MTJkOWQxNDI4YmEyODYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLZyUocc8TY+cFwVYWVSBUmMgF3n +a5yz5jRfGjCWUTKWamUBJQvrMtPxtFGJMKs0hrY2NdKctPr29kFYpt+XsRs36qu W+C6gmB6OsT3ULHQ5iBxS0csuO27K23Y3cPuR9EQZz7PRh2XF285LGvm+quzehWb p9yPr0mr0yCIKgP+JYUMGP5YD7Mb+QEUq/ECwf5Ffqx7/HJthYP3z/LzU3U46D4G PYWtzGqvFcw1x6Qodi+rBrtuHoxCnqYfsaXA088zqTGRKPSOB9tsx1ozvp2xM+8c x9i+NaVFv80JG4l7pw11TW/rTA7yWTjybAPH5+tk70nWx/ZadsfcqDbncQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHMUxKv9OT54mnW9dJEtnRQouihiMB8GA1UdIwQY MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMaHCfqbT NPIbZ0OfhpKEU5KBIol3A7aDiwDrsIp9xMndMr3EZfgZEvvIB9HNzMKmA2MmrAsO 6XFQPzTaYDQAgcBUnD1M1FOq9GGu5CRlebS2NLLDWSWTBhjJOfoTxox1HaIMwImq JkReFxmrOWSEXfI4fmr1XGg+R4FXdTlv7uzgi8urfF2b6sX2jjUX/cNWthSDOPeL 6FU6Nt99xrFSvd807ScLNpEhcF7KstCdDdMq2ZML09p9R7RHwVACiupqsUkNCuCv vRoK8pTxBcxzpetQcZr+0GVJjohyz63CGZ04L3omIVuAvmLxFIIZSVPw/ha8mWJR 8V32oHds5h6gsQ== -----END CERTIFICATE-----Generated at Mon Dec 29 02:25:34 2025 by rpki-client