This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft File: Iycd4-AQWavm0aWTxKJP9uGI1k8.mft (raw, json) Hash identifier: a+2GJr2kqvPaee3DKpsLuIoSEpuvWz47pPpdtr2xVyQ= Subject key identifier: 30:A9:8B:28:36:CE:41:B0:C4:46:C6:6B:14:1E:B8:63:8E:4B:99:D1 Authority key identifier: 23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F Certificate issuer: /CN=23271de3e01059abe6d1a593c4a24ff6e188d64f Certificate serial: 019B4438DADF1E0D97B5AE1B220683CB5604 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft Manifest number: 0F8C Signing time: Mon 22 Dec 2025 04:02:15 +0000 Manifest this update: Mon 22 Dec 2025 04:02:15 +0000 Manifest next update: Tue 23 Dec 2025 04:02:15 +0000 Files and hashes: 1: Iycd4-AQWavm0aWTxKJP9uGI1k8.crl (hash: OG2fQ029VFtEcRX4cNZ2jjqjAj2E/VW/AHHY0VYAC9c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:da:df:1e:0d:97:b5:ae:1b:22:06:83:cb:56:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23271de3e01059abe6d1a593c4a24ff6e188d64f Validity Not Before: Dec 22 04:02:15 2025 GMT Not After : Dec 23 04:02:15 2025 GMT Subject: CN=30a98b2836ce41b0c446c66b141eb8638e4b99d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d1:37:72:e6:1d:3e:52:9f:7c:05:75:1c:42: 48:8d:fc:f0:88:4c:f7:d2:c1:7b:37:5b:da:6a:1b: aa:f4:84:70:c7:e6:7e:a1:33:a0:72:90:f0:8b:10: 22:d5:96:41:b0:95:a4:5c:f8:47:89:61:b9:cf:e3: 73:74:36:fd:7d:33:d3:e8:e3:a8:41:ad:4e:89:ac: 83:9b:30:6d:00:90:cc:e9:1a:5d:9d:66:37:3a:6c: 52:b6:02:86:3b:0f:22:3b:a5:34:24:57:d8:04:67: 70:e8:b6:69:2b:3c:c8:0b:f9:98:1d:d9:86:fc:53: 37:dc:d0:bb:05:bd:b4:6a:12:ae:67:d0:f8:df:4b: 2f:a0:30:f4:e6:10:ee:d6:1a:80:83:b0:43:50:b3: 97:08:db:25:a4:ee:95:3e:c6:1b:ab:8f:e8:bf:70: 8b:4d:9f:51:66:8f:c5:3b:a3:fe:3d:05:f9:1d:3c: 49:11:4a:9e:22:f6:08:cb:48:96:be:da:be:be:7a: 94:b1:94:21:c2:f9:37:09:bc:32:01:f6:15:8d:6a: c7:3c:9b:4b:1f:86:f1:77:7c:5e:5c:09:7a:91:d2: b3:de:6b:55:0f:c3:64:d6:b7:7e:f5:e2:41:17:cf: b3:58:e4:f6:9b:fc:bf:1f:5c:c9:6b:84:57:8d:8b: 27:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:A9:8B:28:36:CE:41:B0:C4:46:C6:6B:14:1E:B8:63:8E:4B:99:D1 X509v3 Authority Key Identifier: keyid:23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:a7:2a:0e:ca:99:8f:f4:8b:bd:4b:e3:9f:a2:5b:42:25:ba: bf:49:4b:3c:f7:a4:ed:f1:af:00:35:b1:ec:5f:2f:05:54:9d: 16:2a:23:83:ab:92:6a:f6:58:31:09:59:5b:68:1b:60:9f:48: 33:81:85:f0:6d:ee:f9:57:fb:13:8a:de:fc:d6:0c:c4:7f:f7: 8e:93:61:09:08:2b:b6:0c:85:f6:e4:81:02:0a:b5:38:65:43: ff:51:b5:bf:83:63:8d:1f:f5:b8:ab:7f:9b:66:dd:2c:75:52: 2c:d3:4f:a1:93:55:99:12:04:7a:ab:a2:91:45:5d:19:0e:62: e0:af:5f:48:99:75:b6:7d:bc:0c:d3:63:3a:b6:f4:8b:41:d0: a3:b7:21:b5:b6:50:77:b0:65:07:a5:55:70:e4:71:3c:64:15: 96:ec:a7:d4:a9:44:27:27:e9:ed:c5:c6:c9:04:3e:ec:b1:53: c2:8f:68:1d:20:94:a8:9b:56:8d:54:b8:ea:cc:32:02:34:1d: de:0b:46:e7:ab:9f:c4:9c:98:b3:b4:61:21:bc:6b:13:cd:25: 8d:f3:8f:70:54:f2:98:1d:b7:05:54:c8:eb:53:08:05:a3:6e: 8e:a7:ae:bb:9f:6f:26:f9:c2:14:60:da:94:d5:51:b6:27:b2: 8a:ec:a5:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEONrfHg2Xta4bIgaDy1YEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMjcxZGUzZTAxMDU5YWJlNmQxYTU5M2M0YTI0ZmY2ZTE4 OGQ2NGYwHhcNMjUxMjIyMDQwMjE1WhcNMjUxMjIzMDQwMjE1WjAzMTEwLwYDVQQD EygzMGE5OGIyODM2Y2U0MWIwYzQ0NmM2NmIxNDFlYjg2MzhlNGI5OWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudE3cuYdPlKffAV1HEJIjfzwiEz3 0sF7N1vaahuq9IRwx+Z+oTOgcpDwixAi1ZZBsJWkXPhHiWG5z+NzdDb9fTPT6OOo Qa1OiayDmzBtAJDM6RpdnWY3OmxStgKGOw8iO6U0JFfYBGdw6LZpKzzIC/mYHdmG /FM33NC7Bb20ahKuZ9D430svoDD05hDu1hqAg7BDULOXCNslpO6VPsYbq4/ov3CL TZ9RZo/FO6P+PQX5HTxJEUqeIvYIy0iWvtq+vnqUsZQhwvk3CbwyAfYVjWrHPJtL H4bxd3xeXAl6kdKz3mtVD8Nk1rd+9eJBF8+zWOT2m/y/H1zJa4RXjYsnDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDCpiyg2zkGwxEbGaxQeuGOOS5nRMB8GA1UdIwQY MBaAFCMnHePgEFmr5tGlk8SiT/bhiNZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMt OTU4YzM3NjUwNmVkLzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMtOTU4YzM3NjUwNmVk LzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARKcqDsqZ j/SLvUvjn6JbQiW6v0lLPPek7fGvADWx7F8vBVSdFiojg6uSavZYMQlZW2gbYJ9I M4GF8G3u+Vf7E4re/NYMxH/3jpNhCQgrtgyF9uSBAgq1OGVD/1G1v4NjjR/1uKt/ m2bdLHVSLNNPoZNVmRIEequikUVdGQ5i4K9fSJl1tn28DNNjOrb0i0HQo7chtbZQ d7BlB6VVcORxPGQVluyn1KlEJyfp7cXGyQQ+7LFTwo9oHSCUqJtWjVS46swyAjQd 3gtG56ufxJyYs7RhIbxrE80ljfOPcFTymB23BVTI61MIBaNujqeuu59vJvnCFGDa lNVRtieyiuylEw== -----END CERTIFICATE-----Generated at Mon Dec 22 10:34:04 2025 by rpki-client