This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft File: IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json) Hash identifier: 5Gq5cqscz1UmKBsl1VBCgHqv8Ly/ICblg2n7/A6Qfzs= Subject key identifier: 59:6E:2B:CD:B7:39:F0:1E:A6:6B:93:0B:9E:1E:DC:43:6E:47:C9:B3 Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A Certificate issuer: /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a Certificate serial: 019B2EF963CF5BFCE3B4552CA69EAC53C884 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft Manifest number: 07A5 Signing time: Thu 18 Dec 2025 01:00:54 +0000 Manifest this update: Thu 18 Dec 2025 01:00:54 +0000 Manifest next update: Fri 19 Dec 2025 01:00:54 +0000 Files and hashes: 1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: blV5O1rAjrXwGyNUsaUmqI6mRtqZt3Mo3pfBN2E6Vy8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:f9:63:cf:5b:fc:e3:b4:55:2c:a6:9e:ac:53:c8:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a Validity Not Before: Dec 18 01:00:54 2025 GMT Not After : Dec 19 01:00:54 2025 GMT Subject: CN=596e2bcdb739f01ea66b930b9e1edc436e47c9b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c5:c8:97:03:03:ca:0e:d8:04:69:63:fc:c3: aa:7a:8e:b7:94:0a:1b:ba:80:05:e4:fd:4a:dd:db: c9:c7:aa:e7:2e:75:6a:63:fa:e9:09:90:66:49:b6: ab:f9:af:74:e8:71:0a:b0:5b:a3:0f:a0:4e:4c:e2: 38:a8:2f:cb:91:be:c2:79:d1:12:99:65:ff:ff:2c: 9d:73:31:b7:0d:db:c9:a0:77:fb:9a:ae:d7:c5:71: c1:6e:97:77:95:dc:d6:88:ea:d0:75:66:39:5a:3c: 3b:94:cf:06:a6:29:8c:0d:74:54:ab:5f:b4:d2:e5: 82:9d:db:2a:4c:1c:48:b7:f2:64:db:9f:7c:95:bc: fe:e8:88:35:cb:dc:c8:8a:3c:af:bf:04:93:58:b4: 3b:d5:19:2a:c2:5b:b0:f9:b4:b7:1a:c3:2b:b6:5c: c5:70:70:5d:ee:69:01:d3:a3:7a:2b:a0:c2:b0:8c: 6a:01:c2:4c:f3:7c:d0:5d:24:a4:1d:01:90:ec:66: fa:cd:ef:f2:5d:d5:9a:21:da:11:37:18:a7:4f:39: d4:1f:49:a0:b5:1a:ee:2a:4f:5d:dd:11:31:ab:84: 71:61:b5:af:14:f3:72:43:a6:e6:29:d9:7f:dd:34: 3f:d6:48:13:df:db:c4:55:8e:52:04:a3:b6:35:e4: d7:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:6E:2B:CD:B7:39:F0:1E:A6:6B:93:0B:9E:1E:DC:43:6E:47:C9:B3 X509v3 Authority Key Identifier: keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:ed:31:69:75:5c:b3:cc:f2:21:c0:dc:d5:a6:be:53:5a:26: e5:10:6e:65:2b:92:a0:16:bb:79:2c:5a:9d:93:1a:b2:42:d0: 7b:99:63:34:78:00:bd:4c:1c:23:d6:92:16:74:3d:25:3f:cc: df:6e:2d:cb:d4:35:47:5b:7a:42:73:67:5e:f0:06:f1:d0:60: a0:6b:32:62:96:d7:1d:d6:dc:04:9c:e3:76:c5:a1:83:e3:fa: e4:e6:36:78:9b:88:8a:0a:7d:b1:ab:8e:b0:c5:77:94:ca:90: bb:69:64:a0:53:cf:51:34:4a:62:17:71:1e:ce:9f:dc:82:24: f6:40:22:86:7e:9d:1a:2a:0c:d5:e6:94:83:3d:ad:7f:d6:03: d6:6e:f8:f1:3c:b5:e3:3c:9e:f2:5d:61:89:1c:a0:27:d3:4b: 54:c9:4c:3c:c3:7a:19:8c:f4:8c:90:5a:d3:97:18:3b:1c:28: e4:70:d0:81:8f:54:e5:0b:b2:d5:02:6f:d1:4a:d2:a1:b4:a7: 96:d2:61:09:f5:25:99:fb:32:45:81:e5:c9:f4:97:52:d0:74: 93:1e:c2:6a:12:73:42:d0:89:d1:5b:b5:0b:a5:84:b0:c8:a1: f3:43:37:ca:e6:77:4c:fe:dd:72:66:77:9d:5d:a7:8b:8d:ec: f5:b7:7a:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+WPPW/zjtFUspp6sU8iEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk OTZhNGEwHhcNMjUxMjE4MDEwMDU0WhcNMjUxMjE5MDEwMDU0WjAzMTEwLwYDVQQD Eyg1OTZlMmJjZGI3MzlmMDFlYTY2YjkzMGI5ZTFlZGM0MzZlNDdjOWIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcXIlwMDyg7YBGlj/MOqeo63lAob uoAF5P1K3dvJx6rnLnVqY/rpCZBmSbar+a906HEKsFujD6BOTOI4qC/Lkb7CedES mWX//yydczG3DdvJoHf7mq7XxXHBbpd3ldzWiOrQdWY5Wjw7lM8GpimMDXRUq1+0 0uWCndsqTBxIt/Jk2598lbz+6Ig1y9zIijyvvwSTWLQ71Rkqwluw+bS3GsMrtlzF cHBd7mkB06N6K6DCsIxqAcJM83zQXSSkHQGQ7Gb6ze/yXdWaIdoRNxinTznUH0mg tRruKk9d3RExq4RxYbWvFPNyQ6bmKdl/3TQ/1kgT39vEVY5SBKO2NeTXlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFluK823OfAepmuTC54e3ENuR8mzMB8GA1UdIwQY MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0 LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABe0xaXVc s8zyIcDc1aa+U1om5RBuZSuSoBa7eSxanZMaskLQe5ljNHgAvUwcI9aSFnQ9JT/M 324ty9Q1R1t6QnNnXvAG8dBgoGsyYpbXHdbcBJzjdsWhg+P65OY2eJuIigp9sauO sMV3lMqQu2lkoFPPUTRKYhdxHs6f3IIk9kAihn6dGioM1eaUgz2tf9YD1m748Ty1 4zye8l1hiRygJ9NLVMlMPMN6GYz0jJBa05cYOxwo5HDQgY9U5Quy1QJv0UrSobSn ltJhCfUlmfsyRYHlyfSXUtB0kx7CahJzQtCJ0Vu1C6WEsMih80M3yuZ3TP7dcmZ3 nV2ni43s9bd6Sg== -----END CERTIFICATE-----Generated at Thu Dec 18 08:02:25 2025 by rpki-client