This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft File: icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json) Hash identifier: EZyACuPsJs/nmol/s5Zpz5MoN5xtGH/EkExnbD7p/co= Subject key identifier: 61:78:DE:FF:F7:2C:0E:BD:60:F3:21:C4:0A:59:64:00:B4:A7:B7:20 Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85 Certificate issuer: /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85 Certificate serial: 019B5D5289EDE9F498CD584FB7BBCD7F622B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft Manifest number: 0909 Signing time: Sat 27 Dec 2025 01:00:48 +0000 Manifest this update: Sat 27 Dec 2025 01:00:48 +0000 Manifest next update: Sun 28 Dec 2025 01:00:48 +0000 Files and hashes: 1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: 7BsbKcfdzxBZ/VVHlsDMhYx/PfXIt+xNPARIcyen+5Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:52:89:ed:e9:f4:98:cd:58:4f:b7:bb:cd:7f:62:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85 Validity Not Before: Dec 27 01:00:48 2025 GMT Not After : Dec 28 01:00:48 2025 GMT Subject: CN=6178defff72c0ebd60f321c40a596400b4a7b720 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:b6:60:80:d4:a5:71:48:91:a5:cb:df:f9:48: 9d:1e:c8:88:d2:ee:d1:42:43:06:4b:28:0c:66:88: da:d2:c2:61:c3:35:28:98:18:d5:a7:59:e0:e0:81: cf:fd:bf:73:85:9b:4c:20:a1:ec:20:1e:26:81:ba: e2:c1:4c:f5:31:47:8a:bf:1c:14:fb:3d:db:03:0c: 42:e4:45:33:40:87:5a:0a:f5:6a:78:4b:24:d7:6d: 08:32:88:ac:35:b6:a6:5f:c8:20:dc:1b:b3:e6:84: d2:a0:4c:10:02:72:db:c7:dd:2c:ce:31:c8:32:83: 5b:0d:6a:0a:30:52:fa:c0:04:87:05:bd:a7:19:39: 61:9e:9f:ef:17:73:d3:7b:22:15:62:32:50:3e:09: 00:ef:24:f8:05:3e:c1:48:85:ab:e5:78:80:02:3a: ec:a0:b1:ca:94:b2:0f:70:aa:64:80:71:65:26:23: b3:af:ce:2a:57:94:da:de:52:09:6b:d0:60:e5:d0: 31:5a:80:8f:c6:92:a3:a3:12:54:1c:c0:f9:7e:e7: 94:08:48:1c:08:73:d9:3e:ef:cc:9e:2b:4c:db:06: e0:35:11:87:45:c9:92:74:3a:98:71:55:8d:8e:34: a9:6a:87:c3:d6:3a:ec:ec:26:e4:98:2f:0e:45:cc: 57:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:78:DE:FF:F7:2C:0E:BD:60:F3:21:C4:0A:59:64:00:B4:A7:B7:20 X509v3 Authority Key Identifier: keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:38:e6:8c:b5:d5:f2:b6:9e:93:4c:49:46:e4:53:74:0a:3f: 2c:37:e4:06:81:41:6d:97:5f:9d:36:f6:03:32:8c:3b:31:c5: 1e:9c:7e:98:0f:30:41:b2:4f:c7:5e:2c:70:7d:7f:7a:2d:a9: a7:6d:33:6d:19:d5:2b:67:85:f5:b7:42:a5:3b:1b:ee:0d:96: 21:1e:4d:ef:1c:0d:16:1c:37:ed:1b:a8:d8:00:1e:ab:5e:45: 70:27:b2:4f:12:b5:35:d9:e8:7d:76:99:2c:02:6b:05:86:35: 65:9d:9f:90:e7:12:20:c8:03:13:eb:7e:21:dd:ac:3c:ef:1b: f0:43:19:e0:04:84:a3:47:37:c3:08:6f:68:a1:f1:03:b6:09: 8a:54:d6:50:e0:96:0a:59:8c:01:2a:ab:47:54:78:46:5d:15: be:16:2e:8b:47:a1:c3:f5:6d:cf:06:35:78:7c:8e:2e:fd:52: 46:e5:b1:d8:5d:f8:9e:51:69:43:df:ec:df:99:c1:ad:7f:1a: 6b:58:9c:cd:2d:89:4c:50:64:a1:33:32:c7:dd:75:4e:26:5f: 21:2a:97:23:ad:b1:d4:64:cb:4a:0a:b5:5a:5f:63:ae:9a:34: 32:f8:1d:f2:02:ba:6e:4c:40:9e:09:a1:c3:0c:dd:39:19:82: 1b:fb:4e:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdUont6fSYzVhPt7vNf2IrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5 ZWNiODUwHhcNMjUxMjI3MDEwMDQ4WhcNMjUxMjI4MDEwMDQ4WjAzMTEwLwYDVQQD Eyg2MTc4ZGVmZmY3MmMwZWJkNjBmMzIxYzQwYTU5NjQwMGI0YTdiNzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrZggNSlcUiRpcvf+UidHsiI0u7R QkMGSygMZoja0sJhwzUomBjVp1ng4IHP/b9zhZtMIKHsIB4mgbriwUz1MUeKvxwU +z3bAwxC5EUzQIdaCvVqeEsk120IMoisNbamX8gg3Buz5oTSoEwQAnLbx90szjHI MoNbDWoKMFL6wASHBb2nGTlhnp/vF3PTeyIVYjJQPgkA7yT4BT7BSIWr5XiAAjrs oLHKlLIPcKpkgHFlJiOzr84qV5Ta3lIJa9Bg5dAxWoCPxpKjoxJUHMD5fueUCEgc CHPZPu/MnitM2wbgNRGHRcmSdDqYcVWNjjSpaofD1jrs7CbkmC8ORcxXVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGF43v/3LA69YPMhxApZZAC0p7cgMB8GA1UdIwQY MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnTjmjLXV 8raek0xJRuRTdAo/LDfkBoFBbZdfnTb2AzKMOzHFHpx+mA8wQbJPx14scH1/ei2p p20zbRnVK2eF9bdCpTsb7g2WIR5N7xwNFhw37Ruo2AAeq15FcCeyTxK1NdnofXaZ LAJrBYY1ZZ2fkOcSIMgDE+t+Id2sPO8b8EMZ4ASEo0c3wwhvaKHxA7YJilTWUOCW ClmMASqrR1R4Rl0VvhYui0ehw/VtzwY1eHyOLv1SRuWx2F34nlFpQ9/s35nBrX8a a1iczS2JTFBkoTMyx911TiZfISqXI62x1GTLSgq1Wl9jrpo0Mvgd8gK6bkxAngmh wwzdORmCG/tOWA== -----END CERTIFICATE-----Generated at Sat Dec 27 08:09:06 2025 by rpki-client