This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft File: iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft (raw, json) Hash identifier: RPLFnlHyWipysLTZ+swtnr0L2wW4TejqbPGVmFi0xHo= Subject key identifier: 1A:F8:39:41:ED:67:85:98:E4:74:98:78:1E:A6:32:54:BC:E9:04:56 Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108 Certificate serial: 019B1C4E3B357E7C4CB006983D11ADAF8003 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft Manifest number: 1785 Signing time: Sun 14 Dec 2025 10:00:47 +0000 Manifest this update: Sun 14 Dec 2025 10:00:47 +0000 Manifest next update: Mon 15 Dec 2025 10:00:47 +0000 Files and hashes: 1: 1DkWoYQm2CYL8NcPditLkUCz0lY.roa (hash: WyOC+C/qv1YH3uRFOHpvx69KEYldJQ9ngZYV7GVibxI=) 2: 6qHqGf1lu-fFKG9vb1_H15ADuJo.roa (hash: gDMApq50Y9wGQLSLp13vWrDWiuCmDUvoHVz6wC2AjEE=) 3: G-FIewDyYURdVBX87-3ph-Fu2uw.roa (hash: f7Fx/6OTf/ktcM8IxD8m+/K+/8kQL0F2zDEJFMd2eac=) 4: K-N36rOGMrajAoKgQRnFws3cYZQ.roa (hash: nuImM5LcJvcHXxZcDwo2uunodGLbKRgkWdkeXxE++0Y=) 5: LSo0XxjpXr0DzXCFwSii4YX0VQQ.roa (hash: 2mkDU8WQtOKRRgS6azU91vya8dzOKN960jNf5zxA1Jo=) 6: YaHy853da93BgH6RfguxUPJfVLo.roa (hash: 0j9KCyGYrKnVsUjih9K2QETrLLFsgZaBmann0nAUaSU=) 7: fRZWH_M0OyQ2q7C3l2YZBzviPzY.roa (hash: F07+RgoevJOf1u0ML2Jb2xCzFrPFpbtH07Gxnbmp3Hg=) 8: h5s-RrqHnVtybQpFRQ5VYLEm6yM.roa (hash: /wt/zGlyKyo5yBKQsxdlAjFg6RgIZkpoAWM7K7t2AFA=) 9: iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl (hash: 25I2QR+7VrKMg/zuCVzHO1taTxpUYi4vaSo61d31Wos=) 10: kA7t86VhHLfxpZem9_pfnrfA8Jw.roa (hash: JdzmdB6Yw1EEixYlbi2OlJNyDFF6uk/A+LWmVNqQ7XY=) 11: w9tecX0WpG6EBeEQV6lN7pOizZM.roa (hash: r56/6xcnyNBLy2vRf5p/uK/JECPQgO4M3DafNXdoW0g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1c:4e:3b:35:7e:7c:4c:b0:06:98:3d:11:ad:af:80:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896a82a725ed22bb46847ae568912078de25c108 Validity Not Before: Dec 14 10:00:47 2025 GMT Not After : Dec 15 10:00:47 2025 GMT Subject: CN=1af83941ed678598e47498781ea63254bce90456 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:65:8f:fa:db:c2:bf:0d:c5:a4:96:65:43:95: 1b:59:fd:6c:a0:90:70:e4:93:6a:cb:15:e6:e1:70: 6e:3a:36:fb:ab:bd:bc:e5:77:7b:87:74:ee:44:bc: ad:49:d2:56:fa:27:2a:e1:9b:27:f0:fc:ba:fa:83: d2:6e:ae:e7:db:13:35:7d:83:da:7b:b1:34:10:8a: 39:39:07:0c:c4:29:3f:9e:05:aa:fc:9e:d1:1c:be: c1:b7:95:e0:b8:75:0b:ab:4e:25:e0:a1:a6:86:82: d9:f2:4a:1d:9f:0a:aa:04:98:64:fb:fd:5b:ba:61: 7b:7b:9d:87:1b:5c:2e:0f:e2:8b:60:38:24:92:8a: 05:85:43:6a:3b:d5:d2:9b:d2:f1:e3:1e:da:7e:8d: 4a:9c:c6:c8:64:c8:21:8a:63:8a:48:79:72:8f:77: 07:97:4c:e4:21:71:91:e2:6f:64:b8:23:72:51:aa: d9:3d:b2:4f:48:13:2e:9f:1b:d9:5d:ae:2c:5e:39: 50:87:48:c7:7c:c7:50:25:bc:54:89:71:23:2f:3d: 32:93:44:7e:1d:ad:f2:1e:5e:ce:2f:9d:4d:3f:d7: 72:5e:45:69:3f:3d:8a:1a:b9:55:77:3c:8c:81:77: 14:5d:90:b9:59:a0:e3:ce:d4:5c:7d:a5:e1:be:c1: 30:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:F8:39:41:ED:67:85:98:E4:74:98:78:1E:A6:32:54:BC:E9:04:56 X509v3 Authority Key Identifier: keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d6:0a:cb:83:5a:14:ce:87:17:fe:67:ef:a5:b2:69:46:54:96: a9:02:98:87:4f:87:86:d0:24:b6:3c:86:89:11:7a:d3:91:cf: 17:b7:c0:4d:6c:ca:7a:dd:b3:2f:da:f0:ae:27:4f:2b:a7:8f: 77:f7:b4:e8:ae:d9:9a:2a:60:b6:91:ff:bf:ee:eb:6d:8c:4e: 47:a3:7f:8c:1c:07:2c:02:24:46:f3:50:de:de:97:cf:d7:67: ce:31:28:41:59:e2:54:b8:92:12:f8:ff:19:0f:f8:89:0d:f8: 29:79:1f:f1:78:0a:04:8b:cf:40:9c:84:6f:fe:63:0d:b9:4e: f4:e8:43:d2:95:b9:9e:04:e9:ce:a3:fe:4d:f6:ad:5e:30:4d: 14:f2:85:62:fb:ad:62:64:5e:5d:61:a8:24:f9:58:6b:23:ca: 15:6d:fc:a4:d1:60:df:9b:71:b8:7a:aa:24:34:d7:5b:bb:e5: 8b:b9:f9:81:25:5a:14:de:5e:35:e0:7b:9b:bd:72:50:f2:f0: fa:8c:6c:e3:b9:52:32:7c:3f:da:ff:e3:ca:46:2a:c5:df:76: e6:71:dc:ee:36:b6:3f:38:47:58:5d:9c:4d:e7:e0:5a:3f:b9: c0:87:b6:76:7f:4b:5a:4c:49:3f:a3:bc:e1:bc:0b:f9:7c:d2: 19:a2:88:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZscTjs1fnxMsAaYPRGtr4ADMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy NWMxMDgwHhcNMjUxMjE0MTAwMDQ3WhcNMjUxMjE1MTAwMDQ3WjAzMTEwLwYDVQQD EygxYWY4Mzk0MWVkNjc4NTk4ZTQ3NDk4NzgxZWE2MzI1NGJjZTkwNDU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmWP+tvCvw3FpJZlQ5UbWf1soJBw 5JNqyxXm4XBuOjb7q7285Xd7h3TuRLytSdJW+icq4Zsn8Py6+oPSbq7n2xM1fYPa e7E0EIo5OQcMxCk/ngWq/J7RHL7Bt5XguHULq04l4KGmhoLZ8kodnwqqBJhk+/1b umF7e52HG1wuD+KLYDgkkooFhUNqO9XSm9Lx4x7afo1KnMbIZMghimOKSHlyj3cH l0zkIXGR4m9kuCNyUarZPbJPSBMunxvZXa4sXjlQh0jHfMdQJbxUiXEjLz0yk0R+ Ha3yHl7OL51NP9dyXkVpPz2KGrlVdzyMgXcUXZC5WaDjztRcfaXhvsEw6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBr4OUHtZ4WY5HSYeB6mMlS86QRWMB8GA1UdIwQY MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt MDQwMTI3MTAyMjA5LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5 LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1grLg1oU zocX/mfvpbJpRlSWqQKYh0+HhtAktjyGiRF605HPF7fATWzKet2zL9rwridPK6eP d/e06K7ZmipgtpH/v+7rbYxOR6N/jBwHLAIkRvNQ3t6Xz9dnzjEoQVniVLiSEvj/ GQ/4iQ34KXkf8XgKBIvPQJyEb/5jDblO9OhD0pW5ngTpzqP+TfatXjBNFPKFYvut YmReXWGoJPlYayPKFW38pNFg35txuHqqJDTXW7vli7n5gSVaFN5eNeB7m71yUPLw +oxs47lSMnw/2v/jykYqxd925nHc7ja2PzhHWF2cTefgWj+5wIe2dn9LWkxJP6O8 4bwL+XzSGaKI1A== -----END CERTIFICATE-----Generated at Sun Dec 14 14:41:04 2025 by rpki-client