This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft File: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft (raw, json) Hash identifier: TR0rszS17f4lTUHlE1d7ZZB8Ctj7CiErYZGv+5yE5dA= Subject key identifier: 6C:6E:E7:32:C6:C1:E9:8F:38:4D:22:46:17:D2:43:0E:D7:68:05:3A Authority key identifier: 23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98 Certificate issuer: /CN=232872f431ada9b6826c5f0897ec4e5342092e98 Certificate serial: 019B5AF62DF0DFD7DC18FC44E56871C6400F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft Manifest number: 04F8 Signing time: Fri 26 Dec 2025 14:00:41 +0000 Manifest this update: Fri 26 Dec 2025 14:00:41 +0000 Manifest next update: Sat 27 Dec 2025 14:00:41 +0000 Files and hashes: 1: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl (hash: HG/tngB96HTnDds0MUlLW6j8N/sy5B8dJw3vXmaD4og=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:2d:f0:df:d7:dc:18:fc:44:e5:68:71:c6:40:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=232872f431ada9b6826c5f0897ec4e5342092e98 Validity Not Before: Dec 26 14:00:41 2025 GMT Not After : Dec 27 14:00:41 2025 GMT Subject: CN=6c6ee732c6c1e98f384d224617d2430ed768053a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:68:7a:bb:ac:d0:3c:6a:27:1a:79:8f:9a:33: 34:f6:c3:9d:f3:06:36:dd:d2:86:92:32:82:e2:f8: fa:63:d9:cd:b9:62:59:d0:e2:75:ad:af:1f:a9:14: e4:7f:c6:f9:82:c5:d8:d4:9e:9e:36:b7:55:5c:56: da:0e:74:5e:f5:4d:1c:04:85:64:12:d8:f5:b8:ac: d2:f3:e8:18:7c:30:09:1d:6a:ed:c2:37:03:31:b2: dc:af:c5:f5:10:f8:79:df:8f:f0:95:fe:aa:4c:e3: 17:61:df:9a:fc:a1:82:37:16:1d:6f:21:27:80:dd: 60:a7:b8:3e:58:72:a4:08:b7:8f:d2:63:c6:44:c5: 14:89:83:1a:c7:33:d7:10:dc:d8:dd:47:ea:fe:6b: 85:79:61:2e:e5:1f:e8:3e:a4:29:9a:83:05:a9:f2: f8:21:75:e6:0c:d6:4e:27:86:65:20:1d:09:28:45: 5b:87:09:69:71:15:81:f5:23:8a:a8:ac:a0:cc:98: 37:21:d6:f8:c6:78:d2:2e:0e:80:f1:ec:ab:80:76: ac:45:f8:98:01:e7:3e:4b:32:a7:58:f2:17:a3:50: 32:9b:47:25:4c:4d:a1:e8:43:c6:2e:37:a1:03:2f: e0:51:27:7d:6a:5d:01:f7:fa:0a:56:c5:9c:57:41: 47:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:6E:E7:32:C6:C1:E9:8F:38:4D:22:46:17:D2:43:0E:D7:68:05:3A X509v3 Authority Key Identifier: keyid:23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:bc:38:1c:5e:2b:b3:db:ed:37:a7:1d:4b:29:83:b3:14:dd: 3f:b2:7c:d4:64:30:03:e5:62:85:ae:a9:4d:26:58:b4:81:92: db:b7:30:1d:b0:58:9b:0f:77:72:e5:a4:ec:50:26:f6:c3:00: 36:31:4a:e6:5d:5a:e8:a2:3c:a6:10:3d:52:42:12:5a:16:fe: 92:77:7d:90:44:54:f7:f4:7e:3b:b4:98:85:a7:98:e9:d7:3b: 31:f1:cf:4b:42:d6:67:89:14:76:cc:50:82:96:a9:8e:9c:de: ad:4b:32:f3:c6:08:1c:36:78:cc:6b:47:62:2e:4c:8d:f3:91: d6:a2:62:05:84:2e:c3:da:35:53:a9:2e:3b:61:e2:02:69:3c: b0:05:90:59:ac:fd:58:24:cc:f6:0d:8b:0d:52:e6:f6:79:f3: 5a:3c:bd:0a:be:90:ae:d3:08:a3:fd:0c:30:0a:1e:00:76:fa: 28:ab:a9:68:9f:ba:5f:6c:b7:d0:c9:2d:3d:02:74:8b:02:92: 89:d1:13:2f:25:65:78:39:53:18:1a:e6:b5:8a:38:3c:61:11: e3:b7:5f:ba:0f:58:bd:67:c4:0a:72:05:73:74:c1:6b:b7:eb: 99:aa:24:03:08:94:7c:0f:4e:17:c3:20:ad:7d:0a:89:73:99: 1f:08:7f:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9i3w39fcGPxE5WhxxkAPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMjg3MmY0MzFhZGE5YjY4MjZjNWYwODk3ZWM0ZTUzNDIw OTJlOTgwHhcNMjUxMjI2MTQwMDQxWhcNMjUxMjI3MTQwMDQxWjAzMTEwLwYDVQQD Eyg2YzZlZTczMmM2YzFlOThmMzg0ZDIyNDYxN2QyNDMwZWQ3NjgwNTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Gh6u6zQPGonGnmPmjM09sOd8wY2 3dKGkjKC4vj6Y9nNuWJZ0OJ1ra8fqRTkf8b5gsXY1J6eNrdVXFbaDnRe9U0cBIVk Etj1uKzS8+gYfDAJHWrtwjcDMbLcr8X1EPh534/wlf6qTOMXYd+a/KGCNxYdbyEn gN1gp7g+WHKkCLeP0mPGRMUUiYMaxzPXENzY3Ufq/muFeWEu5R/oPqQpmoMFqfL4 IXXmDNZOJ4ZlIB0JKEVbhwlpcRWB9SOKqKygzJg3Idb4xnjSLg6A8eyrgHasRfiY Aec+SzKnWPIXo1Aym0clTE2h6EPGLjehAy/gUSd9al0B9/oKVsWcV0FHKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGxu5zLGwemPOE0iRhfSQw7XaAU6MB8GA1UdIwQY MBaAFCMocvQxram2gmxfCJfsTlNCCS6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYt NzFhYTYzMTI1MTI4LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYtNzFhYTYzMTI1MTI4 LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG7w4HF4r s9vtN6cdSymDsxTdP7J81GQwA+Viha6pTSZYtIGS27cwHbBYmw93cuWk7FAm9sMA NjFK5l1a6KI8phA9UkISWhb+knd9kERU9/R+O7SYhaeY6dc7MfHPS0LWZ4kUdsxQ gpapjpzerUsy88YIHDZ4zGtHYi5MjfOR1qJiBYQuw9o1U6kuO2HiAmk8sAWQWaz9 WCTM9g2LDVLm9nnzWjy9Cr6QrtMIo/0MMAoeAHb6KKupaJ+6X2y30MktPQJ0iwKS idETLyVleDlTGBrmtYo4PGER47dfug9YvWfECnIFc3TBa7frmaokAwiUfA9OF8Mg rX0KiXOZHwh/XA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:17 2025 by rpki-client