This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft File: ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft (raw, json) Hash identifier: OQ/rcKzLO7nlvHBR5iSwfTEiHxuRqPvl4A7MdzmHVJM= Subject key identifier: 9B:CB:9F:D8:B5:1B:28:3C:8D:DB:20:93:E5:B1:BB:F3:3A:01:78:0B Authority key identifier: 22:DC:6E:47:43:ED:5C:C8:43:03:28:52:89:6E:F1:5F:48:92:ED:B0 Certificate issuer: /CN=22dc6e4743ed5cc843032852896ef15f4892edb0 Certificate serial: 019B5A1A779EE68ACF3D8A62F532B7EB0826 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft Manifest number: 0D9B Signing time: Fri 26 Dec 2025 10:00:42 +0000 Manifest this update: Fri 26 Dec 2025 10:00:42 +0000 Manifest next update: Sat 27 Dec 2025 10:00:42 +0000 Files and hashes: 1: ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl (hash: ILbaaMLKGyYyXSCylNlWo/mm6+kstFeDyfj719TYTxo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:77:9e:e6:8a:cf:3d:8a:62:f5:32:b7:eb:08:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22dc6e4743ed5cc843032852896ef15f4892edb0 Validity Not Before: Dec 26 10:00:42 2025 GMT Not After : Dec 27 10:00:42 2025 GMT Subject: CN=9bcb9fd8b51b283c8ddb2093e5b1bbf33a01780b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ba:7f:d6:ac:79:2e:6c:5b:c4:24:eb:ef:62: c1:21:a8:50:fb:e2:75:7b:89:70:49:de:52:73:9f: d5:65:0c:db:26:d0:74:f6:c4:f7:86:dc:0d:36:ed: bb:52:d0:e4:50:28:37:35:55:5d:4e:de:7c:12:b9: 67:5d:6a:9c:ef:dd:2d:47:c7:4d:31:f9:cd:b7:27: b5:73:ac:54:18:48:bd:4c:d1:76:86:49:cc:df:7f: 99:6b:ca:ec:ac:b4:a0:b9:03:69:84:64:7b:35:9e: 36:fb:26:6c:64:d8:10:d2:41:bf:96:0a:4a:a8:9f: 8e:35:f1:0d:f6:c9:54:e1:1a:15:c8:99:25:9c:0b: 2d:ec:0f:8b:5d:38:50:44:ba:47:14:e5:55:2a:72: 94:8a:92:63:e7:0f:ff:d5:12:df:1f:f4:50:55:30: e7:37:4a:1e:97:29:b1:ce:51:7d:25:45:52:d5:cc: 6f:02:a5:7c:bb:05:00:68:1a:34:b7:f3:9b:1c:c3: 9d:8a:98:c7:bd:19:55:3b:28:3a:cd:5c:a6:ba:9c: de:c8:1d:e4:cd:1c:45:c9:fd:17:89:81:59:8b:08: bf:be:8e:a6:e6:01:17:7f:f0:f8:0f:ea:e7:9e:1c: 83:90:f9:1e:49:ec:f8:cb:d5:03:04:83:b2:de:50: 97:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:CB:9F:D8:B5:1B:28:3C:8D:DB:20:93:E5:B1:BB:F3:3A:01:78:0B X509v3 Authority Key Identifier: keyid:22:DC:6E:47:43:ED:5C:C8:43:03:28:52:89:6E:F1:5F:48:92:ED:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:c6:43:ab:8d:0b:dd:de:d0:26:91:a5:91:88:5a:c8:70:65: 49:cf:45:48:db:5a:6c:2e:f8:db:34:14:6e:2f:ad:81:29:94: c2:d4:35:77:6a:b6:91:e4:e6:d4:39:d5:b8:82:35:25:b1:a8: 5a:06:fe:9b:af:45:d4:0d:ca:26:4b:52:6c:96:5b:63:a5:aa: 21:04:a3:c0:9e:79:d8:da:e8:03:e3:31:a2:94:16:9f:76:2b: 11:55:73:7a:50:5c:84:7a:33:04:f4:e6:74:de:3e:b0:55:0d: ca:49:ab:52:53:65:b2:17:dc:73:3b:e0:16:ca:ca:3e:64:06: 93:a8:82:70:4c:35:fa:b9:5e:ca:4c:b9:0f:23:8c:77:9c:0b: 24:2e:5f:a9:65:c3:bd:09:16:4e:aa:e5:55:1a:ee:52:46:80: 03:41:5c:81:7b:18:40:24:d0:9f:9f:59:8c:3d:5a:e9:7d:54: 7f:29:ae:f9:e8:9b:87:20:6a:b1:47:ef:5f:3a:af:c0:b9:0b: c5:7b:c9:82:97:17:26:2a:b6:35:0e:54:e4:84:4d:9c:2a:95: 48:d9:74:38:11:f4:3b:56:87:23:44:72:82:53:c8:04:6e:9b: 16:44:e8:f4:66:c2:12:44:79:ce:13:72:aa:73:2a:8c:32:d4: 2d:50:23:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGnee5orPPYpi9TK36wgmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZGM2ZTQ3NDNlZDVjYzg0MzAzMjg1Mjg5NmVmMTVmNDg5 MmVkYjAwHhcNMjUxMjI2MTAwMDQyWhcNMjUxMjI3MTAwMDQyWjAzMTEwLwYDVQQD Eyg5YmNiOWZkOGI1MWIyODNjOGRkYjIwOTNlNWIxYmJmMzNhMDE3ODBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7p/1qx5LmxbxCTr72LBIahQ++J1 e4lwSd5Sc5/VZQzbJtB09sT3htwNNu27UtDkUCg3NVVdTt58ErlnXWqc790tR8dN MfnNtye1c6xUGEi9TNF2hknM33+Za8rsrLSguQNphGR7NZ42+yZsZNgQ0kG/lgpK qJ+ONfEN9slU4RoVyJklnAst7A+LXThQRLpHFOVVKnKUipJj5w//1RLfH/RQVTDn N0oelymxzlF9JUVS1cxvAqV8uwUAaBo0t/ObHMOdipjHvRlVOyg6zVymupzeyB3k zRxFyf0XiYFZiwi/vo6m5gEXf/D4D+rnnhyDkPkeSez4y9UDBIOy3lCXMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJvLn9i1Gyg8jdsgk+Wxu/M6AXgLMB8GA1UdIwQY MBaAFCLcbkdD7VzIQwMoUolu8V9Iku2wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kYWY4NTAtZjU4Ny00NGIyLThkZTQt YTg1ODVmZjkzNTQ2LzEvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS9kYWY4NTAtZjU4Ny00NGIyLThkZTQtYTg1ODVmZjkzNTQ2 LzEvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZcZDq40L 3d7QJpGlkYhayHBlSc9FSNtabC742zQUbi+tgSmUwtQ1d2q2keTm1DnVuII1JbGo Wgb+m69F1A3KJktSbJZbY6WqIQSjwJ552NroA+MxopQWn3YrEVVzelBchHozBPTm dN4+sFUNykmrUlNlshfcczvgFsrKPmQGk6iCcEw1+rleyky5DyOMd5wLJC5fqWXD vQkWTqrlVRruUkaAA0FcgXsYQCTQn59ZjD1a6X1Ufymu+eibhyBqsUfvXzqvwLkL xXvJgpcXJiq2NQ5U5IRNnCqVSNl0OBH0O1aHI0RyglPIBG6bFkTo9GbCEkR5zhNy qnMqjDLULVAjyw== -----END CERTIFICATE-----Generated at Fri Dec 26 15:57:35 2025 by rpki-client