This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft File: iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft (raw, json) Hash identifier: gUF7O2LY93pHJLsD4+tlmQKUnuRi6qFEJEcXZ7aS6eE= Subject key identifier: FF:C0:F1:9A:EF:E1:8E:ED:FF:48:56:38:77:CB:E7:84:A7:D9:0B:2C Authority key identifier: 88:5C:09:52:2F:63:5F:CA:FA:29:BC:EB:AC:72:C8:94:E4:FF:EE:D2 Certificate issuer: /CN=885c09522f635fcafa29bcebac72c894e4ffeed2 Certificate serial: 019B3AFD3EC766414DC18B70AA419FDDD95C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFwJUi9jX8r6KbzrrHLIlOT_7tI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft Manifest number: 023A Signing time: Sat 20 Dec 2025 09:00:33 +0000 Manifest this update: Sat 20 Dec 2025 09:00:33 +0000 Manifest next update: Sun 21 Dec 2025 09:00:33 +0000 Files and hashes: 1: XcIL6Sukfm7k1AWtWl445xp4QV0.roa (hash: 4UDRmx72tIl2+y56n6Ye2uGR21iaVE2WkWXR6GxV+6Y=) 2: iFwJUi9jX8r6KbzrrHLIlOT_7tI.crl (hash: Xwo/TO7riZdiS6srVlXRRtJXvvPaHRwAfSZyixE8kXs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.crl rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft rsync://rpki.ripe.net/repository/DEFAULT/iFwJUi9jX8r6KbzrrHLIlOT_7tI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:3e:c7:66:41:4d:c1:8b:70:aa:41:9f:dd:d9:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885c09522f635fcafa29bcebac72c894e4ffeed2 Validity Not Before: Dec 20 09:00:33 2025 GMT Not After : Dec 21 09:00:33 2025 GMT Subject: CN=ffc0f19aefe18eedff48563877cbe784a7d90b2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:dd:7f:bc:87:5e:4f:fb:72:9b:af:68:32:9c: 29:22:5f:7d:cf:7f:b6:36:3a:fa:c5:15:7a:33:62: ed:da:f2:70:70:c9:22:1d:a3:a6:69:99:fb:22:b9: 7c:83:ab:76:cf:1f:a0:4b:bd:64:f7:bb:e2:63:71: 21:6d:07:04:e4:fc:08:41:31:cc:10:73:8f:d6:c7: 97:79:b0:3f:0f:f8:9d:8d:fb:a0:10:cd:36:18:c3: dc:43:96:2d:cf:ca:30:a8:bc:b3:21:2f:ba:7f:c9: d6:51:f2:c5:7f:70:a7:33:d1:b8:7a:ad:0d:a5:99: a8:53:a5:54:98:4d:ea:35:40:eb:60:fb:1b:ff:10: 53:a1:2a:c9:35:d9:39:6b:ac:e6:55:af:b5:3c:1c: f5:e8:13:3a:c9:aa:c0:63:d1:d3:f4:e0:7b:fd:a6: 75:a5:98:52:85:76:09:07:ae:44:de:c4:c9:6b:6c: b4:bb:83:c4:d9:1c:a8:2c:98:be:1c:4c:bc:42:e0: f9:b5:f4:56:25:f1:3b:29:05:20:bc:b4:a5:ee:8f: 86:60:dc:4b:9c:b4:3a:0f:93:d9:89:bc:1c:5d:c3: d9:c4:9a:e7:e7:74:63:a8:c7:0e:db:2b:cf:6f:65: 8e:27:bb:c2:43:ef:eb:10:9d:2d:70:b5:f5:5e:27: 25:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:C0:F1:9A:EF:E1:8E:ED:FF:48:56:38:77:CB:E7:84:A7:D9:0B:2C X509v3 Authority Key Identifier: keyid:88:5C:09:52:2F:63:5F:CA:FA:29:BC:EB:AC:72:C8:94:E4:FF:EE:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFwJUi9jX8r6KbzrrHLIlOT_7tI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a02c08-f31b-48c5-ad47-f83b8d04087c/1/iFwJUi9jX8r6KbzrrHLIlOT_7tI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:00:bd:da:b3:af:fd:d9:9a:11:1c:f8:d4:fc:b5:9d:9a:f0: 3b:e1:29:1d:41:1f:98:4c:18:64:36:b6:dc:91:a9:ee:2d:66: 71:da:02:84:8a:3c:e3:bd:47:06:a6:fc:e9:cd:3e:a4:15:f5: 0d:ea:30:f1:12:98:99:12:32:e6:ef:30:96:d7:1e:d3:27:43: 83:ae:27:33:df:76:23:be:e7:04:e1:cd:77:bd:eb:36:07:99: ec:61:dc:68:03:69:a8:71:f8:ba:37:c3:35:f0:ca:d2:43:68: bf:d1:5a:7c:45:7d:ee:80:19:67:7b:7e:73:32:5b:f4:0e:cb: 86:f8:91:48:69:eb:2c:78:4a:11:c5:3a:f3:9f:17:45:4e:c6: 50:4c:69:51:1e:64:99:b2:51:af:af:a0:41:41:98:0a:1e:bc: 3e:92:fb:76:1a:66:98:6b:d3:95:5f:49:dd:99:2d:b9:ab:e0: d1:6f:8b:f9:f8:69:0b:5c:97:3e:ad:02:84:56:7f:0e:69:10: b6:ca:b4:cc:2e:36:35:b1:da:f4:e7:eb:85:7b:c6:d7:ef:ce: 58:13:3d:6d:40:83:b6:55:36:a0:b2:b1:f1:11:bb:01:fd:01: 20:7f:96:7e:1a:48:be:8f:cb:36:9e:91:6e:85:ef:7c:70:12: 23:54:8e:57 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/T7HZkFNwYtwqkGf3dlcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWMwOTUyMmY2MzVmY2FmYTI5YmNlYmFjNzJjODk0ZTRm ZmVlZDIwHhcNMjUxMjIwMDkwMDMzWhcNMjUxMjIxMDkwMDMzWjAzMTEwLwYDVQQD EyhmZmMwZjE5YWVmZTE4ZWVkZmY0ODU2Mzg3N2NiZTc4NGE3ZDkwYjJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t1/vIdeT/tym69oMpwpIl99z3+2 Njr6xRV6M2Lt2vJwcMkiHaOmaZn7Irl8g6t2zx+gS71k97viY3EhbQcE5PwIQTHM EHOP1seXebA/D/idjfugEM02GMPcQ5Ytz8owqLyzIS+6f8nWUfLFf3CnM9G4eq0N pZmoU6VUmE3qNUDrYPsb/xBToSrJNdk5a6zmVa+1PBz16BM6yarAY9HT9OB7/aZ1 pZhShXYJB65E3sTJa2y0u4PE2RyoLJi+HEy8QuD5tfRWJfE7KQUgvLSl7o+GYNxL nLQ6D5PZibwcXcPZxJrn53RjqMcO2yvPb2WOJ7vCQ+/rEJ0tcLX1XiclQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP/A8Zrv4Y7t/0hWOHfL54Sn2QssMB8GA1UdIwQY MBaAFIhcCVIvY1/K+im866xyyJTk/+7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ3SlVpOWpYOHI2S2J6cnJITElsT1RfN3RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hMDJjMDgtZjMxYi00OGM1LWFkNDct ZjgzYjhkMDQwODdjLzEvaUZ3SlVpOWpYOHI2S2J6cnJITElsT1RfN3RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9hMDJjMDgtZjMxYi00OGM1LWFkNDctZjgzYjhkMDQwODdj LzEvaUZ3SlVpOWpYOHI2S2J6cnJITElsT1RfN3RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQC92rOv /dmaERz41Py1nZrwO+EpHUEfmEwYZDa23JGp7i1mcdoChIo8471HBqb86c0+pBX1 Deow8RKYmRIy5u8wltce0ydDg64nM992I77nBOHNd73rNgeZ7GHcaANpqHH4ujfD NfDK0kNov9FafEV97oAZZ3t+czJb9A7LhviRSGnrLHhKEcU6858XRU7GUExpUR5k mbJRr6+gQUGYCh68PpL7dhpmmGvTlV9J3Zktuavg0W+L+fhpC1yXPq0ChFZ/DmkQ tsq0zC42NbHa9OfrhXvG1+/OWBM9bUCDtlU2oLKx8RG7Af0BIH+WfhpIvo/LNp6R boXvfHASI1SOVw== -----END CERTIFICATE-----Generated at Sat Dec 20 13:01:42 2025 by rpki-client