This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft File: IPblO2l60mO0uk6kmBQ2aog7VK0.mft (raw, json) Hash identifier: sCpzhWIlrmYuYP/E2QZxbjXsdj1PZSqitWRVuKrkBBY= Subject key identifier: 29:A3:28:CE:6F:25:F7:4F:84:F3:21:DF:F6:8E:C9:D3:CA:5B:BC:85 Authority key identifier: 20:F6:E5:3B:69:7A:D2:63:B4:BA:4E:A4:98:14:36:6A:88:3B:54:AD Certificate issuer: /CN=20f6e53b697ad263b4ba4ea49814366a883b54ad Certificate serial: 019B5975A5EA44E1C6B898A37BA35C50B375 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft Manifest number: 1796 Signing time: Fri 26 Dec 2025 07:00:40 +0000 Manifest this update: Fri 26 Dec 2025 07:00:40 +0000 Manifest next update: Sat 27 Dec 2025 07:00:40 +0000 Files and hashes: 1: APkFGhaR8YtianTelxgsgSDeVhM.roa (hash: 2Pdlo7CTCPlVPPRVRRuXnXVCI5TavhpFPnrp+xkks5o=) 2: IPblO2l60mO0uk6kmBQ2aog7VK0.crl (hash: v6XeLhM8Tmwof65dMXfazJrUfjFY7zkLq4kdXYIg3SQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.crl rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:a5:ea:44:e1:c6:b8:98:a3:7b:a3:5c:50:b3:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20f6e53b697ad263b4ba4ea49814366a883b54ad Validity Not Before: Dec 26 07:00:40 2025 GMT Not After : Dec 27 07:00:40 2025 GMT Subject: CN=29a328ce6f25f74f84f321dff68ec9d3ca5bbc85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:25:2a:2f:87:68:7e:69:e6:81:64:6b:4a:ad: 73:de:97:d2:15:7e:41:39:6b:4f:84:b3:e5:51:9c: 73:ce:f1:fc:e2:4c:12:9d:66:1a:f9:a2:2a:24:3e: 16:87:98:cd:a6:52:10:d3:6d:3f:f2:f5:eb:24:54: 56:3d:51:04:a2:86:ac:eb:01:e6:25:65:94:23:df: 71:01:a5:3f:87:dd:90:c3:49:6c:cd:ec:4c:29:b3: 77:a0:d7:23:fc:c6:3f:3b:a2:3e:19:ee:e6:f6:44: 93:ab:96:f3:70:86:8a:03:2b:9d:2e:0a:e7:b9:5b: 65:32:8f:d3:64:b9:c2:90:3d:2f:ae:ec:61:59:44: 46:3b:7a:ce:c8:27:3d:ad:97:02:d3:a2:53:01:6b: 6a:7b:2c:17:81:89:8c:99:e5:7c:39:48:39:79:ac: ac:19:74:fb:e0:f1:fd:f5:8e:8f:1f:99:db:ab:95: 33:13:6a:07:37:3a:1b:9a:e1:a5:c4:3a:df:12:87: c1:9d:cc:b2:a9:3e:2d:b2:f5:2a:44:d3:ae:96:67: da:60:f2:1c:bd:15:c7:b4:a7:af:4c:f4:e9:05:df: b5:9c:40:27:4d:7d:12:2c:81:91:ee:07:cd:e4:3f: 11:95:b6:1b:5a:9f:dd:9b:87:54:0c:52:af:02:ab: e4:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A3:28:CE:6F:25:F7:4F:84:F3:21:DF:F6:8E:C9:D3:CA:5B:BC:85 X509v3 Authority Key Identifier: keyid:20:F6:E5:3B:69:7A:D2:63:B4:BA:4E:A4:98:14:36:6A:88:3B:54:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPblO2l60mO0uk6kmBQ2aog7VK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7576a-4363-4984-b4c7-b1f29cccce55/1/IPblO2l60mO0uk6kmBQ2aog7VK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:45:d1:68:4a:4b:2a:dc:49:b4:26:d5:66:22:33:c1:e2:43: c8:08:c7:3c:3f:41:cb:17:e1:84:4c:f2:16:25:73:35:0b:42: 73:7a:a8:bb:00:0d:27:2c:4f:05:98:4e:99:3a:e5:13:b7:df: 60:ec:7a:a0:60:d7:5e:18:9d:3c:c7:53:8e:2d:12:20:32:72: b6:b3:df:d8:65:39:41:50:5f:a8:65:5b:d4:ff:52:e3:13:86: 14:f0:77:41:96:22:ec:b8:1f:b9:b2:31:34:f2:b7:28:60:22: ed:b6:43:2d:9f:1d:41:5e:f4:93:ae:ab:67:f0:df:9a:43:9b: 35:68:5a:f2:4e:a7:79:2d:2d:72:e4:03:c7:ef:17:7e:06:e5: 66:af:50:d7:b7:3c:98:3c:80:ec:73:06:e2:5f:23:76:ac:18: f7:68:ea:f7:1a:72:e1:50:11:ae:fb:ec:32:eb:bc:ee:88:be: ce:71:8d:a5:0a:0c:1c:01:47:2f:3e:9d:b2:5b:63:f3:b0:d9: ec:d0:a9:e4:d5:36:7c:ed:87:3d:d5:e0:06:76:04:e3:7a:e2: 11:56:2c:0b:4d:9c:19:dc:38:06:e4:14:dc:aa:aa:30:29:1a: 3c:39:90:17:97:3b:c5:40:e5:c4:eb:c7:f3:6a:e3:06:bb:57: 93:d7:cb:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdaXqROHGuJije6NcULN1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZjZlNTNiNjk3YWQyNjNiNGJhNGVhNDk4MTQzNjZhODgz YjU0YWQwHhcNMjUxMjI2MDcwMDQwWhcNMjUxMjI3MDcwMDQwWjAzMTEwLwYDVQQD EygyOWEzMjhjZTZmMjVmNzRmODRmMzIxZGZmNjhlYzlkM2NhNWJiYzg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CUqL4dofmnmgWRrSq1z3pfSFX5B OWtPhLPlUZxzzvH84kwSnWYa+aIqJD4Wh5jNplIQ020/8vXrJFRWPVEEooas6wHm JWWUI99xAaU/h92Qw0lszexMKbN3oNcj/MY/O6I+Ge7m9kSTq5bzcIaKAyudLgrn uVtlMo/TZLnCkD0vruxhWURGO3rOyCc9rZcC06JTAWtqeywXgYmMmeV8OUg5eays GXT74PH99Y6PH5nbq5UzE2oHNzobmuGlxDrfEofBncyyqT4tsvUqRNOulmfaYPIc vRXHtKevTPTpBd+1nEAnTX0SLIGR7gfN5D8RlbYbWp/dm4dUDFKvAqvkgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCmjKM5vJfdPhPMh3/aOydPKW7yFMB8GA1UdIwQY MBaAFCD25TtpetJjtLpOpJgUNmqIO1StMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lNzU3NmEtNDM2My00OTg0LWI0Yzct YjFmMjljY2NjZTU1LzEvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9lNzU3NmEtNDM2My00OTg0LWI0YzctYjFmMjljY2NjZTU1 LzEvSVBibE8ybDYwbU8wdWs2a21CUTJhb2c3VkswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiEXRaEpL KtxJtCbVZiIzweJDyAjHPD9ByxfhhEzyFiVzNQtCc3qouwANJyxPBZhOmTrlE7ff YOx6oGDXXhidPMdTji0SIDJytrPf2GU5QVBfqGVb1P9S4xOGFPB3QZYi7LgfubIx NPK3KGAi7bZDLZ8dQV70k66rZ/DfmkObNWha8k6neS0tcuQDx+8XfgblZq9Q17c8 mDyA7HMG4l8jdqwY92jq9xpy4VARrvvsMuu87oi+znGNpQoMHAFHLz6dsltj87DZ 7NCp5NU2fO2HPdXgBnYE43riEVYsC02cGdw4BuQU3KqqMCkaPDmQF5c7xUDlxOvH 82rjBrtXk9fLpQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:44:05 2025 by rpki-client