This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft File: 1Iml3dMALoAJmbXBhn94Z4G68T0.mft (raw, json) Hash identifier: EaKBkHhzMcTqjAchp7BNNB3WbPHqCec04lJmI/2y6+o= Subject key identifier: 6C:78:A4:8D:9C:12:EF:74:94:B0:3E:66:3E:3A:CE:21:3F:01:D5:69 Authority key identifier: D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D Certificate issuer: /CN=d489a5ddd3002e800999b5c1867f786781baf13d Certificate serial: 019B47022630A8614E7F9D28DB8FB9D919E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft Manifest number: 178E Signing time: Mon 22 Dec 2025 17:01:21 +0000 Manifest this update: Mon 22 Dec 2025 17:01:21 +0000 Manifest next update: Tue 23 Dec 2025 17:01:21 +0000 Files and hashes: 1: 1Iml3dMALoAJmbXBhn94Z4G68T0.crl (hash: FMtrHVZS+nOX6sSMtrmPZPYhhiVY3Js/BzRE0qKFxhI=) 2: Oic624JnJmz9lkyUCkfkxynrzXU.roa (hash: reuQNdNLE9OYq59c7HheLuUPxQ+GdUmZR0j+FA5WU8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:02:26:30:a8:61:4e:7f:9d:28:db:8f:b9:d9:19:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d489a5ddd3002e800999b5c1867f786781baf13d Validity Not Before: Dec 22 17:01:21 2025 GMT Not After : Dec 23 17:01:21 2025 GMT Subject: CN=6c78a48d9c12ef7494b03e663e3ace213f01d569 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:18:a7:8b:56:04:95:19:2f:e9:51:ea:b7:ec: 90:7f:40:7e:4a:10:ad:aa:c8:57:87:29:bf:c5:08: 1a:dc:b8:94:08:1f:e3:da:e1:44:57:9a:99:82:17: 80:4c:ea:c5:50:bf:29:27:6f:b9:5a:4d:6d:31:57: 55:de:b6:82:11:34:bd:b4:cb:ee:74:8a:1e:7b:9e: 2b:9e:38:c3:ad:bf:19:26:01:5d:97:9b:a5:f5:e9: ac:d6:09:ae:c1:6d:b8:a1:47:4c:04:ae:9b:df:45: 8c:1e:f8:d2:0e:6f:70:f1:62:25:95:e7:68:29:fb: d5:54:23:10:15:67:ad:9f:74:f6:0e:dc:ad:93:f4: aa:d8:68:fd:49:e3:aa:56:3d:63:a8:e8:9a:1b:60: 57:5e:8a:c9:94:59:7e:b2:ab:5a:c6:94:b7:86:0c: d0:89:c4:e6:6a:70:6e:7b:1d:2d:b2:97:b9:50:f4: d1:1f:d1:54:91:95:a5:2c:41:73:0e:86:5f:77:b3: a0:3a:b7:82:a3:11:b2:21:6e:68:d9:66:9e:ee:e5: 6b:89:79:0d:df:f6:19:c9:e4:49:3e:d0:03:a1:12: 50:08:6b:1d:08:3f:75:56:88:e6:23:a2:6d:0b:dd: d5:c4:04:8f:42:6b:34:70:4c:9d:1d:ee:8b:b8:41: e5:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:78:A4:8D:9C:12:EF:74:94:B0:3E:66:3E:3A:CE:21:3F:01:D5:69 X509v3 Authority Key Identifier: keyid:D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:a7:09:7a:ae:0f:93:44:68:55:f8:72:96:69:75:8f:00:c9: 99:cf:05:ff:79:92:c1:0b:c2:8f:8a:92:8f:ea:aa:45:22:32: ea:3c:37:d5:cc:94:db:b6:05:a8:0d:38:86:5d:28:31:0c:c6: 47:d0:60:4e:2e:ff:eb:65:fe:7c:e6:db:37:b6:23:6a:c1:a3: 17:40:64:c5:ad:33:84:14:d9:9a:d7:0c:bd:3e:3c:b6:81:2e: f0:9a:af:7a:b9:a7:c2:4b:0e:bc:51:59:54:23:e3:15:e0:48: a3:d0:08:92:fb:a0:69:7d:b6:06:47:4e:01:a0:46:f9:19:2c: 7e:60:fb:bd:a9:91:6a:c0:35:7b:5c:ee:81:24:60:dc:84:df: 8f:fe:fb:be:40:61:13:fe:6c:a2:e6:6f:01:d5:0c:bc:c6:fa: 7c:79:c9:30:f4:ea:ff:2a:1a:d6:a4:3f:47:a1:20:f4:1c:be: 9f:e2:9b:01:93:83:b6:36:d3:6a:97:01:7b:23:8c:ed:ec:34: 5e:52:62:44:24:08:7b:0e:4b:b3:1c:62:d1:e2:f9:b0:65:45: 2a:97:9e:b4:35:03:84:b0:88:1b:34:9b:18:63:a2:80:f8:e8: 07:92:f8:18:8f:f4:57:c8:13:f6:ea:35:59:46:8e:63:0b:d6: dc:ef:c4:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHAiYwqGFOf50o24+52RnpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ODlhNWRkZDMwMDJlODAwOTk5YjVjMTg2N2Y3ODY3ODFi YWYxM2QwHhcNMjUxMjIyMTcwMTIxWhcNMjUxMjIzMTcwMTIxWjAzMTEwLwYDVQQD Eyg2Yzc4YTQ4ZDljMTJlZjc0OTRiMDNlNjYzZTNhY2UyMTNmMDFkNTY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBini1YElRkv6VHqt+yQf0B+ShCt qshXhym/xQga3LiUCB/j2uFEV5qZgheATOrFUL8pJ2+5Wk1tMVdV3raCETS9tMvu dIoee54rnjjDrb8ZJgFdl5ul9ems1gmuwW24oUdMBK6b30WMHvjSDm9w8WIlledo KfvVVCMQFWetn3T2Dtytk/Sq2Gj9SeOqVj1jqOiaG2BXXorJlFl+sqtaxpS3hgzQ icTmanBuex0tspe5UPTRH9FUkZWlLEFzDoZfd7OgOreCoxGyIW5o2Wae7uVriXkN 3/YZyeRJPtADoRJQCGsdCD91VojmI6JtC93VxASPQms0cEydHe6LuEHloQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGx4pI2cEu90lLA+Zj46ziE/AdVpMB8GA1UdIwQY MBaAFNSJpd3TAC6ACZm1wYZ/eGeBuvE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmIt NTI1OWVlZGNhMDdjLzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmItNTI1OWVlZGNhMDdj LzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKqcJeq4P k0RoVfhylml1jwDJmc8F/3mSwQvCj4qSj+qqRSIy6jw31cyU27YFqA04hl0oMQzG R9BgTi7/62X+fObbN7YjasGjF0Bkxa0zhBTZmtcMvT48toEu8JqvermnwksOvFFZ VCPjFeBIo9AIkvugaX22BkdOAaBG+RksfmD7vamRasA1e1zugSRg3ITfj/77vkBh E/5souZvAdUMvMb6fHnJMPTq/yoa1qQ/R6Eg9By+n+KbAZODtjbTapcBeyOM7ew0 XlJiRCQIew5Lsxxi0eL5sGVFKpeetDUDhLCIGzSbGGOigPjoB5L4GI/0V8gT9uo1 WUaOYwvW3O/Ecg== -----END CERTIFICATE-----Generated at Mon Dec 22 23:00:15 2025 by rpki-client