This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft File: IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft (raw, json) Hash identifier: n8BAmaXaZybFJIRrVlMWG0LNMklQBWvEGJDaOGoRRYE= Subject key identifier: A2:6C:8F:DF:D0:DF:65:BB:29:31:43:F5:0C:65:A8:40:2D:13:A2:10 Authority key identifier: 21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6 Certificate issuer: /CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6 Certificate serial: 019B3DC80730CB20AB34A329A2B4EA592455 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft Manifest number: 0115 Signing time: Sat 20 Dec 2025 22:01:17 +0000 Manifest this update: Sat 20 Dec 2025 22:01:17 +0000 Manifest next update: Sun 21 Dec 2025 22:01:17 +0000 Files and hashes: 1: IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl (hash: vm688ZqVv3jm1XOtPdPhUxxt6YAWTWxIpKpsuEiSyzA=) 2: Tq4R9IdG22N3vnBq8Qo-UFuJbpQ.roa (hash: af3sYHdNbdlvdprU3qi9kp0Nrk2mSxcsF15s0Xd+YhM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c8:07:30:cb:20:ab:34:a3:29:a2:b4:ea:59:24:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6 Validity Not Before: Dec 20 22:01:17 2025 GMT Not After : Dec 21 22:01:17 2025 GMT Subject: CN=a26c8fdfd0df65bb293143f50c65a8402d13a210 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:01:a2:7b:83:87:4d:44:e1:f0:b9:e0:0a:08: 0e:e6:05:69:35:08:f4:1c:91:86:e6:cd:dd:91:9e: d6:8a:cd:89:d7:f7:78:f8:fc:a8:c6:b9:13:ad:fd: 9e:0c:b3:80:d2:75:67:9b:f8:90:2b:87:51:60:8b: a6:16:d0:2e:e0:54:b1:e3:2f:ba:83:df:53:81:be: 47:d7:ba:96:61:ff:ed:ca:1c:7f:ab:7c:1d:9a:dd: 83:d5:94:6e:72:a4:62:51:b7:04:5a:65:1b:a2:99: 7b:98:97:ce:67:e2:2e:c8:cc:79:d4:ea:03:28:4d: 85:fd:37:de:78:4f:93:6a:c6:27:58:9d:3a:2d:96: 90:48:4a:fb:e1:d4:24:fd:6e:2d:e9:dd:03:cc:39: 89:82:26:62:ff:c8:49:d1:32:99:46:80:e9:07:62: c0:e3:1d:e7:1b:e0:26:95:74:fe:a4:2f:fd:db:6b: 29:68:03:67:3f:f2:f8:24:b1:09:f4:d5:c8:56:31: 9d:b2:53:0c:8d:57:f0:a7:26:33:ab:f9:57:a9:18: 78:11:1c:9d:aa:1f:49:5d:25:44:b2:12:cc:10:51: 2f:48:62:f5:77:b8:34:ff:fc:77:61:8b:2b:25:85: 36:bb:64:cc:a7:d1:56:ac:c0:d9:89:6b:ec:55:af: 38:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:6C:8F:DF:D0:DF:65:BB:29:31:43:F5:0C:65:A8:40:2D:13:A2:10 X509v3 Authority Key Identifier: keyid:21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:fd:7e:a3:25:31:93:47:36:ad:d0:ff:59:08:2e:59:23:c0: 18:4d:4f:a3:70:07:57:cf:ba:6a:cd:c6:f1:62:71:a0:2c:ba: c7:68:f0:12:d2:4c:b7:a7:50:a4:26:78:ee:ed:ed:01:5d:9c: d9:43:b2:4e:97:55:61:40:fe:27:23:b6:84:e3:69:f3:7e:a0: ca:bd:49:e4:ba:5e:7f:b0:7f:b6:cc:e3:f7:b6:7b:8f:e6:32: 0a:ce:0e:06:9a:dd:f8:83:b1:70:65:71:10:89:c3:45:ce:e5: 4c:74:fd:a3:5c:f5:13:cc:57:2d:08:2e:19:c9:a0:c0:ed:b9: 86:f2:79:8c:c5:26:39:11:76:6e:22:9f:c2:d6:e1:87:30:4a: 34:40:0d:69:5f:5b:f2:e0:15:fd:14:48:f3:f5:2b:c6:db:c7: 4d:f8:09:45:b4:df:61:ac:73:7e:42:21:b6:23:8c:eb:9e:f3: 8f:b0:96:f2:e7:0e:51:3e:99:11:44:d9:18:ac:5f:4f:f6:2f: e4:9c:53:66:c7:21:c0:d7:5d:1f:38:27:27:df:2d:77:15:7b: 68:fc:aa:78:81:2a:13:ec:fd:a1:83:22:27:aa:fa:c6:18:fa: 75:7e:4b:70:50:d0:f2:1a:a1:40:f0:38:ce:ab:b6:77:a4:53: 4a:3e:89:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9yAcwyyCrNKMporTqWSRVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxODFjNWIzY2I3ZWViMWU0OTU4MjE1NWExOTE4ZWM2MTJm OTVhYzYwHhcNMjUxMjIwMjIwMTE3WhcNMjUxMjIxMjIwMTE3WjAzMTEwLwYDVQQD EyhhMjZjOGZkZmQwZGY2NWJiMjkzMTQzZjUwYzY1YTg0MDJkMTNhMjEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgGie4OHTUTh8LngCggO5gVpNQj0 HJGG5s3dkZ7Wis2J1/d4+PyoxrkTrf2eDLOA0nVnm/iQK4dRYIumFtAu4FSx4y+6 g99Tgb5H17qWYf/tyhx/q3wdmt2D1ZRucqRiUbcEWmUbopl7mJfOZ+IuyMx51OoD KE2F/TfeeE+TasYnWJ06LZaQSEr74dQk/W4t6d0DzDmJgiZi/8hJ0TKZRoDpB2LA 4x3nG+AmlXT+pC/922spaANnP/L4JLEJ9NXIVjGdslMMjVfwpyYzq/lXqRh4ERyd qh9JXSVEshLMEFEvSGL1d7g0//x3YYsrJYU2u2TMp9FWrMDZiWvsVa84rwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKJsj9/Q32W7KTFD9QxlqEAtE6IQMB8GA1UdIwQY MBaAFCGBxbPLfuseSVghVaGRjsYS+VrGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAt MDIyNmQ0NWE3NTMyLzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAtMDIyNmQ0NWE3NTMy LzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWv1+oyUx k0c2rdD/WQguWSPAGE1Po3AHV8+6as3G8WJxoCy6x2jwEtJMt6dQpCZ47u3tAV2c 2UOyTpdVYUD+JyO2hONp836gyr1J5Lpef7B/tszj97Z7j+YyCs4OBprd+IOxcGVx EInDRc7lTHT9o1z1E8xXLQguGcmgwO25hvJ5jMUmORF2biKfwtbhhzBKNEANaV9b 8uAV/RRI8/UrxtvHTfgJRbTfYaxzfkIhtiOM657zj7CW8ucOUT6ZEUTZGKxfT/Yv 5JxTZschwNddHzgnJ98tdxV7aPyqeIEqE+z9oYMiJ6r6xhj6dX5LcFDQ8hqhQPA4 zqu2d6RTSj6JLA== -----END CERTIFICATE-----Generated at Sat Dec 20 23:13:49 2025 by rpki-client