This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.mft File: Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.mft (raw, json) Hash identifier: MD+P46LcfDOIqR/gixmF7K3T7C4EBHuFeZUcwm7JIdk= Subject key identifier: 7E:A8:CB:96:9B:DA:AA:2B:7B:DD:66:5C:71:F2:51:3E:C8:14:A0:14 Authority key identifier: 21:CF:53:48:1D:13:3B:AC:F5:27:86:8D:BA:1B:37:63:E3:D6:DD:A7 Certificate issuer: /CN=21cf53481d133bacf527868dba1b3763e3d6dda7 Certificate serial: 019B5A1B05BFE9435E82C91962C804316474 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.mft Manifest number: 075A Signing time: Fri 26 Dec 2025 10:01:18 +0000 Manifest this update: Fri 26 Dec 2025 10:01:18 +0000 Manifest next update: Sat 27 Dec 2025 10:01:18 +0000 Files and hashes: 1: BkDrM4-atcp10Br--qbvg_yK1zg.roa (hash: OQTXLqdYWvwdj8zXSXiFu8x5dJlCSPxgy4/Qhi1Yohc=) 2: Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.crl (hash: 6KNqq1/3Nng0Vw9fBfYDND3gN7nJh3ur4d19BF0WZJg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.crl rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.mft rsync://rpki.ripe.net/repository/DEFAULT/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1b:05:bf:e9:43:5e:82:c9:19:62:c8:04:31:64:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21cf53481d133bacf527868dba1b3763e3d6dda7 Validity Not Before: Dec 26 10:01:18 2025 GMT Not After : Dec 27 10:01:18 2025 GMT Subject: CN=7ea8cb969bdaaa2b7bdd665c71f2513ec814a014 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:af:57:e5:d2:73:c4:9c:c0:83:b7:e8:48:3e: 3d:ad:80:64:cc:e4:9a:62:f4:61:62:f4:6a:ae:6c: 78:2c:c8:48:79:43:76:29:a3:d0:c0:63:00:66:eb: 1e:e4:11:e9:5d:72:9b:2e:72:61:a8:45:88:65:5c: 89:a9:b0:f4:09:13:92:1c:b4:02:fc:27:98:c2:6a: bf:c0:15:84:f7:49:b8:89:e4:10:31:cb:68:c6:8b: ed:03:20:fc:f5:d8:47:6f:33:6e:a4:fa:49:a5:84: f8:e2:77:07:49:91:2e:3d:b7:af:dd:34:f1:83:ef: 0a:e2:a7:4f:9b:d5:09:b9:3a:82:e0:a6:fc:9e:82: 48:2c:1f:22:48:d4:70:44:20:a5:27:98:2a:41:4b: 7b:f2:28:3b:5b:5f:d7:5c:f7:bd:07:15:8a:b1:c8: 68:fd:26:dc:98:11:d1:52:3a:a3:2f:39:d3:0d:2f: 88:98:f6:bf:87:e9:4c:46:33:ab:7f:b0:29:4d:31: 79:15:08:58:f9:b2:28:a6:2c:8a:4c:f6:10:21:bc: 41:04:d6:0c:08:d0:f3:c6:00:2c:a3:b9:3d:5b:7a: 55:6e:2c:6e:cb:cb:81:c0:2c:d7:21:73:90:03:e2: 52:1a:5a:c8:a7:fe:59:7e:a1:6d:5a:b8:60:d4:6f: 71:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:A8:CB:96:9B:DA:AA:2B:7B:DD:66:5C:71:F2:51:3E:C8:14:A0:14 X509v3 Authority Key Identifier: keyid:21:CF:53:48:1D:13:3B:AC:F5:27:86:8D:BA:1B:37:63:E3:D6:DD:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/725b88-c523-4313-9e30-02c1e19a71d5/1/Ic9TSB0TO6z1J4aNuhs3Y-PW3ac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:5d:50:9b:69:88:74:8c:ba:3b:6f:18:1f:cc:49:bb:90:3f: c7:8c:35:7c:b4:02:d3:13:5d:9e:c3:72:77:37:9e:c3:0b:aa: 3d:ce:b7:f6:03:90:e3:43:25:5d:0f:a4:f7:ab:fb:19:0e:3b: c2:10:be:d1:03:4a:ca:f7:e4:5c:23:a1:92:d2:5f:42:f0:29: 1e:c2:e1:cf:c4:63:7c:1b:90:2a:a9:ab:4a:11:17:fd:b0:e6: f6:ca:a8:d8:af:be:72:e5:54:88:24:37:1c:af:d6:b8:6c:e4: 52:59:9c:32:19:2f:34:e6:17:f4:28:fe:10:02:1f:ab:15:46: 34:9b:b3:ba:ff:58:09:64:49:26:11:40:c7:43:ad:b2:5a:c8: 0b:80:0a:14:f8:9d:e4:45:e5:7b:a8:80:a0:f0:7c:2b:ba:fe: 0e:47:1e:b8:a8:5a:9f:a7:c7:f4:07:08:31:00:78:07:b0:56: a7:d7:66:be:64:a5:f3:c9:6d:38:eb:13:a5:01:bb:9e:f7:5a: 56:92:2d:54:35:3d:9a:70:c6:37:6c:2b:d2:76:44:51:0a:c4: c8:10:79:b8:6d:54:5d:c7:b9:31:d4:8c:0e:c2:30:52:fa:6c: dd:18:48:5c:3a:b8:6a:91:2d:f3:dd:23:3b:3c:bb:97:dc:6c: 34:1e:92:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGwW/6UNegskZYsgEMWR0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxY2Y1MzQ4MWQxMzNiYWNmNTI3ODY4ZGJhMWIzNzYzZTNk NmRkYTcwHhcNMjUxMjI2MTAwMTE4WhcNMjUxMjI3MTAwMTE4WjAzMTEwLwYDVQQD Eyg3ZWE4Y2I5NjliZGFhYTJiN2JkZDY2NWM3MWYyNTEzZWM4MTRhMDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa9X5dJzxJzAg7foSD49rYBkzOSa YvRhYvRqrmx4LMhIeUN2KaPQwGMAZuse5BHpXXKbLnJhqEWIZVyJqbD0CROSHLQC /CeYwmq/wBWE90m4ieQQMctoxovtAyD89dhHbzNupPpJpYT44ncHSZEuPbev3TTx g+8K4qdPm9UJuTqC4Kb8noJILB8iSNRwRCClJ5gqQUt78ig7W1/XXPe9BxWKscho /SbcmBHRUjqjLznTDS+ImPa/h+lMRjOrf7ApTTF5FQhY+bIopiyKTPYQIbxBBNYM CNDzxgAso7k9W3pVbixuy8uBwCzXIXOQA+JSGlrIp/5ZfqFtWrhg1G9x+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH6oy5ab2qore91mXHHyUT7IFKAUMB8GA1UdIwQY MBaAFCHPU0gdEzus9SeGjbobN2Pj1t2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWM5VFNCMFRPNnoxSjRhTnVoczNZLVBXM2FjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS83MjViODgtYzUyMy00MzEzLTllMzAt MDJjMWUxOWE3MWQ1LzEvSWM5VFNCMFRPNnoxSjRhTnVoczNZLVBXM2FjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS83MjViODgtYzUyMy00MzEzLTllMzAtMDJjMWUxOWE3MWQ1 LzEvSWM5VFNCMFRPNnoxSjRhTnVoczNZLVBXM2FjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIV1Qm2mI dIy6O28YH8xJu5A/x4w1fLQC0xNdnsNydzeewwuqPc639gOQ40MlXQ+k96v7GQ47 whC+0QNKyvfkXCOhktJfQvApHsLhz8RjfBuQKqmrShEX/bDm9sqo2K++cuVUiCQ3 HK/WuGzkUlmcMhkvNOYX9Cj+EAIfqxVGNJuzuv9YCWRJJhFAx0OtslrIC4AKFPid 5EXle6iAoPB8K7r+DkceuKhan6fH9AcIMQB4B7BWp9dmvmSl88ltOOsTpQG7nvda VpItVDU9mnDGN2wr0nZEUQrEyBB5uG1UXce5MdSMDsIwUvps3RhIXDq4apEt890j Ozy7l9xsNB6SRQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:46:23 2025 by rpki-client