This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft File: IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json) Hash identifier: R4/NtP87VzOYKNUuogMw/wKx/gayxjFGlWTamf/rHtk= Subject key identifier: 66:A1:93:5F:ED:2D:4E:EF:06:4C:76:C1:6D:BA:24:0A:51:4A:68:52 Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4 Certificate issuer: /CN=2204f15cf30d73848b074dfcac26138006156ad4 Certificate serial: 019B61307F2C5464BA9F1BC4B87390C80A51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft Manifest number: 0EA8 Signing time: Sat 27 Dec 2025 19:02:06 +0000 Manifest this update: Sat 27 Dec 2025 19:02:06 +0000 Manifest next update: Sun 28 Dec 2025 19:02:06 +0000 Files and hashes: 1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: RkEZbaCtt8onNejDy5ttJA/HKQL104SkEyNaBXz9rnQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:61:30:7f:2c:54:64:ba:9f:1b:c4:b8:73:90:c8:0a:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4 Validity Not Before: Dec 27 19:02:06 2025 GMT Not After : Dec 28 19:02:06 2025 GMT Subject: CN=66a1935fed2d4eef064c76c16dba240a514a6852 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:da:49:0e:eb:c1:56:b6:b5:31:19:fb:13:8d: 6c:7f:e9:34:03:9a:e8:ee:8d:7d:ca:4d:d2:60:44: 84:54:ad:7d:01:c9:69:77:c4:9e:0f:c6:46:1a:5c: 7e:77:00:13:b2:70:68:da:71:3d:09:36:5a:29:33: 56:74:ec:ad:89:95:fd:37:25:65:ab:02:93:26:a2: 7b:62:18:0c:ab:e5:d7:a3:c5:ef:c8:93:96:af:58: 6e:cd:1e:dc:22:7a:da:f3:7b:7b:0a:56:99:2b:83: cd:32:e1:b1:b5:21:fd:3f:34:51:9b:3c:7d:db:3c: 3d:a5:44:ef:ec:5e:50:e4:51:1f:4e:92:42:58:fd: fb:79:3f:d3:e3:14:e8:7c:72:3b:dc:3a:bc:02:48: 30:aa:7d:81:1c:db:ec:1a:10:14:a2:dd:0d:f3:52: 8a:92:6e:8f:fa:16:0a:8c:0f:53:53:9c:34:93:dd: 3d:2d:f6:be:70:71:31:a4:af:fa:4c:d0:ba:87:08: e2:0e:dd:03:03:e8:48:34:08:cd:1a:c9:e3:85:13: 30:51:a0:81:2c:2f:c1:f0:3d:ff:a2:f5:15:f2:58: cb:11:ff:31:3b:e2:b0:d2:d6:9b:95:1b:cc:21:96: 71:79:10:bf:69:93:6e:00:81:8e:d7:dc:23:86:08: 57:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:A1:93:5F:ED:2D:4E:EF:06:4C:76:C1:6D:BA:24:0A:51:4A:68:52 X509v3 Authority Key Identifier: keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:dd:20:63:ac:e6:44:3b:53:20:99:03:3e:22:20:11:4e:ac: 20:34:07:52:2c:dd:b7:15:f7:6d:97:c1:51:fd:12:90:80:57: d9:2c:9b:3c:d9:16:1c:b5:33:3f:db:4c:29:79:11:ce:1b:e1: bf:a9:5c:42:c9:d5:5e:54:8f:22:ac:96:c7:8a:ef:2f:83:38: 23:17:ea:25:93:7a:42:4d:16:d2:e5:4a:a2:65:00:e0:06:17: fd:82:1c:a9:a2:c6:33:3f:8c:f8:22:28:9e:4b:3c:bc:6e:87: af:b4:6c:9d:a6:bb:f4:f7:a3:d9:77:1a:26:09:b3:bd:3b:76: 66:1b:8d:81:53:08:67:1e:4f:9f:fb:b6:c2:0d:35:78:fe:32: 33:4e:5e:02:7f:94:73:8b:02:dd:c6:bd:b9:be:12:c8:5d:25: 87:ba:91:f6:ea:e3:25:6f:a3:eb:84:24:71:b4:be:0c:07:b4: 50:56:4a:0a:12:d6:c3:3f:5b:2d:8e:58:79:9b:4c:d6:86:ad: 3a:6a:78:37:87:cc:52:ed:9f:ea:20:59:6c:65:86:db:2b:77: 66:c5:1e:97:ee:75:57:17:2a:06:18:05:8d:a5:2d:fd:0a:3f: 27:ac:33:4e:85:ef:96:a7:c5:e2:c6:9c:0d:ff:aa:aa:26:aa: 92:8f:43:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZthMH8sVGS6nxvEuHOQyApRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx NTZhZDQwHhcNMjUxMjI3MTkwMjA2WhcNMjUxMjI4MTkwMjA2WjAzMTEwLwYDVQQD Eyg2NmExOTM1ZmVkMmQ0ZWVmMDY0Yzc2YzE2ZGJhMjQwYTUxNGE2ODUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9pJDuvBVra1MRn7E41sf+k0A5ro 7o19yk3SYESEVK19Aclpd8SeD8ZGGlx+dwATsnBo2nE9CTZaKTNWdOytiZX9NyVl qwKTJqJ7YhgMq+XXo8XvyJOWr1huzR7cInra83t7ClaZK4PNMuGxtSH9PzRRmzx9 2zw9pUTv7F5Q5FEfTpJCWP37eT/T4xTofHI73Dq8Akgwqn2BHNvsGhAUot0N81KK km6P+hYKjA9TU5w0k909Lfa+cHExpK/6TNC6hwjiDt0DA+hINAjNGsnjhRMwUaCB LC/B8D3/ovUV8ljLEf8xO+Kw0tablRvMIZZxeRC/aZNuAIGO19wjhghX7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGahk1/tLU7vBkx2wW26JApRSmhSMB8GA1UdIwQY MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4 LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAed0gY6zm RDtTIJkDPiIgEU6sIDQHUizdtxX3bZfBUf0SkIBX2SybPNkWHLUzP9tMKXkRzhvh v6lcQsnVXlSPIqyWx4rvL4M4IxfqJZN6Qk0W0uVKomUA4AYX/YIcqaLGMz+M+CIo nks8vG6Hr7Rsnaa79Pej2XcaJgmzvTt2ZhuNgVMIZx5Pn/u2wg01eP4yM05eAn+U c4sC3ca9ub4SyF0lh7qR9urjJW+j64QkcbS+DAe0UFZKChLWwz9bLY5YeZtM1oat Omp4N4fMUu2f6iBZbGWG2yt3ZsUel+51VxcqBhgFjaUt/Qo/J6wzToXvlqfF4sac Df+qqiaqko9DCw== -----END CERTIFICATE-----Generated at Sun Dec 28 03:18:34 2025 by rpki-client