This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft File: IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft (raw, json) Hash identifier: y9pDPdl+tDhU9iFv2H9MZkBh6JnkIv+HZuZEn6w66Po= Subject key identifier: 79:AF:E7:3B:23:3E:24:8B:F7:1C:D4:C3:2E:4E:79:9F:CD:CA:71:95 Authority key identifier: 21:D8:5D:23:1A:D5:4B:84:39:C2:AA:ED:91:A5:77:58:6A:C4:60:00 Certificate issuer: /CN=21d85d231ad54b8439c2aaed91a577586ac46000 Certificate serial: 019B39EAA15F5ED1B6DB2D88F6BF0E97EEC2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft Manifest number: 1288 Signing time: Sat 20 Dec 2025 04:00:36 +0000 Manifest this update: Sat 20 Dec 2025 04:00:36 +0000 Manifest next update: Sun 21 Dec 2025 04:00:36 +0000 Files and hashes: 1: IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl (hash: zLG2+RqSKg0875D13qraE4yZm6DM5VJuzPYK/s7+dPU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:ea:a1:5f:5e:d1:b6:db:2d:88:f6:bf:0e:97:ee:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21d85d231ad54b8439c2aaed91a577586ac46000 Validity Not Before: Dec 20 04:00:36 2025 GMT Not After : Dec 21 04:00:36 2025 GMT Subject: CN=79afe73b233e248bf71cd4c32e4e799fcdca7195 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:69:92:8d:a8:d4:4a:17:16:db:07:88:5a:71: e9:61:d5:e1:e4:42:2b:7c:ce:8d:48:0e:51:00:bb: 24:e3:62:7e:eb:68:ce:08:e3:08:48:c5:8a:0d:9d: 8b:3a:4b:3c:b8:82:18:7c:db:f8:fd:76:15:99:6a: ac:41:0f:52:1a:2e:6e:87:03:4c:e3:f3:5d:a5:be: ba:cb:87:76:c3:50:02:96:cd:4f:e2:12:5c:f8:4b: 81:b5:87:3f:d1:b0:57:5c:dc:c1:dd:2a:f5:e3:0d: a8:ac:0f:a2:d6:78:f0:ac:59:e3:91:15:33:d7:a0: 98:d7:67:8e:85:b4:b1:26:01:11:0d:89:ba:ec:b0: 11:b0:96:57:95:f3:86:f1:10:31:8c:91:49:1f:2c: 6c:72:08:bf:b7:6e:5a:ab:ef:ba:b2:a1:aa:d5:ce: b1:04:3c:f7:1c:49:f8:cc:4e:4d:af:ad:15:62:5b: e3:ba:5a:53:fa:21:fb:49:8c:ea:c5:ab:1a:99:24: 1f:26:b1:66:c7:b8:1e:a8:39:dd:9f:86:3b:98:83: c2:6c:da:e8:60:56:21:ce:eb:4f:9d:93:54:27:c2: cb:22:87:e4:3f:d8:7f:13:27:fc:47:d7:02:68:b9: 0d:29:90:dc:b5:ec:da:83:53:67:41:cc:90:4f:67: fe:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:AF:E7:3B:23:3E:24:8B:F7:1C:D4:C3:2E:4E:79:9F:CD:CA:71:95 X509v3 Authority Key Identifier: keyid:21:D8:5D:23:1A:D5:4B:84:39:C2:AA:ED:91:A5:77:58:6A:C4:60:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:20:56:ed:8f:cc:11:07:c0:c9:43:92:9e:79:c1:8f:3f:37: 53:cf:8e:f6:d2:29:2e:53:43:5c:d0:e1:77:31:5e:da:a8:be: 6e:33:c4:47:2c:c3:03:b8:9d:b4:a2:9e:9c:a5:8c:16:86:14: f6:13:f0:7d:35:0d:76:b6:46:60:e6:53:5a:e5:20:94:04:12: f2:f6:25:0e:e6:4b:41:15:a8:41:9e:97:40:71:43:e1:c5:70: 33:83:3c:51:a0:10:d9:d5:91:02:ec:19:b8:37:18:c3:39:35: 1a:68:51:4b:08:53:bf:b7:35:76:b5:d3:ea:01:9a:4a:82:01: d6:fe:1a:93:a5:f6:f6:f4:13:cc:ef:6f:be:d6:7b:2c:da:6a: bd:78:93:52:01:4f:65:7b:4b:a2:95:38:72:f8:7a:92:f8:05: 51:e1:a6:7d:2f:34:6b:bd:f8:eb:7e:36:c0:6f:60:8b:07:50: 1f:b8:33:74:5e:a5:0f:60:26:be:a1:a7:e2:8f:7a:a2:8a:06: eb:28:7f:93:41:cc:4d:71:59:14:e1:e7:46:0c:61:60:c2:0d: 12:96:18:5b:f3:44:da:9d:cb:88:f7:cf:16:e0:47:ba:ec:9a: 56:07:5c:37:51:b5:8f:62:aa:88:8d:92:b9:4f:2c:f4:02:0e: 5e:32:53:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs56qFfXtG22y2I9r8Ol+7CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxZDg1ZDIzMWFkNTRiODQzOWMyYWFlZDkxYTU3NzU4NmFj NDYwMDAwHhcNMjUxMjIwMDQwMDM2WhcNMjUxMjIxMDQwMDM2WjAzMTEwLwYDVQQD Eyg3OWFmZTczYjIzM2UyNDhiZjcxY2Q0YzMyZTRlNzk5ZmNkY2E3MTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmmSjajUShcW2weIWnHpYdXh5EIr fM6NSA5RALsk42J+62jOCOMISMWKDZ2LOks8uIIYfNv4/XYVmWqsQQ9SGi5uhwNM 4/Ndpb66y4d2w1ACls1P4hJc+EuBtYc/0bBXXNzB3Sr14w2orA+i1njwrFnjkRUz 16CY12eOhbSxJgERDYm67LARsJZXlfOG8RAxjJFJHyxscgi/t25aq++6sqGq1c6x BDz3HEn4zE5Nr60VYlvjulpT+iH7SYzqxasamSQfJrFmx7geqDndn4Y7mIPCbNro YFYhzutPnZNUJ8LLIofkP9h/Eyf8R9cCaLkNKZDctezag1NnQcyQT2f+twIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHmv5zsjPiSL9xzUwy5OeZ/NynGVMB8GA1UdIwQY MBaAFCHYXSMa1UuEOcKq7ZGld1hqxGAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82YTZiNTUtY2EwMi00NThkLThiNWQt NzRkNzczMDJiMTg0LzEvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS82YTZiNTUtY2EwMi00NThkLThiNWQtNzRkNzczMDJiMTg0 LzEvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCBW7Y/M EQfAyUOSnnnBjz83U8+O9tIpLlNDXNDhdzFe2qi+bjPERyzDA7idtKKenKWMFoYU 9hPwfTUNdrZGYOZTWuUglAQS8vYlDuZLQRWoQZ6XQHFD4cVwM4M8UaAQ2dWRAuwZ uDcYwzk1GmhRSwhTv7c1drXT6gGaSoIB1v4ak6X29vQTzO9vvtZ7LNpqvXiTUgFP ZXtLopU4cvh6kvgFUeGmfS80a7346342wG9giwdQH7gzdF6lD2AmvqGn4o96oooG 6yh/k0HMTXFZFOHnRgxhYMINEpYYW/NE2p3LiPfPFuBHuuyaVgdcN1G1j2KqiI2S uU8s9AIOXjJTww== -----END CERTIFICATE-----Generated at Sat Dec 20 10:34:57 2025 by rpki-client