This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/pI2lIJvWz5DG321-bWOmOVW61LU.mft File: pI2lIJvWz5DG321-bWOmOVW61LU.mft (raw, json) Hash identifier: vlwR/1C1vzYE/Ccj1mFDTQNuAPkmuVIy1aCYHevbnUc= Subject key identifier: A6:BD:6A:80:18:C0:98:E9:98:D9:48:6B:4F:7B:4F:4B:4C:25:B1:BE Authority key identifier: A4:8D:A5:20:9B:D6:CF:90:C6:DF:6D:7E:6D:63:A6:39:55:BA:D4:B5 Certificate issuer: /CN=a48da5209bd6cf90c6df6d7e6d63a63955bad4b5 Certificate serial: 019B446E63966ADBBEBCA172A6AC1BD5828D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pI2lIJvWz5DG321-bWOmOVW61LU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/pI2lIJvWz5DG321-bWOmOVW61LU.mft Manifest number: 0815 Signing time: Mon 22 Dec 2025 05:00:43 +0000 Manifest this update: Mon 22 Dec 2025 05:00:43 +0000 Manifest next update: Tue 23 Dec 2025 05:00:43 +0000 Files and hashes: 1: gZ0yVDfN4vy-eK7OCEPSZaBaBxs.roa (hash: LNpaqhIXeGRj9rxSqG8l9W+yrY/Iu+GRMv3w/Y4Inpo=) 2: pI2lIJvWz5DG321-bWOmOVW61LU.crl (hash: cJ2stW4JDe3On5WmrswYkyGu8BZCz7fdHDCJqr+BTi0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/pI2lIJvWz5DG321-bWOmOVW61LU.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/pI2lIJvWz5DG321-bWOmOVW61LU.mft rsync://rpki.ripe.net/repository/DEFAULT/pI2lIJvWz5DG321-bWOmOVW61LU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 05:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:6e:63:96:6a:db:be:bc:a1:72:a6:ac:1b:d5:82:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a48da5209bd6cf90c6df6d7e6d63a63955bad4b5 Validity Not Before: Dec 22 05:00:43 2025 GMT Not After : Dec 23 05:00:43 2025 GMT Subject: CN=a6bd6a8018c098e998d9486b4f7b4f4b4c25b1be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:78:83:f2:3b:e3:58:b1:b8:d9:f3:02:6b:02: 9d:de:ef:ab:60:d4:04:d0:36:1b:f9:55:9c:6b:44: c2:3d:f5:c8:c4:65:f6:6f:09:e7:be:62:98:67:c3: c8:1e:cd:c5:c6:bf:27:14:bf:2f:da:6b:ad:d1:7c: 3e:07:5f:d5:86:11:f8:12:59:90:15:b2:95:12:d3: 26:85:1f:4a:9f:f2:bb:fc:36:8c:31:4b:d4:18:b5: f6:cf:89:2f:05:2f:5c:1c:92:38:6a:fd:df:57:44: 86:15:ae:c7:e6:19:67:6f:65:09:07:ef:73:2c:d7: bb:51:f1:02:18:aa:2f:cf:4e:c1:31:dc:51:22:f0: 41:3e:dd:bd:a1:d4:43:ed:97:bf:05:94:14:5c:00: 6a:46:f3:e1:3d:0a:ca:90:14:16:7f:5e:08:28:4c: 86:5c:65:2e:c8:45:d8:33:97:ab:77:a9:fb:5e:4d: 1b:66:6a:9b:5f:e6:b8:4c:bf:e8:40:4d:0c:10:0c: 1f:42:73:03:33:0b:9a:e9:9d:2b:46:1f:30:e8:c3: 7b:a4:fa:c0:e8:af:01:d9:46:60:97:e5:ad:45:7b: a8:ff:9e:20:14:b5:43:d9:85:f3:f9:72:82:5a:4a: 82:c4:10:99:4d:83:96:5f:f5:9a:ad:b9:e5:ed:fc: 6f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:BD:6A:80:18:C0:98:E9:98:D9:48:6B:4F:7B:4F:4B:4C:25:B1:BE X509v3 Authority Key Identifier: keyid:A4:8D:A5:20:9B:D6:CF:90:C6:DF:6D:7E:6D:63:A6:39:55:BA:D4:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pI2lIJvWz5DG321-bWOmOVW61LU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/pI2lIJvWz5DG321-bWOmOVW61LU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/pI2lIJvWz5DG321-bWOmOVW61LU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:ec:7a:6d:f8:a3:3f:ec:a5:72:9f:76:f4:c7:b1:8f:44:de: b9:1b:e2:b9:b6:4f:d6:30:51:c2:1b:5d:4e:a6:f2:52:2c:48: 96:5b:e9:23:15:60:fe:72:e0:97:cc:af:3d:f1:6f:15:2d:da: c8:bd:48:6a:cc:c9:6d:b2:46:be:a7:99:53:db:24:01:57:fe: e1:2f:d2:47:f3:bf:3c:c8:c0:72:1b:0b:45:61:61:df:12:15: dd:97:e4:17:ad:bf:ae:5e:68:3d:57:3f:05:ab:60:d7:c9:17: cd:f1:48:30:e2:d7:cb:a0:d0:6c:20:00:b2:59:b0:ff:60:35: 82:62:d5:f2:aa:c3:d5:20:6c:fa:ce:92:09:1d:53:77:4e:38: e6:bd:de:68:7a:db:59:0e:a2:91:ea:a7:dd:69:16:3e:be:36: 25:e5:de:ba:aa:80:36:c7:01:79:27:4a:d8:55:23:bf:a9:bd: 03:6c:a4:05:cc:52:4c:1e:9d:57:65:e4:56:f9:cb:61:22:e7: 6e:72:64:43:33:f9:4f:79:3d:c0:d4:dd:74:84:e5:21:f2:8e: b5:a7:ac:17:1c:83:6f:1e:7a:9f:d2:12:82:9f:0b:80:5d:e2: ef:3f:e4:16:18:a9:76:a5:02:3b:9d:ea:2d:42:26:83:36:79: 5c:b5:57:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEbmOWatu+vKFypqwb1YKNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0OGRhNTIwOWJkNmNmOTBjNmRmNmQ3ZTZkNjNhNjM5NTVi YWQ0YjUwHhcNMjUxMjIyMDUwMDQzWhcNMjUxMjIzMDUwMDQzWjAzMTEwLwYDVQQD EyhhNmJkNmE4MDE4YzA5OGU5OThkOTQ4NmI0ZjdiNGY0YjRjMjViMWJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuniD8jvjWLG42fMCawKd3u+rYNQE 0DYb+VWca0TCPfXIxGX2bwnnvmKYZ8PIHs3Fxr8nFL8v2mut0Xw+B1/VhhH4ElmQ FbKVEtMmhR9Kn/K7/DaMMUvUGLX2z4kvBS9cHJI4av3fV0SGFa7H5hlnb2UJB+9z LNe7UfECGKovz07BMdxRIvBBPt29odRD7Ze/BZQUXABqRvPhPQrKkBQWf14IKEyG XGUuyEXYM5erd6n7Xk0bZmqbX+a4TL/oQE0MEAwfQnMDMwua6Z0rRh8w6MN7pPrA 6K8B2UZgl+WtRXuo/54gFLVD2YXz+XKCWkqCxBCZTYOWX/Warbnl7fxvSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKa9aoAYwJjpmNlIa097T0tMJbG+MB8GA1UdIwQY MBaAFKSNpSCb1s+Qxt9tfm1jpjlVutS1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEkybElKdld6NURHMzIxLWJXT21PVlc2MUxVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lNjMxYmYtZGU5NS00Y2ZmLWIwZGQt NWNiMmQ3MjU4YjBkLzEvcEkybElKdld6NURHMzIxLWJXT21PVlc2MUxVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC9lNjMxYmYtZGU5NS00Y2ZmLWIwZGQtNWNiMmQ3MjU4YjBk LzEvcEkybElKdld6NURHMzIxLWJXT21PVlc2MUxVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmex6bfij P+ylcp929Mexj0TeuRviubZP1jBRwhtdTqbyUixIllvpIxVg/nLgl8yvPfFvFS3a yL1IaszJbbJGvqeZU9skAVf+4S/SR/O/PMjAchsLRWFh3xIV3ZfkF62/rl5oPVc/ Batg18kXzfFIMOLXy6DQbCAAslmw/2A1gmLV8qrD1SBs+s6SCR1Td0445r3eaHrb WQ6ikeqn3WkWPr42JeXeuqqANscBeSdK2FUjv6m9A2ykBcxSTB6dV2XkVvnLYSLn bnJkQzP5T3k9wNTddITlIfKOtaesFxyDbx56n9ISgp8LgF3i7z/kFhipdqUCO53q LUImgzZ5XLVXTg== -----END CERTIFICATE-----Generated at Mon Dec 22 14:51:04 2025 by rpki-client