This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft File: iaWq49f3LuzoOWtBSSIIrdUhhDU.mft (raw, json) Hash identifier: xWoTK/txoc04QrXUi9Oobpz7TOFpMo9trJJdl1qReB0= Subject key identifier: D1:08:10:40:13:43:85:9C:C9:2E:40:E1:27:5D:9D:93:71:00:0A:CB Authority key identifier: 89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35 Certificate issuer: /CN=89a5aae3d7f72eece8396b41492208add5218435 Certificate serial: 019B4ADF0668910877EC412A91A61DD00528 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft Manifest number: 1680 Signing time: Tue 23 Dec 2025 11:01:28 +0000 Manifest this update: Tue 23 Dec 2025 11:01:28 +0000 Manifest next update: Wed 24 Dec 2025 11:01:28 +0000 Files and hashes: 1: iaWq49f3LuzoOWtBSSIIrdUhhDU.crl (hash: DhrNT3CXljUwrd3Lbv+zamfT1+mz8BhxqvGxADWaeq8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 11:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:df:06:68:91:08:77:ec:41:2a:91:a6:1d:d0:05:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89a5aae3d7f72eece8396b41492208add5218435 Validity Not Before: Dec 23 11:01:28 2025 GMT Not After : Dec 24 11:01:28 2025 GMT Subject: CN=d10810401343859cc92e40e1275d9d9371000acb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b1:f4:dc:5e:11:8b:39:9a:97:91:54:50:ab: 93:2f:61:1b:ab:d5:29:7c:44:d9:cd:81:23:97:4a: d5:38:51:c1:21:81:82:e6:d3:65:2c:b2:38:f1:6f: 32:02:f3:7e:c6:53:ea:9d:c8:18:cd:bf:0e:95:0f: 09:93:94:db:07:60:7f:f3:be:a3:47:f3:30:4f:00: a3:34:21:e7:85:08:02:ae:74:e3:bc:90:ab:82:3a: 9f:c0:3f:d5:99:4e:34:73:65:74:a2:f1:af:f5:e4: 91:92:26:90:56:1c:1d:b2:fc:c0:13:ab:4a:36:56: b7:a8:24:66:36:b0:c9:1e:a9:09:7f:d7:b2:5d:51: 90:6a:fb:28:f2:09:18:b9:1a:36:18:3a:cd:0e:73: 64:e6:a4:ca:a1:3f:b8:a2:6a:65:a2:94:6a:e1:2f: ad:d4:34:76:f5:26:a6:01:3f:72:e9:7f:e4:ff:0d: fb:ba:0b:16:59:e8:48:98:dd:d3:c5:cc:0d:cf:d2: 5c:fe:ee:f0:e8:44:d0:c8:41:a3:4b:c4:43:34:5b: a6:ee:c4:fa:80:88:ba:bd:1f:6c:a4:f4:d9:f1:19: 12:37:e9:5d:c1:8c:fd:c5:4a:0e:b7:2e:13:06:bd: c7:8f:db:77:b9:5e:a5:ce:0b:82:02:30:ec:14:a3: aa:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:08:10:40:13:43:85:9C:C9:2E:40:E1:27:5D:9D:93:71:00:0A:CB X509v3 Authority Key Identifier: keyid:89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:ca:24:8d:5c:6e:83:fa:9c:ad:11:b1:c6:83:1b:85:32:ae: e1:52:25:95:6e:51:98:41:82:3b:55:34:69:91:8f:24:06:cf: 57:25:16:38:41:d0:cd:23:e0:fa:3f:2e:27:9a:5e:bc:fa:66: 37:89:82:ba:24:79:6c:10:e1:bb:79:f7:47:a5:b0:c1:ac:bf: 3f:55:ee:c4:04:c6:52:51:79:8c:6e:62:dc:ce:b3:71:37:57: 88:99:12:54:7a:04:46:cd:83:f8:96:d7:94:03:b5:12:ac:32: a7:df:18:8c:30:54:55:37:55:46:c0:45:c7:67:73:44:95:fc: ba:c0:c5:b0:62:54:39:9a:88:b2:d9:b8:51:53:86:0d:47:d0: 31:be:71:36:62:87:e2:56:78:ef:41:56:1c:5b:cf:b1:84:cb: c0:c2:af:3e:44:e4:d6:29:55:4d:fc:18:3b:c4:fc:a4:a7:6a: 81:cd:df:ad:b8:af:23:23:70:34:87:8b:bb:c0:52:18:9b:67: 82:ff:5f:9e:ae:68:30:d7:eb:6f:0c:7c:56:40:02:93:48:0e: 43:55:36:79:d4:52:7d:af:c2:aa:45:1d:2a:40:99:c7:b7:e1: 23:97:46:6f:84:6e:8d:03:08:85:cf:ea:94:b0:a0:b8:28:15: e8:f1:bc:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtK3wZokQh37EEqkaYd0AUoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YTVhYWUzZDdmNzJlZWNlODM5NmI0MTQ5MjIwOGFkZDUy MTg0MzUwHhcNMjUxMjIzMTEwMTI4WhcNMjUxMjI0MTEwMTI4WjAzMTEwLwYDVQQD EyhkMTA4MTA0MDEzNDM4NTljYzkyZTQwZTEyNzVkOWQ5MzcxMDAwYWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprH03F4Rizmal5FUUKuTL2Ebq9Up fETZzYEjl0rVOFHBIYGC5tNlLLI48W8yAvN+xlPqncgYzb8OlQ8Jk5TbB2B/876j R/MwTwCjNCHnhQgCrnTjvJCrgjqfwD/VmU40c2V0ovGv9eSRkiaQVhwdsvzAE6tK Nla3qCRmNrDJHqkJf9eyXVGQavso8gkYuRo2GDrNDnNk5qTKoT+4omplopRq4S+t 1DR29SamAT9y6X/k/w37ugsWWehImN3TxcwNz9Jc/u7w6ETQyEGjS8RDNFum7sT6 gIi6vR9spPTZ8RkSN+ldwYz9xUoOty4TBr3Hj9t3uV6lzguCAjDsFKOqoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNEIEEATQ4WcyS5A4SddnZNxAArLMB8GA1UdIwQY MBaAFImlquPX9y7s6DlrQUkiCK3VIYQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGIt MDg3MTE1MmExYWEzLzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGItMDg3MTE1MmExYWEz LzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMokjVxu g/qcrRGxxoMbhTKu4VIllW5RmEGCO1U0aZGPJAbPVyUWOEHQzSPg+j8uJ5pevPpm N4mCuiR5bBDhu3n3R6Wwway/P1XuxATGUlF5jG5i3M6zcTdXiJkSVHoERs2D+JbX lAO1Eqwyp98YjDBUVTdVRsBFx2dzRJX8usDFsGJUOZqIstm4UVOGDUfQMb5xNmKH 4lZ470FWHFvPsYTLwMKvPkTk1ilVTfwYO8T8pKdqgc3frbivIyNwNIeLu8BSGJtn gv9fnq5oMNfrbwx8VkACk0gOQ1U2edRSfa/CqkUdKkCZx7fhI5dGb4RujQMIhc/q lLCguCgV6PG8mg== -----END CERTIFICATE-----Generated at Tue Dec 23 16:51:13 2025 by rpki-client