This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7847fb-f55a-4995-8531-ec0262ab33f1/1/1ITgzuV1xhkFP47isQBMxEL9LO0.mft File: 1ITgzuV1xhkFP47isQBMxEL9LO0.mft (raw, json) Hash identifier: vVrlKd68w84Vjpq1rQUwN40ipUGDImUraTxKKfyzBz0= Subject key identifier: D7:F1:E2:F5:C7:30:32:C0:34:60:35:E4:68:39:9E:D6:22:8A:09:2D Authority key identifier: D4:84:E0:CE:E5:75:C6:19:05:3F:8E:E2:B1:00:4C:C4:42:FD:2C:ED Certificate issuer: /CN=d484e0cee575c619053f8ee2b1004cc442fd2ced Certificate serial: 019B0E2570D39A0D3AE6F078DC8B125AA59A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ITgzuV1xhkFP47isQBMxEL9LO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/7847fb-f55a-4995-8531-ec0262ab33f1/1/1ITgzuV1xhkFP47isQBMxEL9LO0.mft Manifest number: 1599 Signing time: Thu 11 Dec 2025 16:01:33 +0000 Manifest this update: Thu 11 Dec 2025 16:01:33 +0000 Manifest next update: Fri 12 Dec 2025 16:01:33 +0000 Files and hashes: 1: 1ITgzuV1xhkFP47isQBMxEL9LO0.crl (hash: M79wYUm5dix+Hnx1A4xOHUzmTUscEWAQZimowZe3S4w=) 2: LlAa--5nsX3tUHGAFZ_HSMFrn7I.roa (hash: 3b1C9Ph3SGavY+PSGpBTlLw28V2WqXhlaeYP73oghL4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/7847fb-f55a-4995-8531-ec0262ab33f1/1/1ITgzuV1xhkFP47isQBMxEL9LO0.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/7847fb-f55a-4995-8531-ec0262ab33f1/1/1ITgzuV1xhkFP47isQBMxEL9LO0.mft rsync://rpki.ripe.net/repository/DEFAULT/1ITgzuV1xhkFP47isQBMxEL9LO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:25:70:d3:9a:0d:3a:e6:f0:78:dc:8b:12:5a:a5:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d484e0cee575c619053f8ee2b1004cc442fd2ced Validity Not Before: Dec 11 16:01:33 2025 GMT Not After : Dec 12 16:01:33 2025 GMT Subject: CN=d7f1e2f5c73032c0346035e468399ed6228a092d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:af:fc:c7:d8:21:8e:bd:46:4b:2b:1d:02:50: b5:c3:a3:7b:ad:04:a1:55:4b:f1:63:a1:8d:f2:46: 6f:d6:b2:45:3a:dc:91:4e:a7:ca:9d:8e:00:5e:78: f8:fb:f8:cb:5c:d7:aa:09:20:ed:1d:91:23:97:5e: e6:3e:e1:bb:3b:52:2a:12:c8:97:f3:41:21:4c:12: 30:7b:d8:bf:81:be:7b:95:1d:c3:30:a3:19:42:14: c0:a3:9f:66:9e:f2:33:2b:07:f5:15:09:91:ea:f2: a8:a1:2d:37:aa:ea:cf:47:a0:be:19:d4:f0:27:b3: 92:06:43:35:35:13:06:be:7c:be:36:00:a7:10:79: 29:9d:b1:43:99:2a:39:61:9a:b1:35:7e:8f:a2:e2: 7f:03:5d:d6:0c:00:37:6b:94:e4:99:a8:15:98:88: 7e:fa:fb:12:1f:43:ec:31:b4:ca:6a:fa:05:26:d0: 5f:54:bf:52:71:8a:eb:b8:5c:6f:6a:bf:4e:f6:19: f4:08:d4:4d:92:dd:dc:ab:8b:f2:1e:83:67:f3:53: 5a:d6:60:71:42:46:b2:82:24:1d:14:7d:ed:96:22: 0e:36:b6:74:c2:6c:1e:ab:11:11:40:f0:3a:8b:b5: 7b:d2:e9:89:1a:24:13:b2:f9:5d:4c:28:81:3d:fe: 2a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:F1:E2:F5:C7:30:32:C0:34:60:35:E4:68:39:9E:D6:22:8A:09:2D X509v3 Authority Key Identifier: keyid:D4:84:E0:CE:E5:75:C6:19:05:3F:8E:E2:B1:00:4C:C4:42:FD:2C:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ITgzuV1xhkFP47isQBMxEL9LO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7847fb-f55a-4995-8531-ec0262ab33f1/1/1ITgzuV1xhkFP47isQBMxEL9LO0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7847fb-f55a-4995-8531-ec0262ab33f1/1/1ITgzuV1xhkFP47isQBMxEL9LO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:7c:71:30:5f:fb:2a:3a:94:66:f4:8f:4d:d9:37:d2:fa:4e: 48:46:60:b3:40:dc:e1:04:d0:46:ef:df:87:8a:86:72:b6:8e: dc:28:ec:4e:af:34:0e:26:39:71:5d:a5:44:36:18:78:d6:43: da:13:d6:48:20:e5:15:cd:bb:15:09:30:5b:08:4d:11:ae:46: 60:72:a8:ca:4b:06:06:f5:73:10:78:c8:1b:6c:34:ef:a6:36: 08:3f:d3:ea:82:cf:cc:ae:cb:d5:cd:3c:a8:ae:9f:c5:e6:d7: 5d:3b:56:88:c9:10:1f:d3:28:3f:0d:2a:09:a4:be:31:e4:ec: ef:8d:97:85:df:aa:c8:83:87:09:17:9d:29:1a:d1:b4:04:a4: 2d:10:f4:21:a9:5b:de:1e:1c:59:51:e3:95:45:73:95:3f:76: d4:98:d4:75:0b:04:f0:b8:6d:04:ac:7a:63:bb:85:c6:02:23: a9:ba:d9:38:a9:8a:64:9a:85:fc:82:ce:f1:00:42:d2:e9:b0: 47:01:b4:8c:bb:db:90:6a:ff:25:0b:43:0e:84:df:94:03:44: f6:91:d4:3e:19:5d:f9:c7:d1:c1:57:76:44:b3:15:6b:96:4f: d1:fc:b5:32:dc:55:21:d5:28:2e:91:db:04:a1:c0:9a:bd:b8: 72:56:26:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOJXDTmg065vB43IsSWqWaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ODRlMGNlZTU3NWM2MTkwNTNmOGVlMmIxMDA0Y2M0NDJm ZDJjZWQwHhcNMjUxMjExMTYwMTMzWhcNMjUxMjEyMTYwMTMzWjAzMTEwLwYDVQQD EyhkN2YxZTJmNWM3MzAzMmMwMzQ2MDM1ZTQ2ODM5OWVkNjIyOGEwOTJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK/8x9ghjr1GSysdAlC1w6N7rQSh VUvxY6GN8kZv1rJFOtyRTqfKnY4AXnj4+/jLXNeqCSDtHZEjl17mPuG7O1IqEsiX 80EhTBIwe9i/gb57lR3DMKMZQhTAo59mnvIzKwf1FQmR6vKooS03qurPR6C+GdTw J7OSBkM1NRMGvny+NgCnEHkpnbFDmSo5YZqxNX6PouJ/A13WDAA3a5TkmagVmIh+ +vsSH0PsMbTKavoFJtBfVL9ScYrruFxvar9O9hn0CNRNkt3cq4vyHoNn81Na1mBx QkaygiQdFH3tliIONrZ0wmweqxERQPA6i7V70umJGiQTsvldTCiBPf4qLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNfx4vXHMDLANGA15Gg5ntYiigktMB8GA1UdIwQY MBaAFNSE4M7ldcYZBT+O4rEATMRC/SztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlUZ3p1VjF4aGtGUDQ3aXNRQk14RUw5TE8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83ODQ3ZmItZjU1YS00OTk1LTg1MzEt ZWMwMjYyYWIzM2YxLzEvMUlUZ3p1VjF4aGtGUDQ3aXNRQk14RUw5TE8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC83ODQ3ZmItZjU1YS00OTk1LTg1MzEtZWMwMjYyYWIzM2Yx LzEvMUlUZ3p1VjF4aGtGUDQ3aXNRQk14RUw5TE8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhXxxMF/7 KjqUZvSPTdk30vpOSEZgs0Dc4QTQRu/fh4qGcraO3CjsTq80DiY5cV2lRDYYeNZD 2hPWSCDlFc27FQkwWwhNEa5GYHKoyksGBvVzEHjIG2w076Y2CD/T6oLPzK7L1c08 qK6fxebXXTtWiMkQH9MoPw0qCaS+MeTs742Xhd+qyIOHCRedKRrRtASkLRD0Ialb 3h4cWVHjlUVzlT921JjUdQsE8LhtBKx6Y7uFxgIjqbrZOKmKZJqF/ILO8QBC0umw RwG0jLvbkGr/JQtDDoTflANE9pHUPhld+cfRwVd2RLMVa5ZP0fy1MtxVIdUoLpHb BKHAmr24clYmgQ== -----END CERTIFICATE-----Generated at Thu Dec 11 23:21:50 2025 by rpki-client