This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft File: IQH0Od66_1iAOV148Lv62Mp2CL8.mft (raw, json) Hash identifier: c3Xd+mvjm77s4iuhREO5SJ8j93mzvpH1RUg4aubAF/8= Subject key identifier: 29:97:E3:D5:66:AE:E7:F9:A4:D7:1E:0D:67:D9:3F:D9:8F:64:ED:2B Authority key identifier: 21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF Certificate issuer: /CN=2101f439debaff5880395d78f0bbfad8ca7608bf Certificate serial: 019B35A0EB4EFA0C86FC1098C6A4BBD0DA84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft Manifest number: 0E41 Signing time: Fri 19 Dec 2025 08:01:36 +0000 Manifest this update: Fri 19 Dec 2025 08:01:36 +0000 Manifest next update: Sat 20 Dec 2025 08:01:36 +0000 Files and hashes: 1: IQH0Od66_1iAOV148Lv62Mp2CL8.crl (hash: zhNr5IhqOS5CJKw9nFewaWczsK6ABPX8iiB9u7Apcss=) 2: maYu8dN9neYyc8DtbRu2KTpDdQk.roa (hash: H5U+8VR9PAI4QlkVpTR8DC6LqpMXq6tJVvxgrK/vIPo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:a0:eb:4e:fa:0c:86:fc:10:98:c6:a4:bb:d0:da:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2101f439debaff5880395d78f0bbfad8ca7608bf Validity Not Before: Dec 19 08:01:36 2025 GMT Not After : Dec 20 08:01:36 2025 GMT Subject: CN=2997e3d566aee7f9a4d71e0d67d93fd98f64ed2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:6f:62:32:31:81:3f:4a:fd:da:1b:04:24:3e: 0e:a6:1c:3b:df:02:8b:fc:6d:e3:fd:c8:48:72:fa: 2c:8b:a2:8f:cd:35:f8:03:32:ba:60:c2:4c:ac:79: 2f:c9:90:4e:1f:89:5c:1f:0c:9d:4e:fb:fc:61:57: 0c:1c:55:be:c5:7b:e8:de:cd:12:4e:00:8a:ac:cc: c7:7f:e2:9a:f4:15:23:0a:53:e1:4f:c5:7d:2a:55: 92:e3:91:bf:4a:ef:40:14:09:97:bf:9c:a8:f2:a1: 58:dd:0c:84:6d:70:f8:c6:a4:6a:4f:30:95:9c:28: 59:52:57:49:06:5c:3f:de:e5:94:d0:d8:6d:e1:b9: 11:c5:11:68:2e:12:5e:e3:96:b7:9e:de:36:1a:cf: ac:8d:4f:51:5f:e2:78:ee:1d:af:d2:d6:d5:3b:79: 3c:fb:d4:b4:d8:1f:5b:33:c3:dd:9f:45:d4:4d:11: 98:c6:f1:3c:45:03:f1:12:a8:d3:70:7a:17:82:45: 03:d3:cb:b3:c6:4d:f4:6e:d1:38:c5:e5:08:d6:5d: 0e:0a:21:55:42:e8:71:c3:9f:23:06:b1:2c:11:29: f3:c0:b5:01:9b:40:03:d7:af:ce:b8:5f:8f:38:64: 29:74:94:7d:5a:d9:30:48:52:21:16:71:47:3c:1d: a1:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:97:E3:D5:66:AE:E7:F9:A4:D7:1E:0D:67:D9:3F:D9:8F:64:ED:2B X509v3 Authority Key Identifier: keyid:21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:a7:c2:f5:85:36:4a:66:13:09:0c:0f:e2:9d:db:0d:54:2e: bd:ff:74:5a:7d:e0:20:c7:e1:b7:2f:12:ba:97:19:b6:21:ca: 3d:e9:70:9f:75:9d:17:97:b9:fd:d2:8d:50:21:50:59:b1:81: 73:31:3e:9f:58:2e:6c:7a:c9:31:d0:20:ae:a7:53:ee:a5:30: db:be:64:09:5e:34:8f:b9:32:b9:17:d9:7f:eb:a2:4b:62:c3: 54:bc:e3:45:aa:4b:37:19:48:81:03:4f:8f:ed:8f:8c:97:fb: 75:95:76:ca:da:f2:a3:fa:b0:0c:f9:d8:cf:cf:f1:f3:10:52: 70:bd:5e:95:d3:c3:da:c7:e0:90:25:0a:f3:ba:da:86:73:06: 99:71:08:14:c8:0e:06:d1:ab:f1:97:86:6d:d7:54:44:72:eb: fe:02:ae:c4:e1:31:2c:96:7c:01:38:29:41:af:99:cf:4b:87: 09:bb:f5:30:19:6d:c3:31:97:44:2b:98:54:8d:bd:dc:f5:66: 0d:de:51:a8:68:ce:df:47:8d:9b:7a:e4:91:78:71:83:f9:9e: e3:86:2a:a7:6e:cb:ea:35:5c:b2:1b:05:3b:7c:cd:0e:43:b0: b6:be:08:53:ea:fb:38:f2:00:a2:4f:d8:c4:4b:3b:61:04:b0: 9d:0f:b6:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1oOtO+gyG/BCYxqS70NqEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDFmNDM5ZGViYWZmNTg4MDM5NWQ3OGYwYmJmYWQ4Y2E3 NjA4YmYwHhcNMjUxMjE5MDgwMTM2WhcNMjUxMjIwMDgwMTM2WjAzMTEwLwYDVQQD EygyOTk3ZTNkNTY2YWVlN2Y5YTRkNzFlMGQ2N2Q5M2ZkOThmNjRlZDJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl29iMjGBP0r92hsEJD4Ophw73wKL /G3j/chIcvosi6KPzTX4AzK6YMJMrHkvyZBOH4lcHwydTvv8YVcMHFW+xXvo3s0S TgCKrMzHf+Ka9BUjClPhT8V9KlWS45G/Su9AFAmXv5yo8qFY3QyEbXD4xqRqTzCV nChZUldJBlw/3uWU0Nht4bkRxRFoLhJe45a3nt42Gs+sjU9RX+J47h2v0tbVO3k8 +9S02B9bM8Pdn0XUTRGYxvE8RQPxEqjTcHoXgkUD08uzxk30btE4xeUI1l0OCiFV Quhxw58jBrEsESnzwLUBm0AD16/OuF+POGQpdJR9WtkwSFIhFnFHPB2hlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCmX49Vmruf5pNceDWfZP9mPZO0rMB8GA1UdIwQY MBaAFCEB9Dneuv9YgDldePC7+tjKdgi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgt ZTNkZWZiN2UyNTE4LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgtZTNkZWZiN2UyNTE4 LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVqfC9YU2 SmYTCQwP4p3bDVQuvf90Wn3gIMfhty8SupcZtiHKPelwn3WdF5e5/dKNUCFQWbGB czE+n1gubHrJMdAgrqdT7qUw275kCV40j7kyuRfZf+uiS2LDVLzjRapLNxlIgQNP j+2PjJf7dZV2ytryo/qwDPnYz8/x8xBScL1eldPD2sfgkCUK87rahnMGmXEIFMgO BtGr8ZeGbddURHLr/gKuxOExLJZ8ATgpQa+Zz0uHCbv1MBltwzGXRCuYVI293PVm Dd5RqGjO30eNm3rkkXhxg/me44Yqp27L6jVcshsFO3zNDkOwtr4IU+r7OPIAok/Y xEs7YQSwnQ+28Q== -----END CERTIFICATE-----Generated at Fri Dec 19 12:08:57 2025 by rpki-client