This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft File: iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json) Hash identifier: OXMttU3uaZQ8TUa5c9GNwHuNjxiH0ltO8fhKsdeIz8g= Subject key identifier: 1E:FE:46:74:BD:C3:16:FD:B8:30:DF:7D:37:2E:6C:7B:DC:AE:D0:43 Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9 Certificate issuer: /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9 Certificate serial: 019B32D6E192C6BF2B01629555F78F1971AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft Manifest number: 1781 Signing time: Thu 18 Dec 2025 19:01:41 +0000 Manifest this update: Thu 18 Dec 2025 19:01:41 +0000 Manifest next update: Fri 19 Dec 2025 19:01:41 +0000 Files and hashes: 1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: 2BgehXYKgBKoqsadkhQ8mAvQWDGG5ap24WuRL5owR1A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:e1:92:c6:bf:2b:01:62:95:55:f7:8f:19:71:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9 Validity Not Before: Dec 18 19:01:41 2025 GMT Not After : Dec 19 19:01:41 2025 GMT Subject: CN=1efe4674bdc316fdb830df7d372e6c7bdcaed043 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9f:bd:ce:da:4a:d4:b6:16:1e:0b:11:e8:c5: 63:36:d6:3c:8b:a8:88:7d:e0:d5:33:02:0c:77:2f: dc:b8:03:3d:a6:f4:67:c4:94:68:b6:1d:9c:0c:7b: 83:6d:bf:86:fb:a2:24:9f:ec:64:8b:8a:20:31:62: 56:21:b6:76:7e:d7:e2:fb:53:8e:93:48:67:43:89: c2:0d:a6:77:63:7c:1d:f2:90:5c:dc:08:98:1a:b3: 3c:13:eb:9a:75:f4:6c:c1:52:0d:e7:e7:df:09:cc: 5f:23:0b:ff:b5:9f:51:cb:45:15:58:f3:68:e1:92: 0e:b6:97:f4:2c:33:54:36:68:0b:10:46:98:0a:b4: 42:5a:82:ef:da:ee:68:fb:7f:34:c5:23:7f:2a:23: 9b:f8:e2:86:ad:01:cd:95:4b:3f:7b:6a:49:bf:a9: fb:46:a8:5b:d1:26:98:1c:d6:c5:38:6b:e2:ab:45: b8:ff:ab:2d:7a:e6:28:93:07:93:77:e9:8a:b6:2c: f2:47:2d:db:df:3b:c4:ce:67:30:db:ef:5f:6a:58: c0:54:be:c2:89:0e:2c:0b:2f:ea:21:33:f4:f0:60: 75:31:26:d1:67:a1:45:81:a4:6b:73:dd:d6:8e:2f: a7:a0:ae:82:6a:80:5a:37:be:a9:3e:a2:96:d0:d6: 8f:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:FE:46:74:BD:C3:16:FD:B8:30:DF:7D:37:2E:6C:7B:DC:AE:D0:43 X509v3 Authority Key Identifier: keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:c0:ed:47:98:69:ef:93:2b:a0:bc:26:7d:1a:57:78:23:bf: a1:31:2c:f0:49:b9:29:4d:9c:82:05:5f:b5:8e:17:cf:bc:e3: cd:44:9b:ee:f0:71:ac:78:3d:d5:34:4d:e7:35:dd:62:15:95: 95:fc:71:23:26:a2:81:de:c7:ad:7a:1d:97:49:37:2b:c1:7b: 04:a9:a7:c2:81:4e:5f:56:ef:9a:58:9d:04:c9:3e:94:53:de: 12:2e:23:1d:5a:58:fc:1c:0e:60:28:9c:44:2f:a2:1b:4e:20: 13:4d:31:74:d8:81:65:e4:ef:3d:9a:62:67:f4:6a:ad:c6:1a: fb:c0:eb:2e:77:60:38:ed:89:e4:71:d9:3e:b3:c9:79:d6:cc: 72:92:15:f7:64:68:ac:45:30:b0:1f:64:ea:89:0e:e0:cb:95: 52:6f:32:2f:c5:2d:1c:68:04:e9:0d:0f:57:e6:a8:02:a9:1a: a9:a4:b2:62:01:59:66:85:bc:d8:41:90:2a:76:43:b9:50:0a: 48:4a:17:2b:c8:b0:84:bd:51:0e:c8:df:cd:2d:2c:61:00:6c: 3f:33:d1:75:16:0b:37:21:e6:e4:b7:6f:d2:c5:01:43:06:71: 67:2b:49:2c:dc:8d:e0:a5:da:7a:7a:e4:c8:e0:b1:ef:69:5d: eb:33:c5:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1uGSxr8rAWKVVfePGXGqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz OTgwYjkwHhcNMjUxMjE4MTkwMTQxWhcNMjUxMjE5MTkwMTQxWjAzMTEwLwYDVQQD EygxZWZlNDY3NGJkYzMxNmZkYjgzMGRmN2QzNzJlNmM3YmRjYWVkMDQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ+9ztpK1LYWHgsR6MVjNtY8i6iI feDVMwIMdy/cuAM9pvRnxJRoth2cDHuDbb+G+6Ikn+xki4ogMWJWIbZ2ftfi+1OO k0hnQ4nCDaZ3Y3wd8pBc3AiYGrM8E+uadfRswVIN5+ffCcxfIwv/tZ9Ry0UVWPNo 4ZIOtpf0LDNUNmgLEEaYCrRCWoLv2u5o+380xSN/KiOb+OKGrQHNlUs/e2pJv6n7 Rqhb0SaYHNbFOGviq0W4/6steuYokweTd+mKtizyRy3b3zvEzmcw2+9faljAVL7C iQ4sCy/qITP08GB1MSbRZ6FFgaRrc93Wji+noK6CaoBaN76pPqKW0NaPxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7+RnS9wxb9uDDffTcubHvcrtBDMB8GA1UdIwQY MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI8DtR5hp 75MroLwmfRpXeCO/oTEs8Em5KU2cggVftY4Xz7zjzUSb7vBxrHg91TRN5zXdYhWV lfxxIyaigd7HrXodl0k3K8F7BKmnwoFOX1bvmlidBMk+lFPeEi4jHVpY/BwOYCic RC+iG04gE00xdNiBZeTvPZpiZ/RqrcYa+8DrLndgOO2J5HHZPrPJedbMcpIV92Ro rEUwsB9k6okO4MuVUm8yL8UtHGgE6Q0PV+aoAqkaqaSyYgFZZoW82EGQKnZDuVAK SEoXK8iwhL1RDsjfzS0sYQBsPzPRdRYLNyHm5Ldv0sUBQwZxZytJLNyN4KXaenrk yOCx72ld6zPFZg== -----END CERTIFICATE-----Generated at Fri Dec 19 02:22:10 2025 by rpki-client