This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft File: iW81xeAyGs0CFn3viAfwu29xwo0.mft (raw, json) Hash identifier: lmyuT0u3ijYlrJ23NN0iuODB6Eq14WR4O9KNOY9xeto= Subject key identifier: 44:10:52:91:31:DA:A2:E3:25:D8:CB:59:46:0E:C6:AF:AA:2B:46:CA Authority key identifier: 89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D Certificate issuer: /CN=896f35c5e0321acd02167def8807f0bb6f71c28d Certificate serial: 019B3C7F0640238E2686B3A35FF0598B6CEA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft Manifest number: 134A Signing time: Sat 20 Dec 2025 16:01:56 +0000 Manifest this update: Sat 20 Dec 2025 16:01:56 +0000 Manifest next update: Sun 21 Dec 2025 16:01:56 +0000 Files and hashes: 1: KzxZqybvsz4qWRvLNMoGl_b-dg0.roa (hash: waO3ZFTQ9Kiow9t+yCx6WlAToF1IQKM9UgVqX7Ju9ms=) 2: iW81xeAyGs0CFn3viAfwu29xwo0.crl (hash: giGim+hC96xsqap8q0M9huSPyHECZAIIWGGCYKQNSFI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:06:40:23:8e:26:86:b3:a3:5f:f0:59:8b:6c:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896f35c5e0321acd02167def8807f0bb6f71c28d Validity Not Before: Dec 20 16:01:56 2025 GMT Not After : Dec 21 16:01:56 2025 GMT Subject: CN=4410529131daa2e325d8cb59460ec6afaa2b46ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:7f:29:63:57:26:42:09:d0:81:12:19:6a:d7: 68:33:30:b7:e5:e5:4b:0f:e3:fc:e5:13:e9:6e:95: cd:84:2e:57:65:07:dd:aa:2e:ee:54:04:00:3b:ae: 2d:e1:6e:01:0c:2c:b5:fb:1e:78:5e:4d:e4:23:08: c5:48:14:06:cb:c4:d9:38:40:70:75:e5:5b:ef:63: b8:b0:e0:83:89:64:df:aa:b4:c3:60:95:f3:e2:6d: ba:e5:45:29:e5:a8:11:fc:83:79:5c:be:1f:39:9f: 13:ab:13:ae:c8:ca:21:35:09:a3:de:35:c6:32:45: 6a:9f:e2:75:70:7d:62:98:5d:46:ac:2a:e8:7d:45: a7:eb:fe:1d:f6:6b:88:d2:0e:e8:2a:21:1a:3f:51: fd:8d:f7:5f:da:2f:10:7c:c1:dc:96:ee:ca:cf:29: 46:60:f3:b4:4e:2f:c7:e8:80:57:c6:4c:3a:51:e2: a4:ad:ba:90:03:7a:6f:55:54:46:06:5f:39:05:9f: 55:b2:bd:03:db:9f:0c:2a:89:93:47:8a:99:53:e5: b9:8a:d2:49:30:d6:2c:49:94:c2:d6:36:17:5b:42: c6:e6:05:eb:69:e9:67:9d:cd:e8:d3:4b:23:c0:80: cc:17:c9:58:6a:c5:75:29:68:a7:54:0b:8d:b7:d4: aa:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:10:52:91:31:DA:A2:E3:25:D8:CB:59:46:0E:C6:AF:AA:2B:46:CA X509v3 Authority Key Identifier: keyid:89:6F:35:C5:E0:32:1A:CD:02:16:7D:EF:88:07:F0:BB:6F:71:C2:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW81xeAyGs0CFn3viAfwu29xwo0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/80c4c0-c729-418e-80af-2299a67e6001/1/iW81xeAyGs0CFn3viAfwu29xwo0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:b0:0f:b4:ad:5a:10:d8:01:f0:ed:28:ca:bb:78:0b:2b:a0: 09:a3:35:7e:74:18:d1:61:f2:02:e1:0a:b8:9c:d0:0f:66:52: 44:d9:12:2b:1b:23:c0:c3:0f:6b:34:c6:16:7e:85:04:a5:ac: 00:8c:3d:c4:19:e1:b3:cd:70:9c:74:cd:19:e9:cd:8c:f1:bc: bd:05:1a:96:40:74:a2:99:2d:e2:e1:9d:02:cc:fc:2c:00:bb: a4:84:e5:5c:75:b1:6d:f0:a0:c0:96:28:ad:c3:95:b1:99:78: b1:99:24:3b:bb:98:4e:62:81:17:4d:2d:88:93:e5:af:bb:1e: 9a:0a:df:f1:9d:80:68:f9:7f:2d:e4:31:88:c7:fb:25:bc:55: 13:84:cf:02:99:c4:ba:bc:9c:69:dc:01:b1:36:af:69:a3:8b: 6b:7e:0e:16:d1:0b:65:09:0e:50:7a:8c:28:d1:59:35:57:e2: 5b:c5:de:b9:c0:bb:8d:d1:11:53:ce:61:01:c7:fa:c6:53:e6: 99:ce:f9:cb:02:1b:1b:1f:93:dc:cc:cc:d9:c6:d7:51:9c:45: 60:80:d0:85:ff:e7:27:13:fc:e7:e8:1a:6c:25:81:29:45:2b: 44:41:b0:d5:c7:a2:6e:29:da:ef:6b:9c:35:fe:0a:91:d6:c9: 6a:85:31:40 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fwZAI44mhrOjX/BZi2zqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5NmYzNWM1ZTAzMjFhY2QwMjE2N2RlZjg4MDdmMGJiNmY3 MWMyOGQwHhcNMjUxMjIwMTYwMTU2WhcNMjUxMjIxMTYwMTU2WjAzMTEwLwYDVQQD Eyg0NDEwNTI5MTMxZGFhMmUzMjVkOGNiNTk0NjBlYzZhZmFhMmI0NmNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAin8pY1cmQgnQgRIZatdoMzC35eVL D+P85RPpbpXNhC5XZQfdqi7uVAQAO64t4W4BDCy1+x54Xk3kIwjFSBQGy8TZOEBw deVb72O4sOCDiWTfqrTDYJXz4m265UUp5agR/IN5XL4fOZ8TqxOuyMohNQmj3jXG MkVqn+J1cH1imF1GrCrofUWn6/4d9muI0g7oKiEaP1H9jfdf2i8QfMHclu7KzylG YPO0Ti/H6IBXxkw6UeKkrbqQA3pvVVRGBl85BZ9Vsr0D258MKomTR4qZU+W5itJJ MNYsSZTC1jYXW0LG5gXraelnnc3o00sjwIDMF8lYasV1KWinVAuNt9SqjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEQQUpEx2qLjJdjLWUYOxq+qK0bKMB8GA1UdIwQY MBaAFIlvNcXgMhrNAhZ974gH8LtvccKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYt MjI5OWE2N2U2MDAxLzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC84MGM0YzAtYzcyOS00MThlLTgwYWYtMjI5OWE2N2U2MDAx LzEvaVc4MXhlQXlHczBDRm4zdmlBZnd1Mjl4d28wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLAPtK1a ENgB8O0oyrt4CyugCaM1fnQY0WHyAuEKuJzQD2ZSRNkSKxsjwMMPazTGFn6FBKWs AIw9xBnhs81wnHTNGenNjPG8vQUalkB0opkt4uGdAsz8LAC7pITlXHWxbfCgwJYo rcOVsZl4sZkkO7uYTmKBF00tiJPlr7semgrf8Z2AaPl/LeQxiMf7JbxVE4TPApnE urycadwBsTavaaOLa34OFtELZQkOUHqMKNFZNVfiW8XeucC7jdERU85hAcf6xlPm mc75ywIbGx+T3MzM2cbXUZxFYIDQhf/nJxP85+gabCWBKUUrREGw1ceibina72uc Nf4KkdbJaoUxQA== -----END CERTIFICATE-----Generated at Sat Dec 20 18:08:50 2025 by rpki-client