This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json) Hash identifier: bLc8p8I6KL7xV42Uib1y+r2zlYKP69eRFAFXQ4UqvJ0= Subject key identifier: 10:4D:9E:39:BD:57:57:65:61:72:69:2D:E0:35:10:6A:FE:AE:DD:AA Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Certificate serial: 019B3E6D58DE7BA9DB67585A63B908DE67A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft Manifest number: 07C5 Signing time: Sun 21 Dec 2025 01:01:52 +0000 Manifest this update: Sun 21 Dec 2025 01:01:52 +0000 Manifest next update: Mon 22 Dec 2025 01:01:52 +0000 Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: HX1Ek5DFPmxN+/VPqirAwe7/AK1z0F2c9xbAQFs1Xc4=) 2: v5LwLHwuCUZrT_0G6r3v0bfLSQs.roa (hash: +ztaiH2S/aHDtgvKfj/YkXPsW58SyJ9uS27Ej7psyFg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:58:de:7b:a9:db:67:58:5a:63:b9:08:de:67:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Validity Not Before: Dec 21 01:01:52 2025 GMT Not After : Dec 22 01:01:52 2025 GMT Subject: CN=104d9e39bd5757656172692de035106afeaeddaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:9b:bb:bb:73:3a:a3:67:14:aa:8c:95:df:88: 1b:f2:47:01:c7:98:54:c0:ee:3c:ae:41:f2:a4:a5: d5:e8:ac:0a:fe:8f:f6:9a:c9:4c:1a:74:7f:08:07: dc:8f:4b:ea:70:aa:c8:4a:69:3e:a6:d9:a4:f8:37: 60:6f:cc:fb:e5:1f:cc:fd:dc:3f:bb:3d:0a:49:59: 1f:7b:5e:8f:35:42:98:43:8e:8a:73:79:95:c3:de: c4:38:47:58:09:a8:e0:01:bd:1a:1a:31:32:4b:9c: f9:bc:26:b4:d9:f6:54:03:93:2c:4e:58:d1:f5:20: 00:0c:b1:45:e0:3b:e2:8a:c6:64:af:c8:c8:6c:3e: 07:09:f1:37:d9:c5:6a:16:d4:d5:81:b0:21:64:10: 97:8f:15:f7:b2:03:bb:69:6b:59:3d:94:1d:ae:c1: 79:a0:a3:53:04:fc:98:82:a3:d8:98:9a:59:d4:0a: c5:c3:0a:95:09:d5:ce:09:c1:69:14:6c:3d:06:6b: 6a:f5:90:d2:af:77:86:d5:cd:45:72:e0:4c:6e:6e: 4a:41:b6:4c:a0:25:19:ec:fb:66:d6:2f:bc:fd:e1: 2f:c9:be:13:6b:8b:5c:c4:35:f7:2a:c8:c0:f0:53: 48:61:36:c2:cf:a9:74:3d:28:46:02:55:22:d6:84: 14:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:4D:9E:39:BD:57:57:65:61:72:69:2D:E0:35:10:6A:FE:AE:DD:AA X509v3 Authority Key Identifier: keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:3f:38:fe:49:a3:f6:3b:7c:18:5b:51:6b:16:f0:46:fb:74: e2:49:8a:d0:b5:4a:ee:d0:73:ba:0d:63:1d:79:cf:5e:f3:a4: 7f:a3:1b:e6:8b:41:87:95:3f:61:32:5a:c2:73:e2:4b:4b:23: d6:25:9e:22:c1:87:7a:06:c9:b4:b2:10:28:a5:e2:66:54:b2: a4:58:81:fb:cd:b3:1f:73:75:02:b7:61:fc:fa:52:b0:db:99: e6:52:9c:9d:b5:f1:3b:b4:f5:c0:e9:29:3f:44:5a:d6:42:a9: 75:34:f9:98:08:74:9c:f8:1a:1a:d4:27:5c:fc:01:4b:c2:94: 6b:49:6b:15:d8:0c:fc:07:eb:cb:fe:39:58:e6:5a:d4:23:2c: 71:41:11:87:33:c6:87:14:d5:84:2e:97:39:42:ac:03:1c:f7: b5:15:c1:a9:ec:fb:63:e6:53:94:da:a3:81:81:90:b7:27:ab: bb:5d:18:21:9e:8a:7b:4a:98:41:0e:14:1b:d3:60:cc:ba:7f: c9:69:b8:4a:8b:af:3e:bb:4b:d9:e8:37:c3:22:5d:0d:af:c9: 33:44:66:fc:09:19:f3:7e:b3:fd:1d:80:23:25:13:40:21:e6: 05:08:26:59:3d:8d:0a:e1:6e:df:e4:8f:5a:2f:5d:dc:49:5a: 38:43:02:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bVjee6nbZ1haY7kI3melMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4 YTc5MzgwHhcNMjUxMjIxMDEwMTUyWhcNMjUxMjIyMDEwMTUyWjAzMTEwLwYDVQQD EygxMDRkOWUzOWJkNTc1NzY1NjE3MjY5MmRlMDM1MTA2YWZlYWVkZGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5u7u3M6o2cUqoyV34gb8kcBx5hU wO48rkHypKXV6KwK/o/2mslMGnR/CAfcj0vqcKrISmk+ptmk+Ddgb8z75R/M/dw/ uz0KSVkfe16PNUKYQ46Kc3mVw97EOEdYCajgAb0aGjEyS5z5vCa02fZUA5MsTljR 9SAADLFF4DviisZkr8jIbD4HCfE32cVqFtTVgbAhZBCXjxX3sgO7aWtZPZQdrsF5 oKNTBPyYgqPYmJpZ1ArFwwqVCdXOCcFpFGw9Bmtq9ZDSr3eG1c1FcuBMbm5KQbZM oCUZ7Ptm1i+8/eEvyb4Ta4tcxDX3KsjA8FNIYTbCz6l0PShGAlUi1oQUGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBBNnjm9V1dlYXJpLeA1EGr+rt2qMB8GA1UdIwQY MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADT84/kmj 9jt8GFtRaxbwRvt04kmK0LVK7tBzug1jHXnPXvOkf6Mb5otBh5U/YTJawnPiS0sj 1iWeIsGHegbJtLIQKKXiZlSypFiB+82zH3N1Ardh/PpSsNuZ5lKcnbXxO7T1wOkp P0Ra1kKpdTT5mAh0nPgaGtQnXPwBS8KUa0lrFdgM/Afry/45WOZa1CMscUERhzPG hxTVhC6XOUKsAxz3tRXBqez7Y+ZTlNqjgYGQtyeru10YIZ6Ke0qYQQ4UG9NgzLp/ yWm4SouvPrtL2eg3wyJdDa/JM0Rm/AkZ836z/R2AIyUTQCHmBQgmWT2NCuFu3+SP Wi9d3ElaOEMCVw== -----END CERTIFICATE-----Generated at Sun Dec 21 07:22:09 2025 by rpki-client