This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft File: iX81rEgorqlfpdLYBNM6ewz_RYo.mft (raw, json) Hash identifier: NVJbvrRjsAtS1MQ7F7edSpWTFfRIGO0wEz1dKwdybrs= Subject key identifier: 8A:2A:F9:C7:45:55:21:DD:A3:9A:61:3D:68:79:A8:80:6F:6B:C6:5C Authority key identifier: 89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A Certificate issuer: /CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a Certificate serial: 019B2C9D257557A5BF403A155CC93A4EEDE5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft Manifest number: 0641 Signing time: Wed 17 Dec 2025 14:00:54 +0000 Manifest this update: Wed 17 Dec 2025 14:00:54 +0000 Manifest next update: Thu 18 Dec 2025 14:00:54 +0000 Files and hashes: 1: iX81rEgorqlfpdLYBNM6ewz_RYo.crl (hash: 0zgEuTQBFHFqqLGih9Sk4fyin7nZR8WbT0/Ak4CycPI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:9d:25:75:57:a5:bf:40:3a:15:5c:c9:3a:4e:ed:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a Validity Not Before: Dec 17 14:00:54 2025 GMT Not After : Dec 18 14:00:54 2025 GMT Subject: CN=8a2af9c7455521dda39a613d6879a8806f6bc65c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c4:44:99:ec:9a:61:38:d3:d2:96:73:cb:8b: bb:73:c9:d8:bb:f2:e7:8e:b6:98:ef:60:be:cd:0a: 5b:5d:86:b7:a1:fd:0a:0e:ad:82:21:7d:08:dd:67: d4:09:23:02:08:3e:68:e6:23:54:ac:70:fd:dd:32: 1c:a8:65:cc:9f:70:87:46:f9:4b:e2:cd:0e:a8:f5: dc:8f:f7:45:5f:19:d3:33:5d:93:3a:73:03:ba:46: 1f:be:03:7b:91:c5:ab:b2:e7:8f:13:a2:ba:0e:1f: 58:c8:12:43:7d:af:f1:6d:ef:d1:b2:71:86:78:b5: 3c:56:86:4b:5b:16:4b:9c:c5:a2:9f:6b:ba:8c:ac: d8:a0:61:54:2c:d3:2e:6c:07:13:80:4f:82:c0:c5: 37:0f:94:73:21:2f:5f:7d:c5:12:0f:6a:83:d5:6e: 88:c5:01:80:8b:0b:fb:1c:83:81:1d:d0:75:e8:0c: 1e:f5:fa:6c:12:88:f4:c8:a4:72:2e:9e:e3:f0:63: ee:dc:af:6d:e4:d6:f3:29:8a:4d:ae:ed:e6:34:94: bd:8b:d4:8f:25:41:ef:f1:37:fa:11:59:19:77:c8: c1:36:8f:a0:97:39:63:29:d1:d9:d8:ae:6d:1a:53: ce:6c:a7:64:b2:da:0f:5d:ab:d3:4e:cd:7e:22:e7: 22:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:2A:F9:C7:45:55:21:DD:A3:9A:61:3D:68:79:A8:80:6F:6B:C6:5C X509v3 Authority Key Identifier: keyid:89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:d3:d3:16:a2:2c:a5:2f:50:5e:72:3f:2d:4d:ac:36:19:2c: 2d:07:16:fe:22:f2:4b:ba:52:3b:cd:43:38:0d:3d:6d:20:13: ef:fd:af:ef:31:8f:d8:26:18:4a:62:51:4c:f4:e4:ae:02:d5: ef:61:e2:d4:52:d4:18:01:50:c1:1a:bc:69:81:eb:96:7d:27: 85:6c:83:36:97:5b:e6:ea:c2:9a:62:c1:9f:aa:0c:c9:dc:c0: e5:23:a4:8d:97:12:82:70:8d:31:da:08:f3:26:58:a6:74:01: d1:45:c8:c3:97:35:b7:c3:dd:cd:6c:b3:86:e0:1e:c9:f3:69: f3:76:f3:e7:ce:b2:00:d0:84:42:6d:cf:b1:52:3f:9d:7d:7d: af:0a:6b:ab:0c:c0:21:c5:5a:bc:f5:a6:ad:46:75:a2:7f:08: ab:13:ba:c2:a7:8f:8c:5b:28:ad:05:77:6f:bd:ff:24:96:9e: c2:20:78:80:79:ca:40:36:34:e5:16:c2:9e:a2:d2:46:3c:b3: 42:ed:80:4f:e3:b8:b3:df:b3:b0:88:ac:59:b2:a4:f8:66:dc: 2c:84:91:68:d9:f8:9b:2a:66:e1:75:28:43:b8:19:3e:d7:c4: 22:00:23:fb:38:bc:2b:fe:02:f7:64:e0:7e:f4:5f:6b:43:5d: e6:c5:84:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssnSV1V6W/QDoVXMk6Tu3lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5N2YzNWFjNDgyOGFlYTk1ZmE1ZDJkODA0ZDMzYTdiMGNm ZjQ1OGEwHhcNMjUxMjE3MTQwMDU0WhcNMjUxMjE4MTQwMDU0WjAzMTEwLwYDVQQD Eyg4YTJhZjljNzQ1NTUyMWRkYTM5YTYxM2Q2ODc5YTg4MDZmNmJjNjVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8REmeyaYTjT0pZzy4u7c8nYu/Ln jraY72C+zQpbXYa3of0KDq2CIX0I3WfUCSMCCD5o5iNUrHD93TIcqGXMn3CHRvlL 4s0OqPXcj/dFXxnTM12TOnMDukYfvgN7kcWrsuePE6K6Dh9YyBJDfa/xbe/RsnGG eLU8VoZLWxZLnMWin2u6jKzYoGFULNMubAcTgE+CwMU3D5RzIS9ffcUSD2qD1W6I xQGAiwv7HIOBHdB16Awe9fpsEoj0yKRyLp7j8GPu3K9t5NbzKYpNru3mNJS9i9SP JUHv8Tf6EVkZd8jBNo+glzljKdHZ2K5tGlPObKdkstoPXavTTs1+IuciVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIoq+cdFVSHdo5phPWh5qIBva8ZcMB8GA1UdIwQY MBaAFIl/NaxIKK6pX6XS2ATTOnsM/0WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYt YjBlNDEwM2Y0OTYyLzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYtYjBlNDEwM2Y0OTYy LzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADNPTFqIs pS9QXnI/LU2sNhksLQcW/iLyS7pSO81DOA09bSAT7/2v7zGP2CYYSmJRTPTkrgLV 72Hi1FLUGAFQwRq8aYHrln0nhWyDNpdb5urCmmLBn6oMydzA5SOkjZcSgnCNMdoI 8yZYpnQB0UXIw5c1t8PdzWyzhuAeyfNp83bz586yANCEQm3PsVI/nX19rwprqwzA IcVavPWmrUZ1on8IqxO6wqePjFsorQV3b73/JJaewiB4gHnKQDY05RbCnqLSRjyz Qu2AT+O4s9+zsIisWbKk+GbcLISRaNn4mypm4XUoQ7gZPtfEIgAj+zi8K/4C92Tg fvRfa0Nd5sWEQw== -----END CERTIFICATE-----Generated at Wed Dec 17 16:47:10 2025 by rpki-client