This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft File: iOuqLxdpo932X4c9wx81HvB4rSU.mft (raw, json) Hash identifier: ZlwqdP9rUnH9FqyE/zmkXHw+KnNTpt2k+owvl/Iswnc= Subject key identifier: 00:FC:FA:C8:0E:45:98:A1:6B:05:26:F2:46:45:F9:AB:CC:CF:A4:9B Authority key identifier: 88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25 Certificate issuer: /CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25 Certificate serial: 019B3B34D135F78781938903A6CAB443FABA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft Manifest number: 0F25 Signing time: Sat 20 Dec 2025 10:01:15 +0000 Manifest this update: Sat 20 Dec 2025 10:01:15 +0000 Manifest next update: Sun 21 Dec 2025 10:01:15 +0000 Files and hashes: 1: P5TwA4gqR6DNAZ9Tx38K6wVBeSw.roa (hash: JFHWlXs6ts8+WEohOsphMs0bmJPDZeURLkqEXMqad1U=) 2: iOuqLxdpo932X4c9wx81HvB4rSU.crl (hash: l1Uh2nIUgZdDzGHRmVJ0thUMqGFpvCXP+PCO1vOtxLk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:d1:35:f7:87:81:93:89:03:a6:ca:b4:43:fa:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88ebaa2f1769a3ddf65f873dc31f351ef078ad25 Validity Not Before: Dec 20 10:01:15 2025 GMT Not After : Dec 21 10:01:15 2025 GMT Subject: CN=00fcfac80e4598a16b0526f24645f9abcccfa49b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:f8:e0:83:f9:3b:bf:1a:9c:ba:d6:14:93:5a: 60:0d:d4:bf:6c:84:03:2b:50:21:f8:b0:c5:9c:d8: 3b:b4:f8:9c:c3:13:1b:94:e5:93:b5:f4:29:bd:ca: 47:81:ff:36:18:cf:4e:cf:80:88:cc:d5:e3:84:be: 81:36:f5:f1:10:63:77:91:d1:82:5e:d5:79:f0:7a: 51:10:1e:13:6c:59:67:f0:8c:b9:0f:99:81:e5:b9: 5e:c6:c0:c7:b6:26:14:dc:08:04:34:b0:36:7b:0e: 93:fe:95:63:6d:40:a4:78:2c:3d:46:28:a3:4a:12: 3c:b4:fe:5e:65:8a:08:09:7e:22:93:4f:b6:e8:2d: 62:28:55:f7:6f:f5:21:9c:1c:a3:b2:8b:fd:4f:05: 36:2f:0e:f8:2a:4a:d4:bc:20:2e:59:6c:be:4f:a6: 46:28:a1:7a:f3:09:ca:4b:97:b4:dd:2d:93:0c:e5: 88:e8:8b:cb:ce:97:95:47:89:ca:7b:8e:3c:37:d7: 71:18:8d:c5:6e:65:d2:b3:89:bd:68:d0:8c:f8:5f: 6e:79:16:d0:c8:21:42:bc:6b:36:6d:a7:0d:3a:37: 2f:10:5f:88:39:60:fd:61:66:0d:62:87:7d:8d:8f: 67:e2:1c:0a:9a:a3:90:24:29:00:db:c2:fd:5a:ba: 56:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:FC:FA:C8:0E:45:98:A1:6B:05:26:F2:46:45:F9:AB:CC:CF:A4:9B X509v3 Authority Key Identifier: keyid:88:EB:AA:2F:17:69:A3:DD:F6:5F:87:3D:C3:1F:35:1E:F0:78:AD:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOuqLxdpo932X4c9wx81HvB4rSU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8bfcc2-5def-44aa-87c1-2bbf46884585/1/iOuqLxdpo932X4c9wx81HvB4rSU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:70:6d:6a:6f:ba:06:5b:63:e8:b3:db:7e:5d:e6:71:27:ab: 68:6d:a6:60:01:82:aa:3b:61:db:07:6b:23:c7:3f:b8:a2:5a: 0d:ad:c6:02:a9:5c:23:ce:68:7a:23:be:88:3f:c1:63:27:09: 59:b8:ce:11:3b:bd:20:de:8b:d1:56:78:3e:67:f1:48:a8:47: 30:e8:d2:64:00:57:38:fc:0c:b2:4c:5f:de:53:bb:52:10:79: f2:99:ad:c4:27:b6:e0:50:e6:27:58:81:34:95:8e:15:ce:c5: 97:3b:b7:b7:3f:d6:45:6b:c1:a0:f6:02:7f:45:c6:1d:73:b2: 53:4b:5d:85:31:7a:f1:35:21:70:8c:9a:59:1a:db:6c:30:9b: 16:56:1b:b3:f0:32:5b:a3:18:37:b5:4b:96:a8:42:dd:21:03: 27:f5:a3:01:ca:61:ef:02:bc:9c:3a:5a:1e:a4:ce:9f:13:73: 90:3c:b2:ba:be:95:aa:3d:94:76:ac:91:f3:cd:5c:77:d2:bc: 6e:d2:e0:23:d5:24:0b:cd:98:0a:99:ce:d0:b0:5e:af:4e:7f: e1:a5:51:4c:c2:aa:67:de:90:c2:82:5c:49:49:d8:b6:27:0d: 26:ec:ca:67:c3:af:ca:b5:91:1e:31:4b:e0:bb:22:05:8d:2e: 71:32:40:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NNE194eBk4kDpsq0Q/q6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ZWJhYTJmMTc2OWEzZGRmNjVmODczZGMzMWYzNTFlZjA3 OGFkMjUwHhcNMjUxMjIwMTAwMTE1WhcNMjUxMjIxMTAwMTE1WjAzMTEwLwYDVQQD EygwMGZjZmFjODBlNDU5OGExNmIwNTI2ZjI0NjQ1ZjlhYmNjY2ZhNDliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfjgg/k7vxqcutYUk1pgDdS/bIQD K1Ah+LDFnNg7tPicwxMblOWTtfQpvcpHgf82GM9Oz4CIzNXjhL6BNvXxEGN3kdGC XtV58HpREB4TbFln8Iy5D5mB5blexsDHtiYU3AgENLA2ew6T/pVjbUCkeCw9Riij ShI8tP5eZYoICX4ik0+26C1iKFX3b/UhnByjsov9TwU2Lw74KkrUvCAuWWy+T6ZG KKF68wnKS5e03S2TDOWI6IvLzpeVR4nKe448N9dxGI3FbmXSs4m9aNCM+F9ueRbQ yCFCvGs2bacNOjcvEF+IOWD9YWYNYod9jY9n4hwKmqOQJCkA28L9WrpWsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAD8+sgORZihawUm8kZF+avMz6SbMB8GA1UdIwQY MBaAFIjrqi8XaaPd9l+HPcMfNR7weK0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEt MmJiZjQ2ODg0NTg1LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy84YmZjYzItNWRlZi00NGFhLTg3YzEtMmJiZjQ2ODg0NTg1 LzEvaU91cUx4ZHBvOTMyWDRjOXd4ODFIdkI0clNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3Btam+6 Bltj6LPbfl3mcSeraG2mYAGCqjth2wdrI8c/uKJaDa3GAqlcI85oeiO+iD/BYycJ WbjOETu9IN6L0VZ4PmfxSKhHMOjSZABXOPwMskxf3lO7UhB58pmtxCe24FDmJ1iB NJWOFc7Flzu3tz/WRWvBoPYCf0XGHXOyU0tdhTF68TUhcIyaWRrbbDCbFlYbs/Ay W6MYN7VLlqhC3SEDJ/WjAcph7wK8nDpaHqTOnxNzkDyyur6Vqj2UdqyR881cd9K8 btLgI9UkC82YCpnO0LBer05/4aVRTMKqZ96QwoJcSUnYticNJuzKZ8OvyrWRHjFL 4LsiBY0ucTJAtg== -----END CERTIFICATE-----Generated at Sat Dec 20 20:12:13 2025 by rpki-client