This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft File: iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json) Hash identifier: tHWPgeKx4/IVYP18CoW0YpnYQbjtsliDrZerp2NwAsw= Subject key identifier: 92:B7:19:92:9E:A5:C5:E7:03:AD:D4:B8:E9:5F:19:AD:B9:F8:75:29 Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9 Certificate issuer: /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9 Certificate serial: 019B4DE0280439149D2CE2DBD36154FA9D29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft Manifest number: 178F Signing time: Wed 24 Dec 2025 01:01:34 +0000 Manifest this update: Wed 24 Dec 2025 01:01:34 +0000 Manifest next update: Thu 25 Dec 2025 01:01:34 +0000 Files and hashes: 1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: R5ROi1rl7BVY4Pxa09KaS3llfnfEEIynCzL3N7iVRi4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 01:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:e0:28:04:39:14:9d:2c:e2:db:d3:61:54:fa:9d:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9 Validity Not Before: Dec 24 01:01:34 2025 GMT Not After : Dec 25 01:01:34 2025 GMT Subject: CN=92b719929ea5c5e703add4b8e95f19adb9f87529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:e8:46:de:96:8e:c4:75:05:c2:4b:dc:8b:7b: 62:d6:e3:32:4c:12:ab:2e:b7:b3:28:b0:6e:0d:e1: 7a:ce:e1:fa:5b:71:88:44:13:6c:b2:51:28:07:f7: c4:02:88:d5:38:1e:c9:1b:0d:af:15:ca:9a:fb:82: 2e:43:e6:c7:49:ce:3e:8e:9c:dc:7e:91:dd:76:9d: b4:29:d4:51:6c:f7:6d:90:be:ad:d0:16:7f:09:85: 03:c9:54:f1:4b:f9:5a:d4:a9:32:d5:95:49:04:b8: 74:08:7b:f7:a4:3d:30:68:f5:b4:7b:14:a3:17:ca: ab:31:28:c1:5a:57:d3:1a:bf:11:6b:63:c4:66:cd: 80:f8:df:aa:61:85:45:6c:5b:5e:16:e2:ab:04:1e: 4f:b5:8f:bb:2c:3a:52:ed:e5:cc:21:7e:d6:91:b3: 37:40:f3:a1:cb:ba:ee:1c:03:a0:85:95:85:d0:18: f7:8d:29:fc:21:ad:6e:d1:cb:40:f6:fc:49:85:1c: 44:ba:0f:7b:f4:76:be:f7:cb:f1:84:91:a9:5b:1b: 64:dd:fd:c5:30:50:44:8f:14:83:dc:fa:f2:7f:ef: 30:59:52:57:28:7a:2f:ee:43:31:2b:a4:8c:1c:a4: a9:bd:a2:4e:c7:03:b0:d0:7f:de:65:29:1f:ec:71: 41:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:B7:19:92:9E:A5:C5:E7:03:AD:D4:B8:E9:5F:19:AD:B9:F8:75:29 X509v3 Authority Key Identifier: keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:fa:83:b6:a3:a9:b2:3d:24:44:7c:e3:62:8d:06:55:33:6b: 77:44:d1:2c:7a:d4:a0:2a:a3:a7:b8:56:09:a2:7c:72:8e:e3: 1e:82:89:94:69:ab:21:a6:5f:48:df:20:c2:ab:6e:45:2a:87: af:8e:37:60:82:f5:d1:82:c6:d4:6d:31:9a:a2:13:ac:7c:c6: 9e:10:d0:7e:dd:fe:44:55:6f:20:6b:f3:c9:0f:e1:ed:a6:5a: 3b:07:77:8d:c8:41:c7:d5:f8:67:b5:2d:9c:0b:15:ba:b9:e5: 5e:c1:f5:2e:bc:28:a4:f7:02:45:9e:89:da:32:76:c8:6d:f9: d9:92:de:5c:eb:70:24:67:30:3c:7a:d4:8a:39:31:0d:8b:6a: f3:44:be:c4:d2:2c:bf:49:c3:27:3f:0f:77:56:d3:9c:e6:99: 27:ea:cc:4f:29:b6:e2:5c:6c:e0:b1:ac:ac:0c:f4:91:6e:75: 68:ef:33:04:ae:2e:a9:e7:b0:e4:b6:e3:02:af:0f:0c:d9:2a: 87:54:21:3e:99:66:a1:bc:74:1a:86:e4:57:3e:fd:09:bc:72: bc:55:ef:b0:aa:3d:82:3b:b7:94:b2:1d:a2:48:7a:23:d4:17: 60:a9:39:ab:a8:a4:f4:ff:b8:04:60:e9:7a:bc:86:c5:9c:91: 8d:ed:d1:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtN4CgEORSdLOLb02FU+p0pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz OTgwYjkwHhcNMjUxMjI0MDEwMTM0WhcNMjUxMjI1MDEwMTM0WjAzMTEwLwYDVQQD Eyg5MmI3MTk5MjllYTVjNWU3MDNhZGQ0YjhlOTVmMTlhZGI5Zjg3NTI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+hG3paOxHUFwkvci3ti1uMyTBKr LrezKLBuDeF6zuH6W3GIRBNsslEoB/fEAojVOB7JGw2vFcqa+4IuQ+bHSc4+jpzc fpHddp20KdRRbPdtkL6t0BZ/CYUDyVTxS/la1Kky1ZVJBLh0CHv3pD0waPW0exSj F8qrMSjBWlfTGr8Ra2PEZs2A+N+qYYVFbFteFuKrBB5PtY+7LDpS7eXMIX7WkbM3 QPOhy7ruHAOghZWF0Bj3jSn8Ia1u0ctA9vxJhRxEug979Ha+98vxhJGpWxtk3f3F MFBEjxSD3Pryf+8wWVJXKHov7kMxK6SMHKSpvaJOxwOw0H/eZSkf7HFBUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJK3GZKepcXnA63UuOlfGa25+HUpMB8GA1UdIwQY MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXPqDtqOp sj0kRHzjYo0GVTNrd0TRLHrUoCqjp7hWCaJ8co7jHoKJlGmrIaZfSN8gwqtuRSqH r443YIL10YLG1G0xmqITrHzGnhDQft3+RFVvIGvzyQ/h7aZaOwd3jchBx9X4Z7Ut nAsVurnlXsH1LrwopPcCRZ6J2jJ2yG352ZLeXOtwJGcwPHrUijkxDYtq80S+xNIs v0nDJz8Pd1bTnOaZJ+rMTym24lxs4LGsrAz0kW51aO8zBK4uqeew5LbjAq8PDNkq h1QhPplmobx0GobkVz79CbxyvFXvsKo9gju3lLIdokh6I9QXYKk5q6ik9P+4BGDp eryGxZyRje3Rog== -----END CERTIFICATE-----Generated at Wed Dec 24 11:30:55 2025 by rpki-client