This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json) Hash identifier: niQjCmYetQw/T8/nz3x7Bk1qcg4Gdji2qqUZvbhrxPs= Subject key identifier: 03:44:97:2F:A2:ED:A9:D9:E8:3D:A2:5C:F2:CC:7E:EB:98:20:A2:57 Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9 Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9 Certificate serial: 019B390F01F677AFC435149B28E93A3FBB2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft Manifest number: 1719 Signing time: Sat 20 Dec 2025 00:00:43 +0000 Manifest this update: Sat 20 Dec 2025 00:00:43 +0000 Manifest next update: Sun 21 Dec 2025 00:00:43 +0000 Files and hashes: 1: FXy87TSnS3zZKpD3cubdEzL9JTI.roa (hash: ev8YOzfcP94Okj6loLdeokLYKFfF9CSd4o8ZPprNj7U=) 2: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: +eeLz+8p39Rq0u+YxCN7Jr8UqaFz0Ir09vVpgbtdUdc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:0f:01:f6:77:af:c4:35:14:9b:28:e9:3a:3f:bb:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9 Validity Not Before: Dec 20 00:00:43 2025 GMT Not After : Dec 21 00:00:43 2025 GMT Subject: CN=0344972fa2eda9d9e83da25cf2cc7eeb9820a257 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:cc:9b:2a:d0:92:53:12:51:8c:b4:3d:32:e0: fa:af:48:38:79:00:5e:19:94:8d:f1:c9:2b:a0:72: 9c:b1:f4:76:ec:28:5f:ac:56:4f:60:64:84:21:8f: a9:ef:f2:8f:95:8f:7b:46:0c:db:84:30:3f:13:6e: c1:88:ac:5b:5a:a7:86:de:6d:63:72:c7:68:fb:4b: f4:84:4d:92:71:75:7d:4c:a3:e1:73:58:0c:44:a2: f5:57:a7:54:85:87:0d:2c:51:b5:3c:50:2b:8e:e5: 0c:fb:64:6c:78:d7:0d:8b:da:c0:e1:a4:e6:92:ee: 30:30:e5:15:b9:ff:42:03:5d:80:47:4f:a6:c4:fa: ee:da:d6:f1:ea:68:a0:65:6d:37:ee:f7:df:7b:e3: 39:5d:b3:e2:f9:f6:0d:11:b4:ab:08:93:8b:80:59: d2:06:46:ef:ef:67:ba:ca:1e:78:40:4a:68:3c:2e: 9c:89:44:63:3b:72:37:46:21:3b:2f:5d:43:82:65: 22:87:bb:87:ca:af:f6:e6:15:97:f1:2a:e3:55:85: c9:da:f4:8b:92:aa:bc:80:29:c3:4d:78:3b:3a:58: ca:6e:0b:bf:fa:32:2e:70:7c:88:15:9b:fa:95:00: 2a:3d:91:cd:52:85:c2:f9:1f:4b:0d:d6:35:72:45: 69:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:44:97:2F:A2:ED:A9:D9:E8:3D:A2:5C:F2:CC:7E:EB:98:20:A2:57 X509v3 Authority Key Identifier: keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:7e:47:38:42:65:a3:b3:76:f4:0f:c8:db:d7:91:0d:cf:be: d2:16:9c:38:31:7b:1b:c0:10:72:5b:ba:d4:b0:ab:6c:cd:0c: 06:0d:be:27:e8:8f:37:3d:37:90:68:db:e5:6a:1e:d1:72:96: 36:da:f6:8d:84:93:e2:6a:1f:94:7e:f5:9e:85:5e:89:1d:eb: 43:ec:86:a3:bb:eb:bc:35:11:f8:0b:40:d1:fa:31:57:ee:42: 8c:61:65:a0:06:63:3a:b0:f9:24:a0:e5:42:cc:f8:f0:9f:2e: 76:fb:b1:0c:3f:3f:eb:17:64:1a:d3:4d:fb:c2:eb:78:37:b5: e2:e3:ee:54:15:f4:15:dd:2a:51:cb:b5:d5:2f:33:46:58:dd: aa:bf:08:41:e5:81:b5:98:56:94:dc:62:64:2f:90:1b:a5:37: 03:01:56:f9:23:71:e4:a8:17:64:32:07:4a:ab:57:a8:a5:65: 20:b2:4e:3b:26:de:70:21:a9:49:d9:64:4b:ef:8f:e1:d2:21: 73:94:04:b0:f1:7c:27:c5:f9:18:9c:e0:b2:5c:7d:e7:57:58: 12:ce:a8:ae:3e:61:f8:12:61:49:19:a9:85:61:83:7e:10:b6: a1:b7:68:e4:a2:43:df:da:0d:89:58:25:03:63:ca:c7:41:a4: a9:75:9d:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5DwH2d6/ENRSbKOk6P7suMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh ZTMzZTkwHhcNMjUxMjIwMDAwMDQzWhcNMjUxMjIxMDAwMDQzWjAzMTEwLwYDVQQD EygwMzQ0OTcyZmEyZWRhOWQ5ZTgzZGEyNWNmMmNjN2VlYjk4MjBhMjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78ybKtCSUxJRjLQ9MuD6r0g4eQBe GZSN8ckroHKcsfR27ChfrFZPYGSEIY+p7/KPlY97RgzbhDA/E27BiKxbWqeG3m1j csdo+0v0hE2ScXV9TKPhc1gMRKL1V6dUhYcNLFG1PFArjuUM+2RseNcNi9rA4aTm ku4wMOUVuf9CA12AR0+mxPru2tbx6migZW037vffe+M5XbPi+fYNEbSrCJOLgFnS Bkbv72e6yh54QEpoPC6ciURjO3I3RiE7L11DgmUih7uHyq/25hWX8SrjVYXJ2vSL kqq8gCnDTXg7OljKbgu/+jIucHyIFZv6lQAqPZHNUoXC+R9LDdY1ckVpEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFANEly+i7anZ6D2iXPLMfuuYIKJXMB8GA1UdIwQY MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZn5HOEJl o7N29A/I29eRDc++0hacODF7G8AQclu61LCrbM0MBg2+J+iPNz03kGjb5Woe0XKW Ntr2jYST4moflH71noVeiR3rQ+yGo7vrvDUR+AtA0foxV+5CjGFloAZjOrD5JKDl Qsz48J8udvuxDD8/6xdkGtNN+8LreDe14uPuVBX0Fd0qUcu11S8zRljdqr8IQeWB tZhWlNxiZC+QG6U3AwFW+SNx5KgXZDIHSqtXqKVlILJOOybecCGpSdlkS++P4dIh c5QEsPF8J8X5GJzgslx951dYEs6orj5h+BJhSRmphWGDfhC2obdo5KJD39oNiVgl A2PKx0GkqXWdwg== -----END CERTIFICATE-----Generated at Sat Dec 20 07:30:55 2025 by rpki-client