This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft File: iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json) Hash identifier: FjR478uX4lnL5aJC6ksH5wKxQDejkK9OTOKyuaCseMQ= Subject key identifier: BF:FA:BD:49:50:64:94:8B:E4:A5:2B:18:6B:4D:3B:16:15:32:56:94 Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE Certificate issuer: /CN=88f75722db25b3723decda5d870df69bf0d865ae Certificate serial: 019B59763EEA67B4289DABE361AA734AD484 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft Manifest number: 118F Signing time: Fri 26 Dec 2025 07:01:20 +0000 Manifest this update: Fri 26 Dec 2025 07:01:20 +0000 Manifest next update: Sat 27 Dec 2025 07:01:20 +0000 Files and hashes: 1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: l47jR6vChB6+sJRzhBFKVgVkg6ttMLnQnlwnj7smkKQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:3e:ea:67:b4:28:9d:ab:e3:61:aa:73:4a:d4:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae Validity Not Before: Dec 26 07:01:20 2025 GMT Not After : Dec 27 07:01:20 2025 GMT Subject: CN=bffabd495064948be4a52b186b4d3b1615325694 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:48:48:ad:30:68:44:fc:3f:5c:a7:86:61:88: cd:af:46:75:a8:80:ae:84:7f:31:81:bb:f0:7a:fd: 57:fd:1f:d4:d1:3f:32:7a:92:f7:e4:66:74:ba:dd: 1d:08:6c:54:0e:c5:34:12:99:c5:13:41:8a:6a:4c: d5:e2:b0:52:44:79:a3:f6:91:4d:61:af:f7:8e:67: 25:94:a6:40:47:70:40:3a:a8:11:77:4e:8d:a9:c3: 5f:5b:89:eb:a7:6a:67:53:ac:66:cc:d1:9c:46:fc: 0c:08:27:5e:55:6d:13:19:c7:cd:e5:83:b8:85:c4: 8e:39:bf:af:68:4c:0d:62:ef:f5:a4:cc:9e:72:34: f4:3b:63:ee:aa:81:45:ed:72:c4:0c:f5:c6:34:c8: cf:31:41:f3:e0:16:b5:d6:21:53:76:2e:50:2a:ff: 2d:73:40:d5:cb:0c:85:54:2c:d2:2a:df:bd:0f:7a: bf:28:88:68:1e:66:a1:64:57:02:6a:cc:b9:d2:da: 85:9e:1d:73:0f:db:a9:6b:c8:60:2c:81:66:39:72: 5c:55:7b:e2:f1:66:83:2e:6d:01:dc:09:d2:0b:7f: 69:71:a4:f6:c2:a8:59:20:5e:e6:14:34:2b:50:e4: c4:2f:a4:79:2d:9b:6e:c6:46:dc:ed:b4:58:0f:c5: ed:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:FA:BD:49:50:64:94:8B:E4:A5:2B:18:6B:4D:3B:16:15:32:56:94 X509v3 Authority Key Identifier: keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:8e:53:41:e6:1c:53:b7:35:8c:5c:d3:77:cb:4a:07:26:5a: 34:ae:84:b8:c4:3c:cd:f9:fc:0c:98:dc:16:d7:8a:bb:50:26: d8:25:13:09:7f:7e:bd:5b:b8:42:05:5d:d8:26:d4:34:26:3d: 7f:25:e2:92:35:10:66:75:8d:45:b6:f1:44:da:e6:3f:39:97: b0:ee:86:f9:5b:2f:03:a0:e2:56:87:56:3c:b8:9e:ef:02:60: 77:1e:86:c4:60:ec:1c:df:8c:1c:62:89:02:32:20:2d:16:7a: b4:2c:68:43:40:2e:fe:d6:57:21:97:4e:cf:0b:d2:76:81:8a: d6:84:23:99:de:fb:eb:73:f8:23:13:9b:72:70:b7:39:22:5e: a5:8e:47:19:c4:63:c7:84:c1:da:12:46:5e:ae:f2:0c:1f:ec: bd:f1:e8:db:58:85:45:31:60:3b:57:33:2b:98:cb:65:8e:19: 0c:82:de:c3:90:97:2e:ef:32:96:e5:87:c5:a8:ab:14:20:04: b4:64:a6:37:22:c9:b5:f8:cb:76:9b:75:b7:42:6a:5f:68:b4: e9:db:f7:4d:1e:d6:80:32:08:4f:8d:5c:32:cd:b7:2c:b4:04: 07:3f:d9:e3:e3:76:48:d9:35:89:5a:0a:fa:a9:a9:74:63:33: 4b:bc:89:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdj7qZ7QonavjYapzStSEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk ODY1YWUwHhcNMjUxMjI2MDcwMTIwWhcNMjUxMjI3MDcwMTIwWjAzMTEwLwYDVQQD EyhiZmZhYmQ0OTUwNjQ5NDhiZTRhNTJiMTg2YjRkM2IxNjE1MzI1Njk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEhIrTBoRPw/XKeGYYjNr0Z1qICu hH8xgbvwev1X/R/U0T8yepL35GZ0ut0dCGxUDsU0EpnFE0GKakzV4rBSRHmj9pFN Ya/3jmcllKZAR3BAOqgRd06NqcNfW4nrp2pnU6xmzNGcRvwMCCdeVW0TGcfN5YO4 hcSOOb+vaEwNYu/1pMyecjT0O2PuqoFF7XLEDPXGNMjPMUHz4Ba11iFTdi5QKv8t c0DVywyFVCzSKt+9D3q/KIhoHmahZFcCasy50tqFnh1zD9upa8hgLIFmOXJcVXvi 8WaDLm0B3AnSC39pcaT2wqhZIF7mFDQrUOTEL6R5LZtuxkbc7bRYD8Xt1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/6vUlQZJSL5KUrGGtNOxYVMlaUMB8GA1UdIwQY MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABI5TQeYc U7c1jFzTd8tKByZaNK6EuMQ8zfn8DJjcFteKu1Am2CUTCX9+vVu4QgVd2CbUNCY9 fyXikjUQZnWNRbbxRNrmPzmXsO6G+VsvA6DiVodWPLie7wJgdx6GxGDsHN+MHGKJ AjIgLRZ6tCxoQ0Au/tZXIZdOzwvSdoGK1oQjmd7763P4IxObcnC3OSJepY5HGcRj x4TB2hJGXq7yDB/svfHo21iFRTFgO1czK5jLZY4ZDILew5CXLu8yluWHxairFCAE tGSmNyLJtfjLdpt1t0JqX2i06dv3TR7WgDIIT41cMs23LLQEBz/Z4+N2SNk1iVoK +qmpdGMzS7yJzA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:09:07 2025 by rpki-client