This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft File: IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft (raw, json) Hash identifier: FUUJC0gbsF3fDOFLopLNC0gZuHfSJb8zRuOiohlT1IY= Subject key identifier: 39:0B:86:FA:0C:AA:92:F2:0C:E7:4E:43:3F:9B:4C:2B:0C:8D:BA:FC Authority key identifier: 22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34 Certificate issuer: /CN=229a038176c796ea4f2769f6be3cace1a3597634 Certificate serial: 019B6BE9AEF09BFB2F38B21C51FC96C15115 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft Manifest number: 17A1 Signing time: Mon 29 Dec 2025 21:00:35 +0000 Manifest this update: Mon 29 Dec 2025 21:00:35 +0000 Manifest next update: Tue 30 Dec 2025 21:00:35 +0000 Files and hashes: 1: Hix749q65sYikumyIiO2w3pF6Ac.roa (hash: N0R4AArriY/KzHOEs+CuI34MlSMnkBHaO9k0W7jdIBQ=) 2: IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl (hash: k7UHcQqWfw/u3NqE81GlLsGi6sAEAnlqeuOUPr75a2E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 21:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:e9:ae:f0:9b:fb:2f:38:b2:1c:51:fc:96:c1:51:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=229a038176c796ea4f2769f6be3cace1a3597634 Validity Not Before: Dec 29 21:00:35 2025 GMT Not After : Dec 30 21:00:35 2025 GMT Subject: CN=390b86fa0caa92f20ce74e433f9b4c2b0c8dbafc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:61:f3:72:42:7a:44:a1:5a:b4:00:3a:f7:75: e1:22:cf:d8:18:59:ef:08:1e:a6:0a:0e:a7:cc:20: b9:33:cc:bc:e1:35:78:60:20:be:a0:26:8b:cf:15: 7f:52:91:5e:e5:d7:c8:2f:eb:12:eb:24:3f:c9:31: 98:a1:2a:d5:1b:e9:cd:8b:f6:a5:d2:e0:31:19:09: 64:85:83:2b:63:b1:fb:ba:a1:db:cd:9b:f6:78:a5: eb:e7:c8:5b:47:39:b4:1a:f7:a8:79:ed:82:4d:eb: 94:8e:04:02:ca:0c:b7:a1:48:b7:e5:bf:36:4b:38: a0:4e:01:fe:3f:7f:53:e6:1b:75:76:5f:86:41:65: b3:be:a0:0d:2e:84:c8:53:dc:79:6b:58:d2:94:5c: 29:f0:da:04:ea:7b:3f:c4:80:8b:37:f3:c6:71:36: 6e:fe:6e:3e:b3:cb:78:00:50:59:ef:82:90:18:d4: fa:c3:fc:f6:cf:ba:85:c7:c5:9a:23:82:ca:c2:c4: c8:02:4b:7e:c9:43:45:2a:e5:b4:af:02:bb:08:e6: 71:70:5a:cc:ad:29:ee:1a:05:2b:08:65:6d:be:72: 91:a2:3c:85:7a:a6:8b:9e:1d:ba:ba:fd:13:3c:66: 55:01:38:e1:e8:d8:ea:d0:5a:52:8c:9c:f8:6e:30: 91:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:0B:86:FA:0C:AA:92:F2:0C:E7:4E:43:3F:9B:4C:2B:0C:8D:BA:FC X509v3 Authority Key Identifier: keyid:22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:c9:21:a8:05:c6:70:d7:d4:69:11:b6:6c:f5:c0:43:79:42: 45:78:51:64:31:f4:ff:c3:92:ec:d1:40:e4:04:21:83:fc:9c: b5:e8:bc:ac:44:c2:30:78:d5:a4:7d:40:a5:78:65:72:73:f2: 0d:44:98:7c:5a:db:28:c9:7f:5c:9e:91:06:de:0f:37:ed:51: 3a:91:6b:90:c1:b1:80:b6:3a:ed:d3:a2:d7:b3:42:bd:eb:7a: 64:15:79:31:7d:80:60:5e:00:29:6a:90:58:8f:36:e7:47:76: 52:ba:15:e4:54:bb:8c:95:27:f7:5f:ca:31:be:ff:4a:10:da: 1e:6e:1e:84:46:54:16:54:f1:0e:d0:6d:23:8b:3f:b1:04:52: d8:1a:e6:46:05:74:38:e1:ce:ec:6c:84:95:f6:e0:4f:d2:d8: 68:46:51:9c:a5:d9:83:f7:a9:21:c4:ed:9d:90:fe:02:89:17: 7d:04:33:19:ea:b4:bd:32:c8:f3:c5:c8:9a:3a:30:31:92:db: a4:01:46:52:ce:15:5c:a2:66:a9:ac:d4:63:8a:36:ba:fc:f5: 50:9f:a4:16:21:b5:18:b2:4e:70:2b:86:cf:1d:f4:4b:91:ed: a6:0d:e5:c8:b4:7c:00:f9:ea:d3:de:52:f5:0f:54:3f:19:cc: 17:d1:72:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtr6a7wm/svOLIcUfyWwVEVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyOWEwMzgxNzZjNzk2ZWE0ZjI3NjlmNmJlM2NhY2UxYTM1 OTc2MzQwHhcNMjUxMjI5MjEwMDM1WhcNMjUxMjMwMjEwMDM1WjAzMTEwLwYDVQQD EygzOTBiODZmYTBjYWE5MmYyMGNlNzRlNDMzZjliNGMyYjBjOGRiYWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGHzckJ6RKFatAA693XhIs/YGFnv CB6mCg6nzCC5M8y84TV4YCC+oCaLzxV/UpFe5dfIL+sS6yQ/yTGYoSrVG+nNi/al 0uAxGQlkhYMrY7H7uqHbzZv2eKXr58hbRzm0Gveoee2CTeuUjgQCygy3oUi35b82 SzigTgH+P39T5ht1dl+GQWWzvqANLoTIU9x5a1jSlFwp8NoE6ns/xICLN/PGcTZu /m4+s8t4AFBZ74KQGNT6w/z2z7qFx8WaI4LKwsTIAkt+yUNFKuW0rwK7COZxcFrM rSnuGgUrCGVtvnKRojyFeqaLnh26uv0TPGZVATjh6Njq0FpSjJz4bjCRLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDkLhvoMqpLyDOdOQz+bTCsMjbr8MB8GA1UdIwQY MBaAFCKaA4F2x5bqTydp9r48rOGjWXY0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQt ZGMyMzAxZmJiYjdjLzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQtZGMyMzAxZmJiYjdj LzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgckhqAXG cNfUaRG2bPXAQ3lCRXhRZDH0/8OS7NFA5AQhg/yctei8rETCMHjVpH1ApXhlcnPy DUSYfFrbKMl/XJ6RBt4PN+1ROpFrkMGxgLY67dOi17NCvet6ZBV5MX2AYF4AKWqQ WI8250d2UroV5FS7jJUn91/KMb7/ShDaHm4ehEZUFlTxDtBtI4s/sQRS2BrmRgV0 OOHO7GyElfbgT9LYaEZRnKXZg/epIcTtnZD+AokXfQQzGeq0vTLI88XImjowMZLb pAFGUs4VXKJmqazUY4o2uvz1UJ+kFiG1GLJOcCuGzx30S5Htpg3lyLR8APnq095S 9Q9UPxnMF9FyXg== -----END CERTIFICATE-----Generated at Tue Dec 30 07:11:37 2025 by rpki-client