This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft File: IkCgcYD88zY191fMFEng1dvU_bg.mft (raw, json) Hash identifier: IdVqAwh9FDV/fwyf8rPpWF8C+lwcBXc8LDmKc2XA54M= Subject key identifier: 68:64:D2:D2:A8:BD:8E:CB:7C:9F:3F:DE:C1:E7:95:7F:0E:D8:A2:91 Authority key identifier: 22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8 Certificate issuer: /CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8 Certificate serial: 019B2C2F359A8468982FD0EC15EF4F8CF06C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft Manifest number: 0367 Signing time: Wed 17 Dec 2025 12:00:49 +0000 Manifest this update: Wed 17 Dec 2025 12:00:49 +0000 Manifest next update: Thu 18 Dec 2025 12:00:49 +0000 Files and hashes: 1: IkCgcYD88zY191fMFEng1dvU_bg.crl (hash: NeZHw2WlqV8x4/f/E0RH3zz1gbVxHttTLeFcIP/X9FU=) 2: nvx0QRZQO1QzuvMN00Bva6hTGZw.roa (hash: Gw59i4bicuVuHEY8V6dHsuW9MPHvsYhnw1rq0LLdv8I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:2f:35:9a:84:68:98:2f:d0:ec:15:ef:4f:8c:f0:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8 Validity Not Before: Dec 17 12:00:49 2025 GMT Not After : Dec 18 12:00:49 2025 GMT Subject: CN=6864d2d2a8bd8ecb7c9f3fdec1e7957f0ed8a291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d8:c9:5c:10:01:d4:32:28:1b:f8:09:d5:b8: 52:8a:15:60:59:eb:a8:3d:06:ae:3f:d7:8c:c1:13: 13:be:9f:80:9c:66:b8:4d:6f:7a:2c:07:6e:6f:c1: 97:47:09:77:e3:8b:9d:fb:7e:6b:4e:ed:b1:5a:40: 55:11:13:6e:70:3b:01:f6:d9:60:4d:a8:84:79:fa: 75:d9:93:03:8f:05:9e:41:88:0d:be:0f:dd:15:00: 60:15:b8:31:a0:a5:e8:5d:23:ba:c8:a9:74:a5:14: e6:26:57:53:82:6f:ed:56:eb:11:5d:58:cb:3c:95: 58:eb:2f:cf:9f:ce:27:e9:ec:28:e8:25:25:7f:a7: e7:08:25:f4:49:08:85:5c:a8:72:19:5a:6c:75:6e: 5b:38:da:1e:c3:74:2b:ac:95:a2:30:29:ce:86:39: 57:f5:58:6e:b3:5a:1c:55:f7:59:8e:52:45:46:2f: c2:a4:6a:35:03:73:8f:1a:21:cf:3f:f2:f7:97:be: 07:c8:03:36:44:31:5a:bb:0b:1f:00:cc:b2:0c:5d: 74:06:5a:59:37:f8:51:fd:22:81:b7:04:99:9b:87: 15:ea:7c:21:f6:38:03:be:a1:f2:1a:46:83:74:08: 92:34:a8:20:75:51:20:60:f8:f2:39:d1:f1:dc:c5: ae:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:64:D2:D2:A8:BD:8E:CB:7C:9F:3F:DE:C1:E7:95:7F:0E:D8:A2:91 X509v3 Authority Key Identifier: keyid:22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:db:fd:02:4d:08:c8:52:2e:9c:0d:7f:65:1c:f5:5e:1e:20: 10:e3:97:57:f7:5b:b7:b0:05:53:b4:5d:3b:13:eb:73:33:80: 31:49:18:98:5d:62:22:46:87:c4:09:e3:6d:07:1b:48:e9:1d: cc:54:b3:89:c5:5c:94:a4:f0:57:38:58:2b:83:2c:78:7a:73: f7:0e:74:de:d5:cf:b0:0e:6a:82:49:e7:b1:d3:f9:8c:bf:20: 8d:8c:e9:1e:ff:59:ba:84:0c:86:1c:7e:79:83:07:7f:d5:8e: f6:f9:d8:e2:cc:e3:a2:1f:ee:ec:63:d0:24:b5:1e:7c:c4:25: 4f:55:29:85:39:6b:ef:3b:81:6d:4f:4e:2f:8e:9d:ef:0b:d8: 53:f0:da:0c:82:6b:8f:9b:e9:07:2f:a8:df:b8:9d:a9:b3:07: 54:78:a7:79:cd:9f:c4:b7:72:30:19:2b:43:29:0b:ad:e3:5c: f5:03:a6:f0:9f:ef:43:14:d7:b3:4f:27:98:37:22:55:ac:33: 90:73:09:81:09:fd:de:ec:ff:a8:2a:f2:e7:c8:f4:37:eb:ea: d8:f4:8d:8e:49:b0:e2:ec:30:00:b6:96:0f:8a:66:4f:7e:0b: 29:05:62:f2:63:0b:25:60:24:eb:43:0b:93:18:3c:25:1d:f9: 62:69:f0:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssLzWahGiYL9DsFe9PjPBsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyNDBhMDcxODBmY2YzMzYzNWY3NTdjYzE0NDllMGQ1ZGJk NGZkYjgwHhcNMjUxMjE3MTIwMDQ5WhcNMjUxMjE4MTIwMDQ5WjAzMTEwLwYDVQQD Eyg2ODY0ZDJkMmE4YmQ4ZWNiN2M5ZjNmZGVjMWU3OTU3ZjBlZDhhMjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9jJXBAB1DIoG/gJ1bhSihVgWeuo PQauP9eMwRMTvp+AnGa4TW96LAdub8GXRwl344ud+35rTu2xWkBVERNucDsB9tlg TaiEefp12ZMDjwWeQYgNvg/dFQBgFbgxoKXoXSO6yKl0pRTmJldTgm/tVusRXVjL PJVY6y/Pn84n6ewo6CUlf6fnCCX0SQiFXKhyGVpsdW5bONoew3QrrJWiMCnOhjlX 9Vhus1ocVfdZjlJFRi/CpGo1A3OPGiHPP/L3l74HyAM2RDFauwsfAMyyDF10BlpZ N/hR/SKBtwSZm4cV6nwh9jgDvqHyGkaDdAiSNKggdVEgYPjyOdHx3MWuqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGhk0tKovY7LfJ8/3sHnlX8O2KKRMB8GA1UdIwQY MBaAFCJAoHGA/PM2NfdXzBRJ4NXb1P24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEt ZDBiZDBlODAzZmQxLzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEtZDBiZDBlODAzZmQx LzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEdv9Ak0I yFIunA1/ZRz1Xh4gEOOXV/dbt7AFU7RdOxPrczOAMUkYmF1iIkaHxAnjbQcbSOkd zFSzicVclKTwVzhYK4MseHpz9w503tXPsA5qgknnsdP5jL8gjYzpHv9ZuoQMhhx+ eYMHf9WO9vnY4szjoh/u7GPQJLUefMQlT1UphTlr7zuBbU9OL46d7wvYU/DaDIJr j5vpBy+o37idqbMHVHinec2fxLdyMBkrQykLreNc9QOm8J/vQxTXs08nmDciVawz kHMJgQn93uz/qCry58j0N+vq2PSNjkmw4uwwALaWD4pmT34LKQVi8mMLJWAk60ML kxg8JR35YmnwgQ== -----END CERTIFICATE-----Generated at Wed Dec 17 18:41:32 2025 by rpki-client