This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json) Hash identifier: MjxzYALXU+PmfdZsdxZNl3wN0m+Le31QK4FU+DwkB58= Subject key identifier: A2:3D:0F:09:4F:00:0B:27:86:E8:3F:E2:28:29:BB:36:20:D8:DC:9C Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Certificate serial: 019B3F7F08E4455F230EE43FC482BE4E7247 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft Manifest number: 0F6B Signing time: Sun 21 Dec 2025 06:00:48 +0000 Manifest this update: Sun 21 Dec 2025 06:00:48 +0000 Manifest next update: Mon 22 Dec 2025 06:00:48 +0000 Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: 63EL4EUSZKWOI2cG8j0Hyzf5wC9Yxd7vAN+CnpC9Tfw=) 2: vKn82l16VjLcws3vWmstSLyeRWc.roa (hash: 69t8lHqeYhq+/2Zvm3uALN86FxM4aXQbhwTdxmIef8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:08:e4:45:5f:23:0e:e4:3f:c4:82:be:4e:72:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Validity Not Before: Dec 21 06:00:48 2025 GMT Not After : Dec 22 06:00:48 2025 GMT Subject: CN=a23d0f094f000b2786e83fe22829bb3620d8dc9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:29:80:e8:ad:59:b3:33:3b:22:90:67:8a:64: dd:ae:62:0b:0c:5b:6b:bd:e7:ee:6d:e1:b6:e5:95: 16:cd:11:6b:a9:3f:2a:75:7f:27:5c:5b:25:c4:ec: 23:bc:9b:08:11:15:72:15:16:f4:40:80:9d:ac:6e: 37:bd:2a:49:02:f8:48:80:75:74:8a:38:29:8f:7f: e3:26:e1:97:21:f9:fa:6e:33:ed:d4:ae:ee:46:90: e5:e6:18:a7:34:ba:01:d2:33:ab:09:b9:9b:4f:2a: 30:89:b0:08:13:6b:d5:c9:c1:7c:ae:13:e4:45:c7: b7:37:c9:eb:c9:13:de:5b:8b:24:80:f6:ff:00:d4: d7:e4:a1:2c:b7:4d:e9:2b:43:d2:bc:2b:b5:23:28: 6a:f4:3d:dc:6c:ef:92:1b:06:d3:87:1e:52:03:09: dc:e6:63:e3:05:86:bd:a6:d3:4a:ea:30:3c:34:06: 59:00:68:29:e5:a6:f6:ae:12:70:48:11:33:e2:84: f2:4c:01:37:12:51:91:8d:c6:ca:7e:77:25:87:7d: cc:5a:e2:97:d6:24:21:4a:31:26:94:dd:49:b6:b7: 4d:7c:69:cb:f8:b3:bf:8d:3c:e9:d7:45:c4:17:8a: 8b:53:26:50:1f:80:7d:fb:da:33:ec:7d:d6:8f:16: b2:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:3D:0F:09:4F:00:0B:27:86:E8:3F:E2:28:29:BB:36:20:D8:DC:9C X509v3 Authority Key Identifier: keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:db:fe:2a:1a:25:e4:28:61:70:55:4a:bf:c0:47:3e:af:45: 1f:db:0a:4a:d1:42:88:55:23:8b:50:c8:cb:6c:5c:9f:ea:17: 9a:52:63:b1:f3:31:5a:c9:3d:25:bf:d6:6e:40:ee:15:db:ca: b2:7d:43:f4:bc:af:9d:cb:5b:d0:70:55:aa:a0:28:ac:c7:2e: 9b:19:53:2a:56:83:93:9d:3c:31:98:be:a5:fc:98:c2:4e:98: 4c:52:3d:12:5e:7f:87:19:4f:ac:ba:27:a9:df:ab:8c:8f:99: fc:9c:2c:34:7d:52:40:3b:44:95:09:fe:dc:6e:a7:53:17:4f: 38:02:70:30:53:43:a3:1e:fc:ca:05:29:26:6a:1a:ca:b6:7d: 33:58:c9:d7:fc:fc:a6:29:f8:4b:d5:ab:fa:98:58:41:42:9a: 1c:29:14:9e:b2:ec:58:cd:1e:c9:f1:3a:1f:15:95:93:d2:3d: e1:6d:6c:ae:a6:58:67:a8:29:a7:ea:ba:56:a0:bc:3b:af:1d: 75:6d:c1:0c:8a:1d:61:a4:04:76:7a:76:ac:cb:c5:89:2b:ae: 3f:d8:00:fe:92:01:8a:23:e8:71:bd:ce:7d:06:62:ed:8d:69: aa:b5:1b:d5:e3:de:d4:2f:07:bb:04:3f:e6:09:d3:fc:0a:de: 26:dd:a9:8c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/fwjkRV8jDuQ/xIK+TnJHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk ZGM3ZGYwHhcNMjUxMjIxMDYwMDQ4WhcNMjUxMjIyMDYwMDQ4WjAzMTEwLwYDVQQD EyhhMjNkMGYwOTRmMDAwYjI3ODZlODNmZTIyODI5YmIzNjIwZDhkYzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCmA6K1ZszM7IpBnimTdrmILDFtr vefubeG25ZUWzRFrqT8qdX8nXFslxOwjvJsIERVyFRb0QICdrG43vSpJAvhIgHV0 ijgpj3/jJuGXIfn6bjPt1K7uRpDl5hinNLoB0jOrCbmbTyowibAIE2vVycF8rhPk Rce3N8nryRPeW4skgPb/ANTX5KEst03pK0PSvCu1Iyhq9D3cbO+SGwbThx5SAwnc 5mPjBYa9ptNK6jA8NAZZAGgp5ab2rhJwSBEz4oTyTAE3ElGRjcbKfnclh33MWuKX 1iQhSjEmlN1JtrdNfGnL+LO/jTzp10XEF4qLUyZQH4B9+9oz7H3WjxayJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKI9DwlPAAsnhug/4igpuzYg2NycMB8GA1UdIwQY MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1 LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAitv+Khol 5ChhcFVKv8BHPq9FH9sKStFCiFUji1DIy2xcn+oXmlJjsfMxWsk9Jb/WbkDuFdvK sn1D9Lyvnctb0HBVqqAorMcumxlTKlaDk508MZi+pfyYwk6YTFI9El5/hxlPrLon qd+rjI+Z/JwsNH1SQDtElQn+3G6nUxdPOAJwMFNDox78ygUpJmoayrZ9M1jJ1/z8 pin4S9Wr+phYQUKaHCkUnrLsWM0eyfE6HxWVk9I94W1srqZYZ6gpp+q6VqC8O68d dW3BDIodYaQEdnp2rMvFiSuuP9gA/pIBiiPocb3OfQZi7Y1pqrUb1ePe1C8HuwQ/ 5gnT/AreJt2pjA== -----END CERTIFICATE-----Generated at Sun Dec 21 09:00:26 2025 by rpki-client