This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft File: iIFmRjoaMByltuuYvd0H45cJGYY.mft (raw, json) Hash identifier: /JvvHWUFE5sti+Jvues73TSPEQVZhlL4TLugepIJRfo= Subject key identifier: 57:0C:9E:21:EF:45:B7:2C:5C:A4:5A:F5:90:8F:2C:70:7B:27:A1:17 Authority key identifier: 88:81:66:46:3A:1A:30:1C:A5:B6:EB:98:BD:DD:07:E3:97:09:19:86 Certificate issuer: /CN=888166463a1a301ca5b6eb98bddd07e397091986 Certificate serial: 019B0FA60C13EDBE2F888FB9DD3835A2BC41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iIFmRjoaMByltuuYvd0H45cJGYY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft Manifest number: 124A Signing time: Thu 11 Dec 2025 23:01:38 +0000 Manifest this update: Thu 11 Dec 2025 23:01:38 +0000 Manifest next update: Fri 12 Dec 2025 23:01:38 +0000 Files and hashes: 1: iIFmRjoaMByltuuYvd0H45cJGYY.crl (hash: YptJbxXJgXwiu2hIfrAYle1MmI6YWEjUrMnB7yqVl3Y=) 2: rw7mvGsBN1ywLg0aU0WOnuWPa30.roa (hash: Kkop8VBeWFXHnSavZNOMJQZHo1FfDtxgbSsG84Nc5jo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft rsync://rpki.ripe.net/repository/DEFAULT/iIFmRjoaMByltuuYvd0H45cJGYY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:a6:0c:13:ed:be:2f:88:8f:b9:dd:38:35:a2:bc:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=888166463a1a301ca5b6eb98bddd07e397091986 Validity Not Before: Dec 11 23:01:38 2025 GMT Not After : Dec 12 23:01:38 2025 GMT Subject: CN=570c9e21ef45b72c5ca45af5908f2c707b27a117 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:25:f0:64:25:82:89:60:c8:34:22:cb:f1:01: 5c:bc:12:fb:93:79:5c:94:10:f0:c5:06:4c:31:e6: 85:57:41:53:a2:d0:7b:0b:ca:07:00:6b:1d:f9:ef: 34:76:86:62:70:41:b0:59:5e:df:69:f5:74:ef:ed: ca:11:7f:66:47:8c:63:48:2c:45:23:dc:36:a9:48: 0c:2e:67:24:4f:88:ce:26:2e:4d:bb:be:11:64:93: ed:a5:f5:f4:68:47:8b:c0:9a:42:38:60:55:40:69: 3b:c0:ad:69:9d:a4:e3:22:0c:d8:f8:3a:3e:13:76: 67:25:0a:cf:2f:4d:e4:e1:0a:af:bb:23:68:35:d7: ec:1a:d2:76:59:ed:49:f0:4f:d2:ad:70:43:fb:f1: dc:26:39:27:a5:cb:41:33:5f:7f:2f:cc:61:33:ed: ee:bf:c6:f0:0d:ed:68:93:1f:64:ad:57:69:9c:26: 62:91:a2:93:8a:37:bb:bc:5c:9c:58:54:30:ff:aa: 79:63:6f:8b:1b:ed:07:e1:7b:3e:82:c0:d1:79:b4: ff:e5:d4:55:33:30:6d:36:70:13:18:84:71:98:34: 72:19:2f:0e:ef:09:6c:9b:ae:7c:97:b0:4f:79:77: c2:c5:51:3c:71:8f:e4:9a:46:10:02:70:4a:bb:ea: c5:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:0C:9E:21:EF:45:B7:2C:5C:A4:5A:F5:90:8F:2C:70:7B:27:A1:17 X509v3 Authority Key Identifier: keyid:88:81:66:46:3A:1A:30:1C:A5:B6:EB:98:BD:DD:07:E3:97:09:19:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iIFmRjoaMByltuuYvd0H45cJGYY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/476fd0-b8a6-461f-b4c5-38c2c2a79c35/1/iIFmRjoaMByltuuYvd0H45cJGYY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:74:70:bd:78:aa:59:fb:2d:82:3b:c8:87:3f:a5:6e:3f:c5: 5e:94:df:0e:3e:ce:e1:17:3a:0d:a1:d3:40:3c:c0:94:ec:b8: 86:e9:5b:78:83:11:f0:1e:86:c7:a1:7d:d2:88:c9:af:35:fe: 9b:2f:06:0f:08:62:bb:f5:bf:5c:ef:ea:e7:b6:3d:26:a8:12: ba:e6:ff:dc:21:ea:79:87:d4:ca:e1:12:3c:52:f5:07:c1:68: be:a7:38:e2:ae:af:cf:de:43:f7:05:5f:d3:28:d3:d0:ee:42: 8b:16:e6:39:1d:07:eb:d1:bc:d1:84:4b:63:14:91:4a:c4:31: 97:17:18:5a:e3:f8:d7:4f:d8:67:a2:85:dc:ab:ca:23:f3:4e: 1c:bf:3f:41:78:24:62:6a:ad:80:b6:9c:8f:9c:7b:d3:4a:b0: af:aa:e8:b3:68:fe:ab:11:8b:50:3b:7e:cf:11:d0:12:e6:e1: 0a:af:e0:3f:03:4a:68:68:7e:40:75:50:ed:37:8a:17:b0:ae: 6d:47:4f:f3:db:f6:33:94:05:b9:7b:ab:6d:16:60:1d:4d:51: 89:b8:6e:c0:be:2a:e2:70:8b:f7:5b:11:d1:a7:61:a3:73:96: 11:58:39:5b:b1:e6:9d:87:4a:40:50:4e:49:91:18:ec:1a:74: 59:e5:54:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPpgwT7b4viI+53Tg1orxBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ODE2NjQ2M2ExYTMwMWNhNWI2ZWI5OGJkZGQwN2UzOTcw OTE5ODYwHhcNMjUxMjExMjMwMTM4WhcNMjUxMjEyMjMwMTM4WjAzMTEwLwYDVQQD Eyg1NzBjOWUyMWVmNDViNzJjNWNhNDVhZjU5MDhmMmM3MDdiMjdhMTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiXwZCWCiWDINCLL8QFcvBL7k3lc lBDwxQZMMeaFV0FTotB7C8oHAGsd+e80doZicEGwWV7fafV07+3KEX9mR4xjSCxF I9w2qUgMLmckT4jOJi5Nu74RZJPtpfX0aEeLwJpCOGBVQGk7wK1pnaTjIgzY+Do+ E3ZnJQrPL03k4QqvuyNoNdfsGtJ2We1J8E/SrXBD+/HcJjknpctBM19/L8xhM+3u v8bwDe1okx9krVdpnCZikaKTije7vFycWFQw/6p5Y2+LG+0H4Xs+gsDRebT/5dRV MzBtNnATGIRxmDRyGS8O7wlsm658l7BPeXfCxVE8cY/kmkYQAnBKu+rFFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFcMniHvRbcsXKRa9ZCPLHB7J6EXMB8GA1UdIwQY MBaAFIiBZkY6GjAcpbbrmL3dB+OXCRmGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUlGbVJqb2FNQnlsdHV1WXZkMEg0NWNKR1lZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80NzZmZDAtYjhhNi00NjFmLWI0YzUt MzhjMmMyYTc5YzM1LzEvaUlGbVJqb2FNQnlsdHV1WXZkMEg0NWNKR1lZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi80NzZmZDAtYjhhNi00NjFmLWI0YzUtMzhjMmMyYTc5YzM1 LzEvaUlGbVJqb2FNQnlsdHV1WXZkMEg0NWNKR1lZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZXRwvXiq WfstgjvIhz+lbj/FXpTfDj7O4Rc6DaHTQDzAlOy4hulbeIMR8B6Gx6F90ojJrzX+ my8GDwhiu/W/XO/q57Y9JqgSuub/3CHqeYfUyuESPFL1B8Fovqc44q6vz95D9wVf 0yjT0O5CixbmOR0H69G80YRLYxSRSsQxlxcYWuP410/YZ6KF3KvKI/NOHL8/QXgk YmqtgLacj5x700qwr6ros2j+qxGLUDt+zxHQEubhCq/gPwNKaGh+QHVQ7TeKF7Cu bUdP89v2M5QFuXurbRZgHU1RibhuwL4q4nCL91sR0adho3OWEVg5W7HmnYdKQFBO SZEY7Bp0WeVUhA== -----END CERTIFICATE-----Generated at Fri Dec 12 02:44:24 2025 by rpki-client