This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft File: i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json) Hash identifier: FMEnzJu029a7X+CqPYgVd8hNpsz3blzwUf1bbT5RaO0= Subject key identifier: DB:C7:65:3C:7F:E8:0B:C3:FF:10:4D:D0:2F:3C:DE:B9:A9:A9:9B:1F Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71 Certificate issuer: /CN=8b8801543812040477d4744229466c8537d45171 Certificate serial: 019B394639841324E67FDC3F0CC115EDEBCE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft Manifest number: 0ECF Signing time: Sat 20 Dec 2025 01:01:02 +0000 Manifest this update: Sat 20 Dec 2025 01:01:02 +0000 Manifest next update: Sun 21 Dec 2025 01:01:02 +0000 Files and hashes: 1: CDrnNbtJLaCL50xwnqrzUWhQ_9k.roa (hash: xkyChTjHPfmap3pEfIzmPahUIANDsQxEAOedvER2SvU=) 2: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: 762kioST/WMnY0GaStMwCinWh1NLNz48ahP7L6ZL0WE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:46:39:84:13:24:e6:7f:dc:3f:0c:c1:15:ed:eb:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b8801543812040477d4744229466c8537d45171 Validity Not Before: Dec 20 01:01:02 2025 GMT Not After : Dec 21 01:01:02 2025 GMT Subject: CN=dbc7653c7fe80bc3ff104dd02f3cdeb9a9a99b1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:4d:72:73:83:ea:b9:f3:53:d0:61:d9:61:24: 7f:fc:57:1a:57:a6:17:ea:4e:eb:e2:e1:0c:10:98: 23:98:ea:7c:c3:1b:5e:d3:72:bd:e7:79:56:e3:86: 1d:00:8c:bd:0d:ad:ee:90:5a:06:21:f0:0c:be:77: 3b:b7:f4:52:68:4c:4c:7b:4b:63:10:f0:39:bc:ba: 51:59:d8:00:9f:7a:ec:73:d5:71:d8:ae:9b:71:bd: 57:f2:8d:ac:5c:f7:6c:24:b8:b8:88:69:dd:9c:29: cd:e6:53:7c:8b:b6:e0:10:f6:48:20:b5:9b:9d:e3: cc:f9:0a:95:03:3f:52:24:e6:c1:44:ed:29:1c:6c: 10:39:00:14:26:2d:76:07:92:3d:b9:ee:25:af:39: 24:ba:e6:6d:93:62:65:50:8e:c6:f4:e6:94:87:05: 26:f7:88:ca:4d:f1:a1:48:9f:4a:1b:70:d5:db:89: f8:78:6a:15:03:86:21:5e:8a:54:09:c4:dc:d4:7a: ee:6c:09:dd:97:a8:fe:e6:20:49:c4:ae:46:8d:27: 7b:86:48:c4:32:6a:be:11:fd:09:6b:7c:b2:f3:20: ea:01:2c:47:e8:1a:47:77:4b:29:2c:4a:d4:d0:db: 63:2a:41:71:65:91:c4:ab:c2:a4:d7:21:f3:f7:d3: f2:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:C7:65:3C:7F:E8:0B:C3:FF:10:4D:D0:2F:3C:DE:B9:A9:A9:9B:1F X509v3 Authority Key Identifier: keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:dd:1c:75:7d:bc:6e:d8:14:88:06:f9:8a:ef:1f:bd:a9:26: b0:ba:80:d7:b3:e5:0f:9d:ed:11:d3:d6:aa:5a:e3:86:9b:e8: 68:fa:a7:5f:6e:f4:75:5b:94:29:5c:c7:71:31:5d:af:e1:e2: 36:d3:21:02:c2:cc:31:2b:37:5f:7e:f5:77:08:6c:c7:c0:ee: bc:45:5d:0f:b8:52:fa:07:70:0a:4d:b8:13:84:4c:21:8c:28: 3b:99:f7:8f:a9:99:25:c4:a2:2c:90:15:cc:57:37:db:b2:81: f4:a0:3a:d7:11:10:ed:d6:be:a0:1d:92:00:4d:5b:45:e5:c7: 7e:1e:97:c8:8c:bb:a2:88:d9:bf:79:60:4a:b6:97:3e:47:a4: 5e:18:82:af:68:01:5e:17:82:2a:4b:9a:b4:34:6b:26:9f:c6: 0b:a0:5c:01:3f:2f:43:1e:23:87:9b:cf:08:5e:98:75:aa:f3: 2b:aa:59:a3:2d:b3:bd:31:25:24:42:33:a6:ee:e4:01:0d:62: 7b:8b:b2:65:9d:f0:b4:e0:89:1f:87:09:2d:3e:7c:01:f1:4f: 67:a5:bc:4e:89:96:f8:6d:c3:08:b0:92:3e:ab:55:1a:5e:d6: 33:01:f4:0b:cd:c7:54:2d:9c:2a:f2:d9:72:6e:6e:96:99:69: 79:66:65:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5RjmEEyTmf9w/DMEV7evOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk NDUxNzEwHhcNMjUxMjIwMDEwMTAyWhcNMjUxMjIxMDEwMTAyWjAzMTEwLwYDVQQD EyhkYmM3NjUzYzdmZTgwYmMzZmYxMDRkZDAyZjNjZGViOWE5YTk5YjFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk1yc4PqufNT0GHZYSR//FcaV6YX 6k7r4uEMEJgjmOp8wxte03K953lW44YdAIy9Da3ukFoGIfAMvnc7t/RSaExMe0tj EPA5vLpRWdgAn3rsc9Vx2K6bcb1X8o2sXPdsJLi4iGndnCnN5lN8i7bgEPZIILWb nePM+QqVAz9SJObBRO0pHGwQOQAUJi12B5I9ue4lrzkkuuZtk2JlUI7G9OaUhwUm 94jKTfGhSJ9KG3DV24n4eGoVA4YhXopUCcTc1HrubAndl6j+5iBJxK5GjSd7hkjE Mmq+Ef0Ja3yy8yDqASxH6BpHd0spLErU0NtjKkFxZZHEq8Kk1yHz99PyiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNvHZTx/6AvD/xBN0C883rmpqZsfMB8GA1UdIwQY MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAN0cdX28 btgUiAb5iu8fvakmsLqA17PlD53tEdPWqlrjhpvoaPqnX270dVuUKVzHcTFdr+Hi NtMhAsLMMSs3X371dwhsx8DuvEVdD7hS+gdwCk24E4RMIYwoO5n3j6mZJcSiLJAV zFc327KB9KA61xEQ7da+oB2SAE1bReXHfh6XyIy7oojZv3lgSraXPkekXhiCr2gB XheCKkuatDRrJp/GC6BcAT8vQx4jh5vPCF6YdarzK6pZoy2zvTElJEIzpu7kAQ1i e4uyZZ3wtOCJH4cJLT58AfFPZ6W8TomW+G3DCLCSPqtVGl7WMwH0C83HVC2cKvLZ cm5ulplpeWZlAg== -----END CERTIFICATE-----Generated at Sat Dec 20 09:10:20 2025 by rpki-client