This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/538194-7560-4456-b45c-ca26c22cfafd/1/imlbOroepOZUeIxRZBRYzJlXgEA.mft File: imlbOroepOZUeIxRZBRYzJlXgEA.mft (raw, json) Hash identifier: 3j35QFh4X3XqE0LLl682S7m+K3rUryCBWfLQlPpcHb4= Subject key identifier: D9:1D:F1:94:AE:17:45:70:E0:5D:82:55:24:62:A8:51:28:EE:E7:FE Authority key identifier: 8A:69:5B:3A:BA:1E:A4:E6:54:78:8C:51:64:14:58:CC:99:57:80:40 Certificate issuer: /CN=8a695b3aba1ea4e654788c51641458cc99578040 Certificate serial: 019B40C8DADAD36632ADF47EC0EEFAE0DC43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imlbOroepOZUeIxRZBRYzJlXgEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/538194-7560-4456-b45c-ca26c22cfafd/1/imlbOroepOZUeIxRZBRYzJlXgEA.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 12:01:03 +0000 Manifest this update: Sun 21 Dec 2025 12:01:03 +0000 Manifest next update: Mon 22 Dec 2025 12:01:03 +0000 Files and hashes: 1: imlbOroepOZUeIxRZBRYzJlXgEA.crl (hash: YP50FsecPEEgB0le4OxIIlI08Wu+6EN3cjHbJRRf3Vw=) 2: xXvpynv9RLlNuhH_ScFehFzRtz4.roa (hash: QSdQRW1EuXcu0ntbVvgh9fj5LXlqpMEhY2XBCGX6qp8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/538194-7560-4456-b45c-ca26c22cfafd/1/imlbOroepOZUeIxRZBRYzJlXgEA.crl rsync://rpki.ripe.net/repository/DEFAULT/34/538194-7560-4456-b45c-ca26c22cfafd/1/imlbOroepOZUeIxRZBRYzJlXgEA.mft rsync://rpki.ripe.net/repository/DEFAULT/imlbOroepOZUeIxRZBRYzJlXgEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:da:da:d3:66:32:ad:f4:7e:c0:ee:fa:e0:dc:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a695b3aba1ea4e654788c51641458cc99578040 Validity Not Before: Dec 21 12:01:03 2025 GMT Not After : Dec 22 12:01:03 2025 GMT Subject: CN=d91df194ae174570e05d82552462a85128eee7fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:62:f5:37:b0:ac:19:77:7c:d0:38:1f:14:2c: 30:58:c1:0b:24:71:01:53:c2:1c:4a:b9:43:c3:50: be:1e:3c:5e:db:9f:b5:24:d4:15:5f:2d:82:42:e2: 5a:ef:2e:42:1b:0d:43:1a:c8:7b:e4:89:6d:e1:94: 3f:5d:15:ea:3a:d1:df:5f:59:c2:43:83:29:6b:6d: d9:54:84:44:a6:c5:e0:eb:55:29:9d:f8:79:5a:62: 3e:7f:ab:2e:d3:35:1b:12:b3:cc:14:6a:66:4e:98: 69:15:33:d8:d3:53:b5:60:6e:c8:79:01:6c:b9:61: 2a:bc:90:dd:6c:9a:3c:4f:a6:a7:0b:5f:84:89:c8: 2b:d2:7c:0e:2f:5d:be:f8:9f:4b:04:18:03:bd:80: 51:04:40:13:98:7e:72:e7:6b:8c:70:7f:49:41:5f: 3c:82:62:20:65:15:1a:a1:e9:01:ea:15:11:c4:74: cf:8f:a6:7a:66:a3:8d:fb:e5:92:2f:28:82:5f:d2: ee:37:71:21:9d:44:9a:a0:6a:59:82:44:52:84:d9: 68:ad:86:d0:9f:fe:8a:42:cb:dc:71:2d:ca:a4:33: e6:a2:d4:06:d1:06:f5:6e:9d:04:4f:ce:db:62:ad: 9c:c2:a1:e4:01:27:db:ff:96:9a:a0:5b:a4:22:37: a3:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:1D:F1:94:AE:17:45:70:E0:5D:82:55:24:62:A8:51:28:EE:E7:FE X509v3 Authority Key Identifier: keyid:8A:69:5B:3A:BA:1E:A4:E6:54:78:8C:51:64:14:58:CC:99:57:80:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imlbOroepOZUeIxRZBRYzJlXgEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/538194-7560-4456-b45c-ca26c22cfafd/1/imlbOroepOZUeIxRZBRYzJlXgEA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/538194-7560-4456-b45c-ca26c22cfafd/1/imlbOroepOZUeIxRZBRYzJlXgEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:d0:94:9f:1f:f4:4e:1e:70:2a:27:17:3d:16:27:da:4b:df: 98:50:b6:1f:47:27:eb:ce:40:6f:fb:0d:f3:7d:88:b9:c6:9a: b0:37:9a:90:e1:8b:dc:c0:a8:66:25:f8:2b:1c:99:40:f8:9e: c6:d0:9e:cc:b2:f5:d0:92:f6:70:bb:c6:bb:75:d2:bf:f9:9a: a4:20:c8:14:2b:31:c0:d8:e0:c8:85:48:e7:7f:4b:ce:5c:af: 64:16:80:38:c8:cd:df:eb:fb:43:b9:2c:d9:1b:f8:5d:98:ab: 4a:39:78:5d:cc:97:51:fa:f1:a0:db:6e:2c:91:7c:78:1f:ff: 49:00:cf:63:f0:2c:73:07:d5:ca:63:df:94:07:a2:ce:e4:58: 4c:31:e8:d1:1b:7b:52:c1:36:19:8a:7f:63:9d:ca:63:db:b1: 6b:b5:cb:34:aa:27:ec:e7:9f:d5:c0:f5:16:2d:7f:42:16:45: bc:cb:dd:22:3a:e1:7a:96:19:68:91:c6:ee:79:6c:1f:24:01: c7:76:7b:c4:3c:4d:83:1f:21:ce:bc:b7:c3:a2:a9:e7:88:cc: 95:59:31:f6:2c:0f:2b:e7:0e:5e:23:d0:a1:27:b9:c3:7d:c8: dc:56:0b:82:35:75:9f:0e:1e:c1:7a:9c:b9:5a:17:69:19:f0: 6b:d9:b1:8f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyNra02YyrfR+wO764NxDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhNjk1YjNhYmExZWE0ZTY1NDc4OGM1MTY0MTQ1OGNjOTk1 NzgwNDAwHhcNMjUxMjIxMTIwMTAzWhcNMjUxMjIyMTIwMTAzWjAzMTEwLwYDVQQD EyhkOTFkZjE5NGFlMTc0NTcwZTA1ZDgyNTUyNDYyYTg1MTI4ZWVlN2ZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWL1N7CsGXd80DgfFCwwWMELJHEB U8IcSrlDw1C+Hjxe25+1JNQVXy2CQuJa7y5CGw1DGsh75Ilt4ZQ/XRXqOtHfX1nC Q4Mpa23ZVIREpsXg61Upnfh5WmI+f6su0zUbErPMFGpmTphpFTPY01O1YG7IeQFs uWEqvJDdbJo8T6anC1+Eicgr0nwOL12++J9LBBgDvYBRBEATmH5y52uMcH9JQV88 gmIgZRUaoekB6hURxHTPj6Z6ZqON++WSLyiCX9LuN3EhnUSaoGpZgkRShNlorYbQ n/6KQsvccS3KpDPmotQG0Qb1bp0ET87bYq2cwqHkASfb/5aaoFukIjejWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNkd8ZSuF0Vw4F2CVSRiqFEo7uf+MB8GA1UdIwQY MBaAFIppWzq6HqTmVHiMUWQUWMyZV4BAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaW1sYk9yb2VwT1pVZUl4UlpCUll6SmxYZ0VBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81MzgxOTQtNzU2MC00NDU2LWI0NWMt Y2EyNmMyMmNmYWZkLzEvaW1sYk9yb2VwT1pVZUl4UlpCUll6SmxYZ0VBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC81MzgxOTQtNzU2MC00NDU2LWI0NWMtY2EyNmMyMmNmYWZk LzEvaW1sYk9yb2VwT1pVZUl4UlpCUll6SmxYZ0VBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9CUnx/0 Th5wKicXPRYn2kvfmFC2H0cn685Ab/sN832IucaasDeakOGL3MCoZiX4KxyZQPie xtCezLL10JL2cLvGu3XSv/mapCDIFCsxwNjgyIVI539LzlyvZBaAOMjN3+v7Q7ks 2Rv4XZirSjl4XcyXUfrxoNtuLJF8eB//SQDPY/AscwfVymPflAeizuRYTDHo0Rt7 UsE2GYp/Y53KY9uxa7XLNKon7Oef1cD1Fi1/QhZFvMvdIjrhepYZaJHG7nlsHyQB x3Z7xDxNgx8hzry3w6Kp54jMlVkx9iwPK+cOXiPQoSe5w33I3FYLgjV1nw4ewXqc uVoXaRnwa9mxjw== -----END CERTIFICATE-----Generated at Sun Dec 21 21:15:52 2025 by rpki-client