This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/iOpSVfiNS5VxicFC-KxWgcUMaKY.mft File: iOpSVfiNS5VxicFC-KxWgcUMaKY.mft (raw, json) Hash identifier: D3X9O+oouAOEmhD0228tAgYQO15Xxh1qVM6LkpSUeW4= Subject key identifier: 8F:D2:16:B1:0A:19:82:2D:2E:90:13:E3:06:9C:5F:DC:75:21:D5:BE Authority key identifier: 88:EA:52:55:F8:8D:4B:95:71:89:C1:42:F8:AC:56:81:C5:0C:68:A6 Certificate issuer: /CN=88ea5255f88d4b957189c142f8ac5681c50c68a6 Certificate serial: 019B51F35EB4DCCC8081B5273383F67586DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOpSVfiNS5VxicFC-KxWgcUMaKY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/iOpSVfiNS5VxicFC-KxWgcUMaKY.mft Manifest number: 0A18 Signing time: Wed 24 Dec 2025 20:01:02 +0000 Manifest this update: Wed 24 Dec 2025 20:01:02 +0000 Manifest next update: Thu 25 Dec 2025 20:01:02 +0000 Files and hashes: 1: AhbInrBuBxUhLDDb6t4H_dnP0SQ.roa (hash: LnUMs+GFvbcxwBQi1CgG4kL2ZNmGdakKt42fC58+8no=) 2: iOpSVfiNS5VxicFC-KxWgcUMaKY.crl (hash: 2eSn7HrsjQhJ8FGK+Vi+Zmg882ufVHRLO5mMvxRV9VM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/iOpSVfiNS5VxicFC-KxWgcUMaKY.crl rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/iOpSVfiNS5VxicFC-KxWgcUMaKY.mft rsync://rpki.ripe.net/repository/DEFAULT/iOpSVfiNS5VxicFC-KxWgcUMaKY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:f3:5e:b4:dc:cc:80:81:b5:27:33:83:f6:75:86:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88ea5255f88d4b957189c142f8ac5681c50c68a6 Validity Not Before: Dec 24 20:01:02 2025 GMT Not After : Dec 25 20:01:02 2025 GMT Subject: CN=8fd216b10a19822d2e9013e3069c5fdc7521d5be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ad:85:de:89:11:91:ce:83:f6:5b:da:2a:a0: 20:e5:3b:e1:95:c8:b5:2d:40:ea:96:28:8a:1f:5f: ae:bf:09:72:27:4d:0b:a2:22:a4:20:bc:e6:13:a5: 94:28:b0:30:6b:27:c3:9c:ea:7d:a7:ab:9b:06:61: 38:00:bb:17:40:61:64:cd:16:4b:6c:66:44:31:d7: 1d:07:34:0d:ce:19:1e:9f:f6:05:aa:cb:08:2f:2a: 97:4d:cc:f8:f7:39:3c:1c:5f:92:60:f1:18:d9:26: 49:96:61:83:fd:9f:4d:92:a6:ca:f7:28:98:4d:79: db:c2:a1:2b:d3:85:e9:b2:3b:cd:48:26:fa:d4:19: 8b:ab:62:48:56:1f:61:7e:d6:27:8c:a0:09:6b:2d: 50:84:58:7d:4e:a4:50:fe:74:f8:fc:c3:d0:78:28: a6:ae:f9:95:96:8d:6f:53:7e:6c:96:27:e7:87:aa: 8e:31:08:3b:a5:dc:62:03:c9:c4:04:db:b3:af:3c: ad:5b:2e:09:32:b7:54:a2:51:c8:7d:bc:08:e0:3c: 41:d9:08:05:0d:e3:d6:5d:5b:fb:ca:a3:b0:9a:19: d2:af:84:a7:6d:cc:b6:a0:44:7e:21:ce:82:b8:2f: 85:a3:68:ab:50:ba:4a:dc:2f:79:45:7d:eb:4e:44: 69:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:D2:16:B1:0A:19:82:2D:2E:90:13:E3:06:9C:5F:DC:75:21:D5:BE X509v3 Authority Key Identifier: keyid:88:EA:52:55:F8:8D:4B:95:71:89:C1:42:F8:AC:56:81:C5:0C:68:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOpSVfiNS5VxicFC-KxWgcUMaKY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/iOpSVfiNS5VxicFC-KxWgcUMaKY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/iOpSVfiNS5VxicFC-KxWgcUMaKY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:58:25:bd:22:0e:a7:ef:7e:a3:92:46:da:cb:97:14:98:e8: 18:a3:6a:68:44:a5:42:b4:2c:fa:e8:cc:2f:55:bb:61:cc:68: 7b:67:80:fb:a7:13:56:9b:d1:a8:88:de:75:47:ff:13:a5:4d: 4a:1e:e5:fb:71:e5:fb:00:3a:9b:f3:dd:28:17:04:e5:9c:3d: 0d:e0:11:39:97:c4:8f:fa:95:3d:d6:e1:df:14:8c:f5:1a:43: f0:c3:fe:f6:03:fd:f2:b0:a1:a8:02:ca:de:eb:de:2f:5e:4e: e3:ac:d4:f5:57:48:80:24:28:4d:30:da:df:38:35:8b:e4:01: 95:2f:1b:52:24:28:33:01:f5:1c:53:50:33:46:8c:c4:eb:57: 97:57:9b:09:de:c3:94:99:be:97:f1:dc:c4:a6:a3:7d:02:d3: 6e:24:2a:18:f8:56:99:ce:5d:cf:3e:c2:76:0e:b4:0e:10:1b: 9d:59:de:3a:1d:fe:1f:f9:01:55:a6:77:61:fc:04:b4:f4:d9: 28:e7:93:d6:a9:fa:58:cd:08:16:72:88:28:ab:fb:9c:c5:61: 04:60:fc:87:35:b8:ba:a1:6a:77:31:3b:3d:1e:6b:4b:af:de: 20:2b:8b:e1:7a:55:4f:7a:6e:95:40:d2:9e:ed:04:46:8e:02: cc:04:b5:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtR81603MyAgbUnM4P2dYbcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ZWE1MjU1Zjg4ZDRiOTU3MTg5YzE0MmY4YWM1NjgxYzUw YzY4YTYwHhcNMjUxMjI0MjAwMTAyWhcNMjUxMjI1MjAwMTAyWjAzMTEwLwYDVQQD Eyg4ZmQyMTZiMTBhMTk4MjJkMmU5MDEzZTMwNjljNWZkYzc1MjFkNWJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa2F3okRkc6D9lvaKqAg5Tvhlci1 LUDqliiKH1+uvwlyJ00LoiKkILzmE6WUKLAwayfDnOp9p6ubBmE4ALsXQGFkzRZL bGZEMdcdBzQNzhken/YFqssILyqXTcz49zk8HF+SYPEY2SZJlmGD/Z9NkqbK9yiY TXnbwqEr04XpsjvNSCb61BmLq2JIVh9hftYnjKAJay1QhFh9TqRQ/nT4/MPQeCim rvmVlo1vU35slifnh6qOMQg7pdxiA8nEBNuzrzytWy4JMrdUolHIfbwI4DxB2QgF DePWXVv7yqOwmhnSr4Snbcy2oER+Ic6CuC+Fo2irULpK3C95RX3rTkRp7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI/SFrEKGYItLpAT4wacX9x1IdW+MB8GA1UdIwQY MBaAFIjqUlX4jUuVcYnBQvisVoHFDGimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaU9wU1ZmaU5TNVZ4aWNGQy1LeFdnY1VNYUtZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iYjg3MjctNzhmNy00MDFmLTkzMzkt ZTdjZTI2ODg0YmU2LzEvaU9wU1ZmaU5TNVZ4aWNGQy1LeFdnY1VNYUtZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9iYjg3MjctNzhmNy00MDFmLTkzMzktZTdjZTI2ODg0YmU2 LzEvaU9wU1ZmaU5TNVZ4aWNGQy1LeFdnY1VNYUtZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv1glvSIO p+9+o5JG2suXFJjoGKNqaESlQrQs+ujML1W7Ycxoe2eA+6cTVpvRqIjedUf/E6VN Sh7l+3Hl+wA6m/PdKBcE5Zw9DeAROZfEj/qVPdbh3xSM9RpD8MP+9gP98rChqALK 3uveL15O46zU9VdIgCQoTTDa3zg1i+QBlS8bUiQoMwH1HFNQM0aMxOtXl1ebCd7D lJm+l/HcxKajfQLTbiQqGPhWmc5dzz7Cdg60DhAbnVneOh3+H/kBVaZ3YfwEtPTZ KOeT1qn6WM0IFnKIKKv7nMVhBGD8hzW4uqFqdzE7PR5rS6/eICuL4XpVT3pulUDS nu0ERo4CzAS1hQ== -----END CERTIFICATE-----Generated at Wed Dec 24 21:48:01 2025 by rpki-client