This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json) Hash identifier: nkK4J2mK4KAyC7kGUOKpz97FFC2qt4baaEufMQ6qwTw= Subject key identifier: E3:D7:13:0B:7C:0B:D8:D2:CB:D4:7A:DE:56:63:18:EA:4C:06:88:6D Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Certificate serial: 019B597683EF62BDA3DAFAFABEADBE683CD9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft Manifest number: 07D3 Signing time: Fri 26 Dec 2025 07:01:37 +0000 Manifest this update: Fri 26 Dec 2025 07:01:37 +0000 Manifest next update: Sat 27 Dec 2025 07:01:37 +0000 Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: Md+Bv6UYMDTosBfovRGqDF/fLNk7JdZCroqu1DnlfkM=) 2: v5LwLHwuCUZrT_0G6r3v0bfLSQs.roa (hash: +ztaiH2S/aHDtgvKfj/YkXPsW58SyJ9uS27Ej7psyFg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:83:ef:62:bd:a3:da:fa:fa:be:ad:be:68:3c:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Validity Not Before: Dec 26 07:01:37 2025 GMT Not After : Dec 27 07:01:37 2025 GMT Subject: CN=e3d7130b7c0bd8d2cbd47ade566318ea4c06886d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f8:fb:ea:c8:b5:75:e8:6b:49:44:d4:28:e2: 92:1d:b0:20:82:ac:22:da:59:f6:1b:6d:fb:38:30: 5d:3a:df:85:a1:c2:ee:42:69:b8:5c:e0:bf:a5:21: db:aa:3b:da:b0:2b:b7:64:06:d3:70:77:cc:f3:e2: da:62:d3:85:30:08:58:ae:01:dc:fc:e8:05:ab:29: f0:94:60:31:74:47:1b:fd:60:2d:c6:32:9a:21:6d: b6:35:82:53:77:2b:1d:87:d4:7b:c3:22:b3:10:d1: a8:bf:84:de:0e:49:b4:b0:f6:4c:a5:09:0c:39:20: 33:3b:28:18:df:69:9c:7e:44:16:e9:ae:fb:44:fe: f2:66:5d:de:cc:0a:db:b5:b5:61:9d:61:f1:55:5b: c9:f3:97:58:a0:4f:eb:3c:82:f1:cd:27:f0:5e:04: 51:f9:50:07:52:72:5e:00:dd:f4:7c:ff:17:67:a7: c3:15:a6:31:f8:bf:33:39:92:b1:af:f8:f3:ee:af: 79:1b:1d:10:49:41:f9:b3:36:00:10:fb:f9:7c:8f: 1f:72:d2:f2:94:df:13:21:ae:10:a7:50:c8:00:ba: ea:20:0b:c2:d5:a7:df:a7:cf:a0:8e:aa:b5:9a:19: 6b:e7:6f:4f:66:36:6a:5a:c5:f0:ef:ba:73:f7:ad: 92:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D7:13:0B:7C:0B:D8:D2:CB:D4:7A:DE:56:63:18:EA:4C:06:88:6D X509v3 Authority Key Identifier: keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:9b:69:4e:59:a3:56:36:ba:b8:9a:5e:e6:5c:ac:7e:18:3a: 33:6a:7f:dc:f6:b2:ae:7f:91:4b:80:81:b4:70:60:7b:4e:da: 57:52:77:8b:aa:35:50:a8:10:d5:7f:f9:49:15:14:b7:e4:29: 6e:de:17:fc:67:b4:10:03:6e:2c:74:36:4c:a5:37:43:47:e0: f7:dd:2f:af:e2:3d:de:44:b3:06:5c:a5:a1:18:0e:6b:91:d9: c7:d1:1b:a3:c2:29:df:62:52:19:51:45:f2:24:77:cf:e0:0d: 31:f9:81:55:c5:84:86:8a:3a:98:61:5f:6e:e7:41:eb:ab:58: a9:7c:39:31:f8:07:3d:2c:21:89:0e:fe:65:ee:ba:3b:d0:40: 10:26:d7:f5:19:6c:d1:56:9c:e8:01:9f:8c:b4:6d:9e:d0:54: dc:0b:6e:1c:43:6d:55:e3:34:10:2a:b2:f9:bb:a2:30:73:b3: dd:df:c7:44:3f:bd:f1:22:e4:79:8f:ac:fe:e8:06:fa:b1:33: eb:bc:1a:d3:ea:71:25:af:63:af:69:89:a2:94:d2:38:9d:87: 6b:08:34:ec:6d:c4:6d:34:c3:1c:16:49:9e:9c:9a:1d:2a:b1: be:a3:20:4f:83:f3:88:bc:ed:72:b1:32:11:12:06:7f:89:2e: ec:28:fd:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdoPvYr2j2vr6vq2+aDzZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4 YTc5MzgwHhcNMjUxMjI2MDcwMTM3WhcNMjUxMjI3MDcwMTM3WjAzMTEwLwYDVQQD EyhlM2Q3MTMwYjdjMGJkOGQyY2JkNDdhZGU1NjYzMThlYTRjMDY4ODZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/j76si1dehrSUTUKOKSHbAggqwi 2ln2G237ODBdOt+FocLuQmm4XOC/pSHbqjvasCu3ZAbTcHfM8+LaYtOFMAhYrgHc /OgFqynwlGAxdEcb/WAtxjKaIW22NYJTdysdh9R7wyKzENGov4TeDkm0sPZMpQkM OSAzOygY32mcfkQW6a77RP7yZl3ezArbtbVhnWHxVVvJ85dYoE/rPILxzSfwXgRR +VAHUnJeAN30fP8XZ6fDFaYx+L8zOZKxr/jz7q95Gx0QSUH5szYAEPv5fI8fctLy lN8TIa4Qp1DIALrqIAvC1affp8+gjqq1mhlr529PZjZqWsXw77pz962S+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOPXEwt8C9jSy9R63lZjGOpMBohtMB8GA1UdIwQY MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP5tpTlmj Vja6uJpe5lysfhg6M2p/3Payrn+RS4CBtHBge07aV1J3i6o1UKgQ1X/5SRUUt+Qp bt4X/Ge0EANuLHQ2TKU3Q0fg990vr+I93kSzBlyloRgOa5HZx9Ebo8Ip32JSGVFF 8iR3z+ANMfmBVcWEhoo6mGFfbudB66tYqXw5MfgHPSwhiQ7+Ze66O9BAECbX9Rls 0Vac6AGfjLRtntBU3AtuHENtVeM0ECqy+buiMHOz3d/HRD+98SLkeY+s/ugG+rEz 67wa0+pxJa9jr2mJopTSOJ2Hawg07G3EbTTDHBZJnpyaHSqxvqMgT4PziLztcrEy ERIGf4ku7Cj9Xg== -----END CERTIFICATE-----Generated at Fri Dec 26 09:23:38 2025 by rpki-client