This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft File: IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft (raw, json) Hash identifier: q8IUgfr8OAe+lrNJ3mzatDwyLzVcAjgIRdTVTrDwLtI= Subject key identifier: 10:B6:42:A6:83:69:FD:18:E9:45:16:33:A5:06:02:4F:AC:E7:E5:28 Authority key identifier: 21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9 Certificate issuer: /CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9 Certificate serial: 019B4392EDED61681146114556ADF71F6EEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft Manifest number: 0A86 Signing time: Mon 22 Dec 2025 01:01:01 +0000 Manifest this update: Mon 22 Dec 2025 01:01:01 +0000 Manifest next update: Tue 23 Dec 2025 01:01:01 +0000 Files and hashes: 1: IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl (hash: QdjQTtPr7eR2666PSjNd4ydZZIk0SAy4DZ7Q4cW5bAg=) 2: NfqHOhcJXcqSfQpuNgytLU6Q0gw.roa (hash: fdvl8Vjh1i6SnoxQG77IPFWNq1tbBXhWcHGwbwfOV50=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:92:ed:ed:61:68:11:46:11:45:56:ad:f7:1f:6e:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9 Validity Not Before: Dec 22 01:01:01 2025 GMT Not After : Dec 23 01:01:01 2025 GMT Subject: CN=10b642a68369fd18e9451633a506024face7e528 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:13:e1:ee:7a:c3:d6:10:88:6b:82:ff:e1:89: 80:5b:37:36:6d:54:86:f0:4a:a9:e5:7f:35:eb:42: 7c:1a:0d:09:35:25:28:11:8c:e2:11:4b:69:37:40: 5f:23:83:4f:e8:8c:88:06:6c:30:cd:fd:9d:4d:5b: 1d:e2:15:4a:14:b6:f4:99:6d:13:a1:06:d4:6b:c9: ad:7b:2d:dd:19:b5:6d:d9:8d:e9:65:03:93:a0:de: 11:5d:1c:20:60:34:71:aa:30:bb:75:82:ba:10:e5: cf:16:0b:f7:0f:1c:81:17:a1:f4:d8:be:3c:94:04: b4:ae:bc:84:43:e7:14:0b:f9:fc:20:bc:41:75:94: 45:23:a4:5b:b2:a4:b6:0a:3b:da:0f:02:4d:ea:7c: ce:27:03:ad:41:48:ce:15:47:9e:e7:c0:8b:d5:47: ef:a5:c9:d4:a4:a8:6b:49:22:c7:59:99:ae:b5:7c: e5:0e:62:5b:42:ac:de:ee:8c:a6:9f:21:fe:be:60: 6a:0c:65:61:f5:4e:88:1d:94:30:b1:a6:e7:f3:ac: da:1b:0a:0b:75:ae:19:42:47:3f:47:45:0b:3d:22: 6b:6e:71:f9:ac:2e:39:bc:86:21:9d:d6:b5:99:a4: 77:27:a8:a7:91:99:60:ca:fe:9f:ca:ec:60:d9:9f: e4:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:B6:42:A6:83:69:FD:18:E9:45:16:33:A5:06:02:4F:AC:E7:E5:28 X509v3 Authority Key Identifier: keyid:21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:38:24:72:d8:4d:12:e4:f4:00:73:37:7f:11:43:87:59:e1: 80:c8:49:1d:61:5f:e9:03:3d:90:2a:0b:42:e2:44:8e:b6:88: c0:88:fe:f8:13:bc:9a:7d:d6:eb:d8:9f:2e:a9:7f:c6:9a:d0: f0:66:70:1e:a0:fc:3a:81:5a:5b:41:c5:ed:c7:40:a3:fb:47: ee:60:59:10:67:50:89:8b:a1:b7:2f:19:39:af:dc:a9:80:dd: db:65:b8:d6:9c:b9:a6:48:2c:b3:76:ab:dd:0b:a5:c8:50:09: a8:8d:6c:6b:92:9d:4d:b0:9e:98:dc:b8:b0:1f:1d:95:1d:e4: 11:2a:2a:18:f2:b5:11:05:5c:38:16:d4:cd:9c:dc:34:2f:4e: 52:f6:52:ba:69:89:d3:58:9b:bb:cd:64:6a:d3:52:93:82:94: 1e:ac:d7:7d:78:ac:37:3a:a2:19:15:11:2b:2e:3e:e7:6f:dd: 0d:60:44:18:0a:9a:b2:7c:d4:dc:2f:0e:66:24:37:e3:40:70: 61:ec:76:ba:73:e2:c7:06:db:4e:42:12:b3:b5:6e:0a:06:b0: 66:af:8b:45:d0:61:45:c1:7a:dc:e4:ca:b3:05:79:8d:ed:57: 0f:5a:98:bc:26:d4:59:b5:c2:9b:ce:00:e9:f5:dd:0d:06:78: 65:4d:e4:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDku3tYWgRRhFFVq33H27rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxNTMwZTlkMDllMmZmOGMzODQxMzYxNTU4OWE1ZjIwNmU3 ZjNlYTkwHhcNMjUxMjIyMDEwMTAxWhcNMjUxMjIzMDEwMTAxWjAzMTEwLwYDVQQD EygxMGI2NDJhNjgzNjlmZDE4ZTk0NTE2MzNhNTA2MDI0ZmFjZTdlNTI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhPh7nrD1hCIa4L/4YmAWzc2bVSG 8Eqp5X8160J8Gg0JNSUoEYziEUtpN0BfI4NP6IyIBmwwzf2dTVsd4hVKFLb0mW0T oQbUa8mtey3dGbVt2Y3pZQOToN4RXRwgYDRxqjC7dYK6EOXPFgv3DxyBF6H02L48 lAS0rryEQ+cUC/n8ILxBdZRFI6RbsqS2CjvaDwJN6nzOJwOtQUjOFUee58CL1Ufv pcnUpKhrSSLHWZmutXzlDmJbQqze7oymnyH+vmBqDGVh9U6IHZQwsabn86zaGwoL da4ZQkc/R0ULPSJrbnH5rC45vIYhnda1maR3J6inkZlgyv6fyuxg2Z/kcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBC2QqaDaf0Y6UUWM6UGAk+s5+UoMB8GA1UdIwQY MBaAFCFTDp0J4v+MOEE2FViaXyBufz6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDIt NjI0ZjRjMTQxZjJjLzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDItNjI0ZjRjMTQxZjJj LzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATjgkcthN EuT0AHM3fxFDh1nhgMhJHWFf6QM9kCoLQuJEjraIwIj++BO8mn3W69ifLql/xprQ 8GZwHqD8OoFaW0HF7cdAo/tH7mBZEGdQiYuhty8ZOa/cqYDd22W41py5pkgss3ar 3QulyFAJqI1sa5KdTbCemNy4sB8dlR3kESoqGPK1EQVcOBbUzZzcNC9OUvZSummJ 01ibu81katNSk4KUHqzXfXisNzqiGRURKy4+52/dDWBEGAqasnzU3C8OZiQ340Bw Yex2unPixwbbTkISs7VuCgawZq+LRdBhRcF63OTKswV5je1XD1qYvCbUWbXCm84A 6fXdDQZ4ZU3kaQ== -----END CERTIFICATE-----Generated at Mon Dec 22 07:55:20 2025 by rpki-client