This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft File: i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft (raw, json) Hash identifier: l5z11h3Dta6X26d5u7SP7/4BAfI4/92s81pK08UktHI= Subject key identifier: 0C:DD:68:AC:8B:92:93:06:89:91:1F:05:18:EA:91:10:00:B5:3A:3D Authority key identifier: 8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24 Certificate issuer: /CN=8bd8931f63579428bf08ccb199a3a98dcba6b824 Certificate serial: 019B39EA950E58AD360D1FB74C309B37DF56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft Manifest number: 0C5E Signing time: Sat 20 Dec 2025 04:00:33 +0000 Manifest this update: Sat 20 Dec 2025 04:00:33 +0000 Manifest next update: Sun 21 Dec 2025 04:00:33 +0000 Files and hashes: 1: i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl (hash: Hp8oudhOGe8BNJj1HJTyv8WTd4X+X71on1I+Ohw11YI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:ea:95:0e:58:ad:36:0d:1f:b7:4c:30:9b:37:df:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bd8931f63579428bf08ccb199a3a98dcba6b824 Validity Not Before: Dec 20 04:00:33 2025 GMT Not After : Dec 21 04:00:33 2025 GMT Subject: CN=0cdd68ac8b92930689911f0518ea911000b53a3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:db:21:dd:2f:80:8e:ff:61:aa:85:7b:fc:ff: f5:a7:ff:bd:19:69:df:70:3b:76:41:e9:42:77:d3: 4c:e3:ac:01:82:4b:a0:ff:9f:36:3c:40:94:8c:0e: 88:e0:fc:ac:a2:72:20:c2:97:93:0b:31:eb:8b:6f: e1:52:49:2d:9a:44:b1:26:ef:c1:25:bc:83:f2:0f: 77:4f:11:27:5b:76:cb:07:02:26:ff:de:d1:c4:56: f0:df:cd:c9:64:5e:eb:f7:be:85:b2:82:ae:b0:75: 6d:3c:b0:cc:60:7d:79:ef:5a:ba:9a:85:c8:83:cf: f7:a7:34:cd:68:e9:57:7e:0d:7e:88:e2:03:28:b7: 6e:f7:fa:6a:71:8f:eb:3f:e4:2a:24:17:7e:2d:50: 81:18:78:48:b9:32:17:12:6b:44:43:d4:07:9d:d9: 78:9f:6a:a3:96:f8:2f:e7:10:98:bd:02:10:38:09: 05:a9:95:bb:d0:14:48:68:22:74:4f:73:12:f4:47: 22:18:50:40:b9:15:73:a1:3d:d1:56:1f:4a:fd:31: 5f:e6:97:e1:83:58:24:6c:70:b8:19:c0:ac:5a:29: 10:1e:bc:4b:08:cb:8b:78:43:2c:07:55:87:84:5f: 96:60:74:aa:36:14:ce:33:cd:25:dd:38:bc:68:de: 9e:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:DD:68:AC:8B:92:93:06:89:91:1F:05:18:EA:91:10:00:B5:3A:3D X509v3 Authority Key Identifier: keyid:8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:ed:ec:66:02:c4:7b:e8:ac:d1:04:5e:3e:4a:77:b0:a7:f7: a7:6d:10:f9:8d:6a:4f:8f:d5:f3:30:b7:b2:25:57:94:7c:2e: a6:45:2a:76:db:d6:5d:a1:41:d8:0d:41:47:05:71:fb:45:ee: 63:98:5c:17:0a:bd:ba:14:68:82:c8:b2:08:7f:36:e9:5b:c7: f3:76:4d:e7:62:dc:05:3e:7c:91:be:71:d2:91:9e:c5:9d:b0: 35:cc:c4:a8:ce:74:9b:2e:32:ad:04:df:2b:b8:d0:b6:9a:5a: 3a:97:4a:69:1c:8b:30:93:fd:a0:84:32:51:79:66:19:d8:de: 2c:38:e1:a1:41:2d:7c:1f:1c:9c:2b:57:96:45:18:11:45:e0: 70:eb:92:59:99:18:a4:c4:7b:56:a5:0c:48:6b:87:bc:97:ae: 34:cb:c8:2a:d4:b3:dc:3f:a4:0d:cb:e5:ec:d1:00:4c:a8:17: 81:dd:6e:04:45:41:21:61:5d:98:c1:2e:13:f4:9e:81:7b:df: 14:ef:34:bb:46:d5:35:18:b8:86:2c:be:4f:cb:2a:b9:a4:0f: 9c:78:2e:0f:74:bc:1f:62:8c:33:d2:85:50:2e:ea:31:8d:92: 63:0f:50:a4:e7:9f:33:00:98:ea:70:9c:4d:b2:91:92:8f:e7: 64:87:c2:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs56pUOWK02DR+3TDCbN99WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiZDg5MzFmNjM1Nzk0MjhiZjA4Y2NiMTk5YTNhOThkY2Jh NmI4MjQwHhcNMjUxMjIwMDQwMDMzWhcNMjUxMjIxMDQwMDMzWjAzMTEwLwYDVQQD EygwY2RkNjhhYzhiOTI5MzA2ODk5MTFmMDUxOGVhOTExMDAwYjUzYTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodsh3S+Ajv9hqoV7/P/1p/+9GWnf cDt2QelCd9NM46wBgkug/582PECUjA6I4PysonIgwpeTCzHri2/hUkktmkSxJu/B JbyD8g93TxEnW3bLBwIm/97RxFbw383JZF7r976FsoKusHVtPLDMYH1571q6moXI g8/3pzTNaOlXfg1+iOIDKLdu9/pqcY/rP+QqJBd+LVCBGHhIuTIXEmtEQ9QHndl4 n2qjlvgv5xCYvQIQOAkFqZW70BRIaCJ0T3MS9EciGFBAuRVzoT3RVh9K/TFf5pfh g1gkbHC4GcCsWikQHrxLCMuLeEMsB1WHhF+WYHSqNhTOM80l3Ti8aN6e5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAzdaKyLkpMGiZEfBRjqkRAAtTo9MB8GA1UdIwQY MBaAFIvYkx9jV5QovwjMsZmjqY3LprgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEt NGVlMTZkNmM4MGE2LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEtNGVlMTZkNmM4MGE2 LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAee3sZgLE e+is0QRePkp3sKf3p20Q+Y1qT4/V8zC3siVXlHwupkUqdtvWXaFB2A1BRwVx+0Xu Y5hcFwq9uhRogsiyCH826VvH83ZN52LcBT58kb5x0pGexZ2wNczEqM50my4yrQTf K7jQtppaOpdKaRyLMJP9oIQyUXlmGdjeLDjhoUEtfB8cnCtXlkUYEUXgcOuSWZkY pMR7VqUMSGuHvJeuNMvIKtSz3D+kDcvl7NEATKgXgd1uBEVBIWFdmMEuE/SegXvf FO80u0bVNRi4hiy+T8squaQPnHguD3S8H2KMM9KFUC7qMY2SYw9QpOefMwCY6nCc TbKRko/nZIfC+Q== -----END CERTIFICATE-----Generated at Sat Dec 20 07:17:43 2025 by rpki-client