This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft File: icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json) Hash identifier: T2Ch4yGmlRmOF3OVA10aqdYIoUsXjYUg3gkN40L6gZ4= Subject key identifier: B2:91:12:62:3D:32:D0:1A:12:C0:08:26:10:D4:D7:23:B4:88:17:F0 Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85 Certificate issuer: /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85 Certificate serial: 019B5975C0B1C7BBEA9A42DECA148D044413 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft Manifest number: 0907 Signing time: Fri 26 Dec 2025 07:00:47 +0000 Manifest this update: Fri 26 Dec 2025 07:00:47 +0000 Manifest next update: Sat 27 Dec 2025 07:00:47 +0000 Files and hashes: 1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: AdO9OTVIst/RJ5Sp25V8e8uYGASOCKja7DLZjGbY4ek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:c0:b1:c7:bb:ea:9a:42:de:ca:14:8d:04:44:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85 Validity Not Before: Dec 26 07:00:47 2025 GMT Not After : Dec 27 07:00:47 2025 GMT Subject: CN=b29112623d32d01a12c0082610d4d723b48817f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c2:f1:3c:73:11:a3:b8:ef:e4:60:83:81:1e: 5a:02:79:84:13:f8:5c:76:de:06:0e:07:c6:99:01: 37:69:26:9c:a2:bb:05:61:17:fa:96:23:8b:24:93: e9:1d:c6:17:2c:fa:13:f1:74:b7:2c:41:67:bb:73: ba:5c:5c:5e:52:b4:78:e0:38:00:bf:e9:dd:95:ee: 89:2e:bd:cc:66:87:97:43:cf:fb:fa:62:46:44:3d: a6:54:bc:73:20:29:b7:79:2d:dc:d5:af:68:d9:ef: b5:38:2f:6e:f9:4e:62:86:18:94:17:01:1b:7e:d3: 08:70:e5:bc:9a:17:01:b6:45:a5:b1:85:31:0b:f8: f8:43:93:3f:98:f1:0b:f1:0a:a8:f7:db:02:aa:d5: 42:a7:b3:a2:3d:ca:33:f4:f9:39:4b:2d:8d:5e:db: 22:f8:26:db:3b:55:e7:59:c2:9e:cd:8f:84:64:bc: 4e:32:5e:ee:1a:a5:dd:e8:fb:08:02:ad:ca:3c:f2: 52:d1:df:62:ac:ef:e4:e6:7a:7d:82:31:81:fe:a8: 91:9f:01:80:6d:f3:09:52:54:dc:38:0d:30:2d:a0: d4:9f:d6:61:2f:a8:01:5b:a2:78:b6:f0:62:5c:67: 88:42:93:ad:f8:86:b4:42:9c:44:d0:f1:ae:a4:bf: e6:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:91:12:62:3D:32:D0:1A:12:C0:08:26:10:D4:D7:23:B4:88:17:F0 X509v3 Authority Key Identifier: keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:c8:7b:23:26:00:64:5b:f6:60:84:20:45:ac:30:90:92:0f: b2:bf:4e:a6:c4:94:32:ee:63:06:f8:c3:4a:fd:9e:10:05:a2: 43:d8:50:25:f6:36:eb:a7:cd:fe:e6:5b:ae:61:ef:15:0c:f9: 92:fe:9e:ae:6a:4d:b5:d1:61:ac:5d:6b:2c:e2:90:5e:65:58: 7c:75:94:e5:20:71:ae:c4:79:ca:1f:08:3f:3f:b8:45:a0:8d: 10:f6:6a:d8:20:89:98:89:c9:fe:42:50:60:2e:fb:9b:e8:f5: 82:da:dc:67:bc:0a:e4:39:f3:36:25:79:0f:0b:52:18:7b:ac: f6:2c:52:9c:c4:b5:f5:62:fe:9d:e1:bb:28:a6:2f:57:f8:a8: 37:a6:98:87:72:01:42:5f:58:4d:5c:92:dd:5f:c3:59:6e:88: b5:c1:58:d8:78:84:7d:b8:38:38:71:c2:57:84:2b:c3:ef:28: ba:fc:73:bf:65:74:cd:9e:61:cc:81:e1:b1:51:80:b1:7a:0b: cb:48:ff:bf:dd:89:fa:8a:8d:6c:e0:fe:92:26:6e:44:10:40: 87:f4:34:88:7a:30:7b:57:c6:19:dc:ef:06:88:3e:f3:e5:4c: 2c:50:8b:90:26:1a:72:20:44:a8:b2:99:e4:a5:37:aa:3e:e3: 03:29:36:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdcCxx7vqmkLeyhSNBEQTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5 ZWNiODUwHhcNMjUxMjI2MDcwMDQ3WhcNMjUxMjI3MDcwMDQ3WjAzMTEwLwYDVQQD EyhiMjkxMTI2MjNkMzJkMDFhMTJjMDA4MjYxMGQ0ZDcyM2I0ODgxN2YwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8LxPHMRo7jv5GCDgR5aAnmEE/hc dt4GDgfGmQE3aSacorsFYRf6liOLJJPpHcYXLPoT8XS3LEFnu3O6XFxeUrR44DgA v+ndle6JLr3MZoeXQ8/7+mJGRD2mVLxzICm3eS3c1a9o2e+1OC9u+U5ihhiUFwEb ftMIcOW8mhcBtkWlsYUxC/j4Q5M/mPEL8Qqo99sCqtVCp7OiPcoz9Pk5Sy2NXtsi +CbbO1XnWcKezY+EZLxOMl7uGqXd6PsIAq3KPPJS0d9irO/k5np9gjGB/qiRnwGA bfMJUlTcOA0wLaDUn9ZhL6gBW6J4tvBiXGeIQpOt+Ia0QpxE0PGupL/mlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKREmI9MtAaEsAIJhDU1yO0iBfwMB8GA1UdIwQY MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAsh7IyYA ZFv2YIQgRawwkJIPsr9OpsSUMu5jBvjDSv2eEAWiQ9hQJfY266fN/uZbrmHvFQz5 kv6ermpNtdFhrF1rLOKQXmVYfHWU5SBxrsR5yh8IPz+4RaCNEPZq2CCJmInJ/kJQ YC77m+j1gtrcZ7wK5DnzNiV5DwtSGHus9ixSnMS19WL+neG7KKYvV/ioN6aYh3IB Ql9YTVyS3V/DWW6ItcFY2HiEfbg4OHHCV4Qrw+8ouvxzv2V0zZ5hzIHhsVGAsXoL y0j/v92J+oqNbOD+kiZuRBBAh/Q0iHowe1fGGdzvBog+8+VMLFCLkCYaciBEqLKZ 5KU3qj7jAyk2Dg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:08 2025 by rpki-client