This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft File: Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft (raw, json) Hash identifier: sy2FA3gmFanEqGFqjEcH0CwS1pFTscj/y+Q5kHZ2Krk= Subject key identifier: 92:89:FB:9F:DD:2F:A7:D3:71:7A:04:DE:6F:9D:DF:D6:1C:3A:BF:53 Authority key identifier: 23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44 Certificate issuer: /CN=230d311fc19463fdd30adecc917b5f0298741b44 Certificate serial: 019B3C104F2880BBAD961709DD3CBF3A35A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft Manifest number: 11A4 Signing time: Sat 20 Dec 2025 14:01:00 +0000 Manifest this update: Sat 20 Dec 2025 14:01:00 +0000 Manifest next update: Sun 21 Dec 2025 14:01:00 +0000 Files and hashes: 1: Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl (hash: tzVxp5Jpae1qqJXP5tvtCJPATK5BtGrK5DELiP2qgXY=) 2: qaZCGy8ImKVej6couAVTC--aSzI.roa (hash: dKUZq0YlDWheyPATDjfQQ4lypZzKgD8qgqRTkln0uKk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 14:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:4f:28:80:bb:ad:96:17:09:dd:3c:bf:3a:35:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=230d311fc19463fdd30adecc917b5f0298741b44 Validity Not Before: Dec 20 14:01:00 2025 GMT Not After : Dec 21 14:01:00 2025 GMT Subject: CN=9289fb9fdd2fa7d3717a04de6f9ddfd61c3abf53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:01:33:0f:46:bd:47:cb:90:2f:9a:d0:4d:83: 19:6d:0c:22:6d:5a:54:af:ae:15:d3:ef:8d:35:fe: 28:0a:75:58:c3:1a:92:35:b5:f3:8e:e4:18:7d:fc: 22:68:ab:ce:72:c1:99:f2:ed:74:69:69:7e:83:5d: 5e:c6:c2:c8:46:65:ea:a3:7c:87:e1:68:2f:62:a5: 02:59:bd:94:e2:7a:d6:e9:0c:cf:c4:28:17:8b:44: 52:84:c3:8d:96:3d:07:26:c7:f5:30:e1:5f:8d:fa: 5a:27:88:21:56:51:8f:b9:70:55:00:c8:e7:61:12: 72:40:5e:6c:4c:56:95:38:91:d2:11:03:60:99:f2: 49:93:9b:6b:b2:d2:6f:14:d7:1c:9b:2f:51:05:b1: 46:8f:de:58:9e:7b:62:ca:61:d2:3e:f9:14:ed:32: 62:c8:ca:e7:6e:80:eb:66:be:35:20:4d:4f:b2:bd: ec:3e:58:f2:d2:5f:48:dc:37:98:00:0c:2f:4e:2b: 39:c9:2b:3a:3d:60:f3:4d:61:e2:b1:b7:e7:64:9e: 46:28:99:cd:b2:a4:a6:cd:fb:7f:8e:70:34:34:9b: 9f:1b:9d:6e:f3:2b:75:4c:86:3c:89:bc:73:33:84: 5a:ab:b0:6d:f0:78:f1:f7:6d:6c:60:b4:2e:2f:82: 0b:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:89:FB:9F:DD:2F:A7:D3:71:7A:04:DE:6F:9D:DF:D6:1C:3A:BF:53 X509v3 Authority Key Identifier: keyid:23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:2d:2a:57:29:e5:82:dd:05:c2:6e:0a:4d:46:8b:74:9d:ec: fc:3b:87:97:74:51:04:09:ca:90:78:42:66:48:7f:54:83:ff: 1c:c2:8e:05:20:04:c4:36:bd:47:56:5b:7d:bb:8c:38:9f:94: 1d:fc:81:98:9d:66:ce:23:b3:b0:bf:c4:c8:0e:fe:e1:cc:90: 3c:1c:de:7e:fb:3c:ee:ba:88:3a:b5:cb:af:c8:3d:28:55:6c: 75:1f:f1:20:df:b8:a8:44:65:26:b7:24:1f:97:6e:8a:f0:ba: ca:0b:16:19:db:82:ea:70:7b:42:e1:a3:45:cb:60:dd:1c:17: 33:09:dd:c2:58:b9:1e:c2:1b:ec:09:71:cd:d1:80:90:e8:71: 44:0d:1c:b0:77:0c:27:34:06:44:36:1f:8d:86:5b:5e:2f:68: 76:fa:20:8c:65:2f:92:66:2b:6d:53:e6:a0:73:52:ed:10:f6: 59:b6:0a:f6:8d:ce:f6:6c:5e:5e:66:b2:cc:6b:aa:a3:1f:ed: 1d:c4:1d:82:74:a9:5e:74:c8:ce:d2:0e:b3:bd:5c:46:e7:7d: d1:8c:81:79:f0:2f:45:80:0d:05:ad:42:0e:01:d0:3a:81:95: cf:c4:b2:44:6d:a6:42:91:c2:dc:e1:0c:d1:13:43:77:c3:e6: 7d:e1:41:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EE8ogLutlhcJ3Ty/OjWmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMGQzMTFmYzE5NDYzZmRkMzBhZGVjYzkxN2I1ZjAyOTg3 NDFiNDQwHhcNMjUxMjIwMTQwMTAwWhcNMjUxMjIxMTQwMTAwWjAzMTEwLwYDVQQD Eyg5Mjg5ZmI5ZmRkMmZhN2QzNzE3YTA0ZGU2ZjlkZGZkNjFjM2FiZjUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAEzD0a9R8uQL5rQTYMZbQwibVpU r64V0++NNf4oCnVYwxqSNbXzjuQYffwiaKvOcsGZ8u10aWl+g11exsLIRmXqo3yH 4WgvYqUCWb2U4nrW6QzPxCgXi0RShMONlj0HJsf1MOFfjfpaJ4ghVlGPuXBVAMjn YRJyQF5sTFaVOJHSEQNgmfJJk5trstJvFNccmy9RBbFGj95YnntiymHSPvkU7TJi yMrnboDrZr41IE1Psr3sPljy0l9I3DeYAAwvTis5ySs6PWDzTWHisbfnZJ5GKJnN sqSmzft/jnA0NJufG51u8yt1TIY8ibxzM4Raq7Bt8Hjx921sYLQuL4ILKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJKJ+5/dL6fTcXoE3m+d39YcOr9TMB8GA1UdIwQY MBaAFCMNMR/BlGP90wrezJF7XwKYdBtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjIt MWJlY2I1ZGNkN2FhLzEvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjItMWJlY2I1ZGNkN2Fh LzEvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAby0qVynl gt0Fwm4KTUaLdJ3s/DuHl3RRBAnKkHhCZkh/VIP/HMKOBSAExDa9R1ZbfbuMOJ+U HfyBmJ1mziOzsL/EyA7+4cyQPBzefvs87rqIOrXLr8g9KFVsdR/xIN+4qERlJrck H5duivC6ygsWGduC6nB7QuGjRctg3RwXMwndwli5HsIb7AlxzdGAkOhxRA0csHcM JzQGRDYfjYZbXi9odvogjGUvkmYrbVPmoHNS7RD2WbYK9o3O9mxeXmayzGuqox/t HcQdgnSpXnTIztIOs71cRud90YyBefAvRYANBa1CDgHQOoGVz8SyRG2mQpHC3OEM 0RNDd8PmfeFBdQ== -----END CERTIFICATE-----Generated at Sat Dec 20 22:41:34 2025 by rpki-client