This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft File: 1Iml3dMALoAJmbXBhn94Z4G68T0.mft (raw, json) Hash identifier: gfIXKAbAlu+j3JjU0ooAPt/eveMuQtKBd6L4hBgqZYw= Subject key identifier: CF:B7:E2:9A:09:3E:21:3C:46:E3:EF:0D:91:04:11:60:B4:BB:1E:84 Authority key identifier: D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D Certificate issuer: /CN=d489a5ddd3002e800999b5c1867f786781baf13d Certificate serial: 019B3B6B36FBCDF403AB8E74024330316211 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft Manifest number: 1788 Signing time: Sat 20 Dec 2025 11:00:40 +0000 Manifest this update: Sat 20 Dec 2025 11:00:40 +0000 Manifest next update: Sun 21 Dec 2025 11:00:40 +0000 Files and hashes: 1: 1Iml3dMALoAJmbXBhn94Z4G68T0.crl (hash: l4QMtR+OMsZvTAQfbdfdOpBBxvYYME58Hxv4H4ByrsQ=) 2: Oic624JnJmz9lkyUCkfkxynrzXU.roa (hash: reuQNdNLE9OYq59c7HheLuUPxQ+GdUmZR0j+FA5WU8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:36:fb:cd:f4:03:ab:8e:74:02:43:30:31:62:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d489a5ddd3002e800999b5c1867f786781baf13d Validity Not Before: Dec 20 11:00:40 2025 GMT Not After : Dec 21 11:00:40 2025 GMT Subject: CN=cfb7e29a093e213c46e3ef0d91041160b4bb1e84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:31:65:13:ae:d9:8b:d5:bb:ef:65:94:d9:72: 9b:60:60:53:c2:df:62:03:73:24:31:35:1b:9b:f1: ed:c3:c7:70:c3:12:26:84:21:af:f3:65:b8:5c:41: c2:a4:21:30:d4:39:70:c7:6f:28:36:4c:0f:be:b7: 05:db:71:07:7c:5f:f7:ed:aa:df:4f:ba:07:3c:04: f4:83:4d:d0:53:7c:4f:9e:2e:43:98:2f:38:9c:ea: ff:fe:64:fc:f7:25:56:04:35:bc:25:6e:98:18:f0: 4a:4b:0e:1d:91:d5:90:d2:5d:f4:a6:01:43:c7:fc: ab:dc:fa:f1:c0:41:ef:fa:d3:ad:61:51:15:d5:56: d3:e6:b4:8e:9e:e1:6f:c8:9c:bd:57:81:cb:3f:8e: c0:f9:c5:49:97:6f:c9:a6:a3:1f:72:45:80:fe:f3: 38:4c:53:55:a1:5e:4c:fe:cc:c1:4e:66:8b:07:ab: 30:53:5d:a5:be:64:13:20:bd:40:44:bd:3e:92:0e: af:5a:ee:e6:08:9a:ed:02:63:4c:e2:e1:a5:39:6d: 66:d2:89:14:7d:b6:69:12:1d:c3:f7:9f:2e:71:9d: b9:ae:dd:1b:2d:bf:84:51:e4:f6:4a:82:c1:60:ae: 11:62:8c:88:38:bd:dc:10:2f:23:ea:5d:2d:6f:ac: ad:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:B7:E2:9A:09:3E:21:3C:46:E3:EF:0D:91:04:11:60:B4:BB:1E:84 X509v3 Authority Key Identifier: keyid:D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:6b:c0:ac:e8:4c:e7:84:3f:11:a8:43:b2:e4:0b:78:d3:2e: 5f:65:ec:02:67:ce:08:cc:2b:ba:5f:84:bf:c4:53:27:f2:ab: 8e:0e:d0:75:ad:3e:ca:3b:70:f0:ad:95:61:40:85:1d:1c:66: 4b:2c:25:e6:e9:f3:de:6f:05:5e:78:59:ba:a6:1a:59:dc:f4: 1c:9e:65:d0:61:2e:cf:53:90:47:0c:df:60:0d:66:3b:38:e4: 92:51:12:fc:3e:7d:ff:8b:08:ac:ca:c8:f3:46:3e:85:83:37: 76:62:a9:d5:fd:ba:76:6e:95:c0:61:fb:1e:64:4b:84:42:76: 78:0b:8a:07:b0:03:b4:62:91:a1:20:54:31:e6:f1:1d:08:41: 61:f0:82:68:8f:d2:66:36:fc:2f:e5:a9:d4:56:b5:d5:98:8f: 2d:ff:3a:21:b2:3c:51:92:b8:1b:3b:46:1d:34:55:c1:09:80: 77:53:66:22:01:f9:b5:d3:0e:64:7a:59:03:97:d4:c1:9d:6f: ba:6e:51:8d:43:70:79:b5:1b:12:96:56:d2:f9:1e:5e:3b:2c: 19:5d:ec:0a:53:aa:de:94:da:b1:81:d7:3c:df:03:93:a8:0b: 41:34:c9:15:cd:c3:bd:c0:ce:a4:41:e0:5a:cd:69:b4:55:56: 5b:97:79:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7azb7zfQDq450AkMwMWIRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ODlhNWRkZDMwMDJlODAwOTk5YjVjMTg2N2Y3ODY3ODFi YWYxM2QwHhcNMjUxMjIwMTEwMDQwWhcNMjUxMjIxMTEwMDQwWjAzMTEwLwYDVQQD EyhjZmI3ZTI5YTA5M2UyMTNjNDZlM2VmMGQ5MTA0MTE2MGI0YmIxZTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjFlE67Zi9W772WU2XKbYGBTwt9i A3MkMTUbm/Htw8dwwxImhCGv82W4XEHCpCEw1Dlwx28oNkwPvrcF23EHfF/37arf T7oHPAT0g03QU3xPni5DmC84nOr//mT89yVWBDW8JW6YGPBKSw4dkdWQ0l30pgFD x/yr3PrxwEHv+tOtYVEV1VbT5rSOnuFvyJy9V4HLP47A+cVJl2/JpqMfckWA/vM4 TFNVoV5M/szBTmaLB6swU12lvmQTIL1ARL0+kg6vWu7mCJrtAmNM4uGlOW1m0okU fbZpEh3D958ucZ25rt0bLb+EUeT2SoLBYK4RYoyIOL3cEC8j6l0tb6ytaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM+34poJPiE8RuPvDZEEEWC0ux6EMB8GA1UdIwQY MBaAFNSJpd3TAC6ACZm1wYZ/eGeBuvE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmIt NTI1OWVlZGNhMDdjLzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iZmQyZDQtNmQ0NS00NGJiLWFlNmItNTI1OWVlZGNhMDdj LzEvMUltbDNkTUFMb0FKbWJYQmhuOTRaNEc2OFQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa2vArOhM 54Q/EahDsuQLeNMuX2XsAmfOCMwrul+Ev8RTJ/Krjg7Qda0+yjtw8K2VYUCFHRxm Sywl5unz3m8FXnhZuqYaWdz0HJ5l0GEuz1OQRwzfYA1mOzjkklES/D59/4sIrMrI 80Y+hYM3dmKp1f26dm6VwGH7HmRLhEJ2eAuKB7ADtGKRoSBUMebxHQhBYfCCaI/S Zjb8L+Wp1Fa11ZiPLf86IbI8UZK4GztGHTRVwQmAd1NmIgH5tdMOZHpZA5fUwZ1v um5RjUNwebUbEpZW0vkeXjssGV3sClOq3pTasYHXPN8Dk6gLQTTJFc3DvcDOpEHg Ws1ptFVWW5d5Ww== -----END CERTIFICATE-----Generated at Sat Dec 20 18:25:54 2025 by rpki-client