This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft File: iGbk-cPITtuUl18HHNhwfDgzqIY.mft (raw, json) Hash identifier: AIW9yI/BGgX9IR9j5pWVkZ0aDZVbt0tpcI/CBxJlns0= Subject key identifier: CC:7A:FF:5C:03:A3:9D:E5:7B:20:95:95:49:5E:06:61:EF:E6:B5:96 Authority key identifier: 88:66:E4:F9:C3:C8:4E:DB:94:97:5F:07:1C:D8:70:7C:38:33:A8:86 Certificate issuer: /CN=8866e4f9c3c84edb94975f071cd8707c3833a886 Certificate serial: 019B5A517E44E4A8B6881A293B576B85A78B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGbk-cPITtuUl18HHNhwfDgzqIY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft Manifest number: 61 Signing time: Fri 26 Dec 2025 11:00:48 +0000 Manifest this update: Fri 26 Dec 2025 11:00:48 +0000 Manifest next update: Sat 27 Dec 2025 11:00:48 +0000 Files and hashes: 1: iGbk-cPITtuUl18HHNhwfDgzqIY.crl (hash: YRv1F8jnjLEle0SoU+7D0A9z6FMmZNsemiG0Cg8XVIk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft rsync://rpki.ripe.net/repository/DEFAULT/iGbk-cPITtuUl18HHNhwfDgzqIY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:7e:44:e4:a8:b6:88:1a:29:3b:57:6b:85:a7:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8866e4f9c3c84edb94975f071cd8707c3833a886 Validity Not Before: Dec 26 11:00:48 2025 GMT Not After : Dec 27 11:00:48 2025 GMT Subject: CN=cc7aff5c03a39de57b209595495e0661efe6b596 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:31:29:f3:a8:98:21:cb:b0:b0:d4:32:66:c2: 84:1d:7b:ff:31:e6:bb:9a:c3:91:c0:5c:46:9a:bc: d9:15:69:e5:80:08:40:28:34:dd:b2:36:81:87:63: 2a:e5:c8:33:6c:c4:5f:62:48:72:01:be:93:78:2a: 86:a4:cf:82:6e:0c:96:21:9f:a3:29:9e:f7:6b:5f: 04:c9:5b:4d:56:08:0d:8c:fe:51:03:84:15:c0:c3: 51:71:ce:cb:1d:69:75:18:ad:bc:2b:ae:f7:4d:30: 89:3c:99:dd:fd:18:cb:44:d9:45:f8:c6:a9:78:f1: dd:2c:45:25:f7:93:d5:98:5a:e9:d7:da:7d:72:e1: 84:4d:1b:57:c8:7b:88:6b:0d:c7:e1:e4:7c:c3:bc: 32:db:b2:7d:90:ee:c0:f7:a1:54:bb:de:35:19:12: 07:b8:42:a0:40:49:06:f9:72:e8:2d:6d:89:1b:8e: a2:40:e1:a8:92:6f:7f:db:78:29:28:ad:24:0d:e5: 68:23:a6:ff:fd:b4:42:17:2e:23:20:a4:2e:6d:1c: ac:de:0f:e9:91:5a:5b:b9:93:da:23:98:37:fe:a0: 45:1b:e9:bc:a0:be:71:83:0a:90:a2:c5:68:0e:76: 42:fb:70:8c:dd:c9:29:64:5d:23:49:6f:81:b5:eb: e5:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:7A:FF:5C:03:A3:9D:E5:7B:20:95:95:49:5E:06:61:EF:E6:B5:96 X509v3 Authority Key Identifier: keyid:88:66:E4:F9:C3:C8:4E:DB:94:97:5F:07:1C:D8:70:7C:38:33:A8:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGbk-cPITtuUl18HHNhwfDgzqIY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:dd:44:36:18:37:aa:c4:58:06:51:a1:ed:3a:4a:5f:77:91: 1c:97:9f:af:5e:ee:34:d5:4c:5b:bb:6a:85:84:bd:c1:37:a1: 64:e1:cb:1a:09:04:9a:04:ce:85:71:e3:82:ea:b7:14:c5:40: ad:27:e2:ea:7e:16:16:38:bf:10:18:23:58:d0:ea:b4:24:f8: c1:b9:2f:84:83:57:8e:e1:08:21:02:c2:1d:71:c0:3f:f5:59: 38:76:69:82:63:c3:fe:35:1b:f4:ac:82:94:30:31:9e:8c:80: 99:d8:e6:f9:72:ad:6f:f8:b3:c3:bd:1e:10:c3:f9:91:17:ae: f3:72:0f:e8:5b:55:79:f1:c8:31:e1:06:ce:e6:0e:ea:11:ef: 68:bf:94:e6:04:ad:28:bd:7b:6b:59:36:c4:18:c3:89:d9:27: b0:cf:3a:4d:8b:47:81:bd:8b:42:6e:dc:88:6e:5c:f9:51:13: 58:fd:32:d1:c2:1d:6f:de:62:f8:8f:06:a2:72:ce:8f:cb:07: 29:48:f3:1b:8d:a0:c0:80:25:0e:85:35:9d:3d:d1:d7:b7:97: f2:b2:bf:ae:b3:60:4f:35:0f:71:45:c2:e6:0c:33:ce:05:27: 0a:06:b3:3a:de:aa:e1:5b:e8:f2:9e:c7:8e:0e:c8:55:23:d1: 64:92:10:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUX5E5Ki2iBopO1drhaeLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NjZlNGY5YzNjODRlZGI5NDk3NWYwNzFjZDg3MDdjMzgz M2E4ODYwHhcNMjUxMjI2MTEwMDQ4WhcNMjUxMjI3MTEwMDQ4WjAzMTEwLwYDVQQD EyhjYzdhZmY1YzAzYTM5ZGU1N2IyMDk1OTU0OTVlMDY2MWVmZTZiNTk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTEp86iYIcuwsNQyZsKEHXv/Mea7 msORwFxGmrzZFWnlgAhAKDTdsjaBh2Mq5cgzbMRfYkhyAb6TeCqGpM+CbgyWIZ+j KZ73a18EyVtNVggNjP5RA4QVwMNRcc7LHWl1GK28K673TTCJPJnd/RjLRNlF+Map ePHdLEUl95PVmFrp19p9cuGETRtXyHuIaw3H4eR8w7wy27J9kO7A96FUu941GRIH uEKgQEkG+XLoLW2JG46iQOGokm9/23gpKK0kDeVoI6b//bRCFy4jIKQubRys3g/p kVpbuZPaI5g3/qBFG+m8oL5xgwqQosVoDnZC+3CM3ckpZF0jSW+BtevlUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMx6/1wDo53leyCVlUleBmHv5rWWMB8GA1UdIwQY MBaAFIhm5PnDyE7blJdfBxzYcHw4M6iGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUdiay1jUElUdHVVbDE4SEhOaHdmRGd6cUlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMGI3MWMtNmYzOC00NTg4LWI0ZWEt M2RmZjU1ZGVlYmI5LzEvaUdiay1jUElUdHVVbDE4SEhOaHdmRGd6cUlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9iMGI3MWMtNmYzOC00NTg4LWI0ZWEtM2RmZjU1ZGVlYmI5 LzEvaUdiay1jUElUdHVVbDE4SEhOaHdmRGd6cUlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATd1ENhg3 qsRYBlGh7TpKX3eRHJefr17uNNVMW7tqhYS9wTehZOHLGgkEmgTOhXHjguq3FMVA rSfi6n4WFji/EBgjWNDqtCT4wbkvhINXjuEIIQLCHXHAP/VZOHZpgmPD/jUb9KyC lDAxnoyAmdjm+XKtb/izw70eEMP5kReu83IP6FtVefHIMeEGzuYO6hHvaL+U5gSt KL17a1k2xBjDidknsM86TYtHgb2LQm7ciG5c+VETWP0y0cIdb95i+I8GonLOj8sH KUjzG42gwIAlDoU1nT3R17eX8rK/rrNgTzUPcUXC5gwzzgUnCgazOt6q4Vvo8p7H jg7IVSPRZJIQlQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:43:20 2025 by rpki-client