This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.mft File: iQH2c8aw_4g16gL67bpbSc8UIk4.mft (raw, json) Hash identifier: GygAS8LmAcs4fZtcz7sSJDLAEIoH8rC0xM7CaD23myY= Subject key identifier: 9C:44:8E:AB:09:24:78:35:AF:42:14:39:04:26:34:A8:E8:A4:5F:55 Authority key identifier: 89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E Certificate issuer: /CN=8901f673c6b0ff8835ea02faedba5b49cf14224e Certificate serial: 019B435BD6CC97402DDFB48DB626C3DFD3EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.mft Manifest number: 0E2A Signing time: Mon 22 Dec 2025 00:00:50 +0000 Manifest this update: Mon 22 Dec 2025 00:00:50 +0000 Manifest next update: Tue 23 Dec 2025 00:00:50 +0000 Files and hashes: 1: LwODeFlTbNm331VlQw3cZjyD1Sg.roa (hash: 6xKklCkI+s1DbuNSCG9T6RXJeAeTq1fLNQfBDhNCOAU=) 2: iQH2c8aw_4g16gL67bpbSc8UIk4.crl (hash: aY/2ijDaQzRvvwm0xkMFeWcttX5okVfT7fjEbdZGzCo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.mft rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:5b:d6:cc:97:40:2d:df:b4:8d:b6:26:c3:df:d3:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8901f673c6b0ff8835ea02faedba5b49cf14224e Validity Not Before: Dec 22 00:00:50 2025 GMT Not After : Dec 23 00:00:50 2025 GMT Subject: CN=9c448eab09247835af421439042634a8e8a45f55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3f:08:bf:2a:1a:5d:77:24:86:18:44:2c:64: 6b:48:6f:d3:ff:db:ef:a0:a8:31:6a:55:9c:20:67: a4:96:3b:5f:dd:a8:f7:e2:02:ff:f7:23:82:7c:6b: 22:ac:27:2c:81:64:58:42:91:57:8c:b4:af:77:e9: bb:97:43:e0:71:6e:8e:b7:e6:f9:98:5c:a7:d7:8c: f8:45:b9:98:2a:b3:d0:f9:b7:06:19:27:29:3c:01: 09:40:9c:79:a8:84:63:4f:6b:1b:11:12:3b:1b:32: 7e:fd:b0:11:2b:c2:40:3f:2d:ef:95:47:69:f1:f8: 4a:91:20:52:a1:8f:7a:31:0a:67:53:1a:b7:14:fa: 4b:55:86:cf:b9:73:f1:a9:0b:3a:5e:18:13:33:82: 72:d8:21:c6:85:3d:25:b8:2a:29:5a:9f:e3:4b:dc: 13:4c:e7:8c:a6:52:21:c4:f5:5b:94:54:c9:8d:2c: 7f:de:44:c5:6b:fa:12:db:fa:19:5e:35:b8:84:7f: 68:6b:01:8a:c9:75:86:65:98:94:15:6f:27:ff:a7: e7:8b:f2:b9:9e:36:71:99:d4:a2:10:70:99:3f:d9: 1d:fe:2b:af:ff:aa:e3:f3:8c:c2:ce:c6:53:5d:dc: 67:73:ec:0e:85:a9:67:e2:f1:27:68:c8:2b:5b:29: d0:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:44:8E:AB:09:24:78:35:AF:42:14:39:04:26:34:A8:E8:A4:5F:55 X509v3 Authority Key Identifier: keyid:89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:17:da:57:57:58:de:b3:3f:1d:de:fb:9a:aa:af:b1:52:ca: f3:df:dd:86:b1:98:b0:e6:6a:a3:62:ec:f5:ff:73:37:6e:7b: 63:41:9e:50:8a:ed:d9:7b:a7:33:e2:10:ab:3c:2e:e8:ea:61: 0b:e6:2b:82:2a:10:18:c7:57:2f:86:2d:fa:98:7a:7e:35:28: 9a:d1:5e:d2:45:6c:35:eb:b0:82:7f:5a:fb:cf:cd:4c:bc:f0: e6:4d:d9:64:3b:04:91:28:b1:5a:35:a5:a2:bb:b9:1d:61:f2: da:22:da:4f:85:24:83:4d:a1:2b:c6:65:46:bb:3d:4f:a0:77: 7c:b3:d3:ac:12:8d:41:86:5c:33:f2:d2:77:f9:b2:3e:d7:9b: b1:80:dc:ab:3d:fd:cf:14:20:01:a4:41:4d:5d:c8:13:3b:57: cf:60:15:4e:80:dc:10:0a:7b:c1:3d:ca:d9:f3:a8:4d:ae:ff: a3:8a:1c:97:14:bb:25:69:22:e7:54:d5:94:b7:92:ea:56:08: e1:1c:bf:5f:64:0f:ce:82:9e:ab:5e:97:81:7f:34:af:32:3b: 77:58:fd:6c:19:61:a8:4e:89:46:51:04:aa:8c:ab:d6:79:04: 09:7c:0a:e3:ac:d8:5b:0a:19:e7:ab:d9:09:aa:d0:40:e7:10: e1:4f:18:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDW9bMl0At37SNtibD39PuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5MDFmNjczYzZiMGZmODgzNWVhMDJmYWVkYmE1YjQ5Y2Yx NDIyNGUwHhcNMjUxMjIyMDAwMDUwWhcNMjUxMjIzMDAwMDUwWjAzMTEwLwYDVQQD Eyg5YzQ0OGVhYjA5MjQ3ODM1YWY0MjE0MzkwNDI2MzRhOGU4YTQ1ZjU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz8IvyoaXXckhhhELGRrSG/T/9vv oKgxalWcIGekljtf3aj34gL/9yOCfGsirCcsgWRYQpFXjLSvd+m7l0PgcW6Ot+b5 mFyn14z4RbmYKrPQ+bcGGScpPAEJQJx5qIRjT2sbERI7GzJ+/bARK8JAPy3vlUdp 8fhKkSBSoY96MQpnUxq3FPpLVYbPuXPxqQs6XhgTM4Jy2CHGhT0luCopWp/jS9wT TOeMplIhxPVblFTJjSx/3kTFa/oS2/oZXjW4hH9oawGKyXWGZZiUFW8n/6fni/K5 njZxmdSiEHCZP9kd/iuv/6rj84zCzsZTXdxnc+wOhaln4vEnaMgrWynQaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJxEjqsJJHg1r0IUOQQmNKjopF9VMB8GA1UdIwQY MBaAFIkB9nPGsP+INeoC+u26W0nPFCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9jMmJhMTAtMjBlZC00ZThjLWI3NmMt NTNjNGQ1NzYyZDFhLzEvaVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi9jMmJhMTAtMjBlZC00ZThjLWI3NmMtNTNjNGQ1NzYyZDFh LzEvaVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBfaV1dY 3rM/Hd77mqqvsVLK89/dhrGYsOZqo2Ls9f9zN257Y0GeUIrt2XunM+IQqzwu6Oph C+YrgioQGMdXL4Yt+ph6fjUomtFe0kVsNeuwgn9a+8/NTLzw5k3ZZDsEkSixWjWl oru5HWHy2iLaT4Ukg02hK8ZlRrs9T6B3fLPTrBKNQYZcM/LSd/myPtebsYDcqz39 zxQgAaRBTV3IEztXz2AVToDcEAp7wT3K2fOoTa7/o4oclxS7JWki51TVlLeS6lYI 4Ry/X2QPzoKeq16XgX80rzI7d1j9bBlhqE6JRlEEqoyr1nkECXwK46zYWwoZ56vZ CarQQOcQ4U8YoA== -----END CERTIFICATE-----Generated at Mon Dec 22 03:53:24 2025 by rpki-client