This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json) Hash identifier: ovolNW/PatVMoRIhoEpF0eth93T5scIwu8tAxBpy3Qg= Subject key identifier: 2E:78:98:0A:F1:33:2B:05:88:B9:34:01:43:54:6F:B1:7B:32:09:9D Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21 Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21 Certificate serial: 019B3CEC7F68869ECC346A88298B5A410C7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 18:01:30 +0000 Manifest this update: Sat 20 Dec 2025 18:01:30 +0000 Manifest next update: Sun 21 Dec 2025 18:01:30 +0000 Files and hashes: 1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=) 2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: n/bKxjnNFMdBO+iF+7JrsxER+qFAd11mX2z8jurUMPA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:7f:68:86:9e:cc:34:6a:88:29:8b:5a:41:0c:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21 Validity Not Before: Dec 20 18:01:30 2025 GMT Not After : Dec 21 18:01:30 2025 GMT Subject: CN=2e78980af1332b0588b9340143546fb17b32099d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:3f:b0:c3:77:26:94:0c:90:10:63:a8:b6:02: 6e:b5:2e:2c:41:46:1c:d4:a2:68:a4:ac:43:88:c2: 53:a7:67:f9:fc:c6:47:8d:c1:46:96:cb:2a:00:9e: 89:4f:43:73:4a:2b:73:5b:48:c4:42:c3:61:9b:80: f2:67:c9:e8:e8:98:ad:23:0a:e3:a9:43:76:03:8b: 72:5f:21:de:7c:18:e8:92:7e:d9:2e:1d:69:ef:9d: e7:4b:81:7d:f0:c4:00:25:eb:32:db:42:e0:4f:ee: ea:a0:f5:e1:2b:6d:6b:76:43:07:30:22:7d:3a:dc: 09:5c:eb:18:be:ac:95:ed:d1:62:30:45:6f:43:9a: d4:cd:aa:3b:12:b4:4b:5a:88:27:9e:c0:40:38:8b: aa:ed:b8:a2:07:ff:c6:6d:31:37:76:9e:53:ba:03: 1d:ac:77:bf:da:15:0d:7b:ad:e2:7b:18:68:22:76: ba:39:32:b2:d6:4a:7d:5b:e5:94:eb:99:f7:d7:84: 55:e5:4b:00:58:0b:75:c2:3f:27:e1:26:7d:e6:16: 07:5b:1d:c4:fb:0e:24:f9:e2:52:de:13:a1:5f:78: 12:d6:b2:c1:d8:d9:f0:75:64:aa:cd:f1:e6:4b:6a: c0:a3:7a:7d:c6:93:43:cb:fc:7c:71:a7:f6:e0:df: 38:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:78:98:0A:F1:33:2B:05:88:B9:34:01:43:54:6F:B1:7B:32:09:9D X509v3 Authority Key Identifier: keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:fb:ba:dd:cd:03:6a:01:71:74:05:80:f3:9a:63:68:a1:86: d5:7f:3c:b6:0f:57:70:11:3f:51:e3:d9:60:3a:61:75:0a:ef: ac:7e:62:5f:2d:b6:cf:8a:00:ed:4d:ab:35:db:b5:74:ae:ef: 6e:28:f4:18:14:ea:bd:8f:61:6e:d4:22:97:77:6e:2a:35:6d: 2c:95:a3:19:48:39:bf:6c:d5:a1:9c:eb:82:90:95:dc:12:e9: 1b:4b:43:0c:a9:45:16:18:a0:86:f1:bf:a3:f0:46:c8:fd:45: ef:48:9b:b2:3a:a2:1f:e1:7b:8e:64:c4:de:a4:f4:5f:1d:93: 6a:ce:91:39:42:5e:b1:44:7b:5d:8c:8f:ac:97:54:ec:bb:d8: 0a:7c:0e:59:98:8e:a3:04:87:cf:91:0a:f2:1c:19:e5:78:30: 3b:6c:4a:20:26:71:2d:ef:c9:a9:19:74:91:a5:ad:ac:75:b0: 14:f3:d6:09:8f:b4:da:7e:39:c4:7e:f1:fb:69:1d:47:7d:5c: 65:95:11:fc:ef:df:6d:6d:b5:1e:d7:8c:9e:4b:76:4c:a0:0e: af:bf:13:da:9f:4f:35:78:b9:54:e3:22:cc:2e:04:ac:38:17: 8b:58:d8:d8:05:c8:fc:49:ae:a4:01:cb:cd:26:a8:33:0d:3d: 92:fa:00:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87H9ohp7MNGqIKYtaQQx9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy ZjZiMjEwHhcNMjUxMjIwMTgwMTMwWhcNMjUxMjIxMTgwMTMwWjAzMTEwLwYDVQQD EygyZTc4OTgwYWYxMzMyYjA1ODhiOTM0MDE0MzU0NmZiMTdiMzIwOTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT+ww3cmlAyQEGOotgJutS4sQUYc 1KJopKxDiMJTp2f5/MZHjcFGlssqAJ6JT0NzSitzW0jEQsNhm4DyZ8no6JitIwrj qUN2A4tyXyHefBjokn7ZLh1p753nS4F98MQAJesy20LgT+7qoPXhK21rdkMHMCJ9 OtwJXOsYvqyV7dFiMEVvQ5rUzao7ErRLWognnsBAOIuq7biiB//GbTE3dp5TugMd rHe/2hUNe63iexhoIna6OTKy1kp9W+WU65n314RV5UsAWAt1wj8n4SZ95hYHWx3E +w4k+eJS3hOhX3gS1rLB2NnwdWSqzfHmS2rAo3p9xpNDy/x8caf24N84HQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC54mArxMysFiLk0AUNUb7F7MgmdMB8GA1UdIwQY MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2 LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADvu63c0D agFxdAWA85pjaKGG1X88tg9XcBE/UePZYDphdQrvrH5iXy22z4oA7U2rNdu1dK7v bij0GBTqvY9hbtQil3duKjVtLJWjGUg5v2zVoZzrgpCV3BLpG0tDDKlFFhighvG/ o/BGyP1F70ibsjqiH+F7jmTE3qT0Xx2Tas6ROUJesUR7XYyPrJdU7LvYCnwOWZiO owSHz5EK8hwZ5XgwO2xKICZxLe/JqRl0kaWtrHWwFPPWCY+02n45xH7x+2kdR31c ZZUR/O/fbW21HteMnkt2TKAOr78T2p9PNXi5VOMizC4ErDgXi1jY2AXI/EmupAHL zSaoMw09kvoAXA== -----END CERTIFICATE-----Generated at Sun Dec 21 03:07:13 2025 by rpki-client