This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft File: iq94tpd0pVUH3qv4xMlpQunvDSA.mft (raw, json) Hash identifier: +VDacXMaVBGNLiwtqLSyhKkPtQyM2kZYUF/b+qCGyQE= Subject key identifier: 15:F0:05:10:4D:C1:20:B9:C7:0F:09:C4:A6:6D:84:DE:23:E6:2E:46 Authority key identifier: 8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20 Certificate issuer: /CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20 Certificate serial: 019B37FC99800B612181FE0D35C6FD7F1A1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft Manifest number: 0E81 Signing time: Fri 19 Dec 2025 19:00:59 +0000 Manifest this update: Fri 19 Dec 2025 19:00:59 +0000 Manifest next update: Sat 20 Dec 2025 19:00:59 +0000 Files and hashes: 1: JQCJu_zj_dBb25hVe1CPLuILo-c.roa (hash: ppq/kkdZOhkWPFmrOFoKNIk30mkp2cJ+7oYbrYYHQUY=) 2: iq94tpd0pVUH3qv4xMlpQunvDSA.crl (hash: QaeVwsRiVdhMeSr2WTKExkQZcKbEG2yCX7a1nSLLtzc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:fc:99:80:0b:61:21:81:fe:0d:35:c6:fd:7f:1a:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8aaf78b69774a55507deabf8c4c96942e9ef0d20 Validity Not Before: Dec 19 19:00:59 2025 GMT Not After : Dec 20 19:00:59 2025 GMT Subject: CN=15f005104dc120b9c70f09c4a66d84de23e62e46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e8:f8:11:d0:e1:d2:7a:4f:e8:36:dc:be:29: 6d:97:ea:ef:5d:1d:41:61:b5:5b:e2:e6:35:ff:f5: d1:56:5f:13:d7:7a:b1:e0:00:6c:2d:67:87:bd:7e: f8:fd:e9:45:96:61:ca:d6:76:94:53:44:55:9d:02: 81:34:bd:cd:c4:f7:2d:0d:b2:74:39:7b:f2:52:f2: 14:c9:23:e6:e1:67:c5:c7:70:54:ad:29:44:cb:30: 4b:d8:a6:5f:c4:31:98:a4:18:c8:62:4e:4c:a2:08: db:0e:f9:46:75:0d:b3:4b:00:da:cf:d1:44:f9:35: 06:a2:23:dc:07:f3:a6:d4:87:93:76:81:88:14:08: 55:4c:3d:5a:98:ab:71:07:3d:fc:3f:e2:8f:2f:c3: 15:72:01:50:3f:06:98:d4:7d:a1:03:f5:a6:88:17: 63:43:85:29:aa:a8:be:89:39:6f:1d:9d:9a:49:ed: 8d:69:f0:f5:d5:51:cb:76:4c:a0:27:6c:19:83:57: 49:4e:bc:24:e7:e8:d7:78:0f:9d:86:24:16:21:e7: da:d0:5c:a8:7e:4c:b7:fe:76:be:95:f2:3e:2f:03: 2c:42:18:f8:57:6d:0f:9b:77:1e:c7:cb:ef:94:30: d1:53:2c:55:18:48:8f:63:34:ea:76:08:9b:01:9d: b1:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:F0:05:10:4D:C1:20:B9:C7:0F:09:C4:A6:6D:84:DE:23:E6:2E:46 X509v3 Authority Key Identifier: keyid:8A:AF:78:B6:97:74:A5:55:07:DE:AB:F8:C4:C9:69:42:E9:EF:0D:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iq94tpd0pVUH3qv4xMlpQunvDSA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/797390-81d4-4c5d-ab71-7088568c51c0/1/iq94tpd0pVUH3qv4xMlpQunvDSA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:06:d5:dd:d2:33:56:41:2b:d7:4f:cc:45:18:6d:59:2d:b0: 59:9e:0c:f9:4c:5a:f8:0d:d3:47:b4:1f:ae:b6:3f:7b:8f:ff: 4a:20:90:50:0a:0c:19:e1:f4:22:f2:bb:a7:6f:e1:22:92:35: 30:83:8b:79:b2:3e:76:3e:b9:15:02:2d:6a:e5:71:5f:41:c1: ce:5d:17:14:97:ea:ce:fe:05:b5:c5:d3:fc:1d:b4:e3:ed:c1: b1:7d:97:b2:72:d9:44:41:97:5b:c4:76:e2:f0:18:01:ee:85: 35:f1:82:58:4b:1b:be:86:17:b4:ea:fb:ac:a8:02:b4:03:a4: fd:77:1b:a8:1c:1b:e1:61:6a:a5:81:9e:85:04:93:c7:ee:4e: 0a:57:d4:eb:e2:3a:0b:2d:7d:0a:8d:1e:8d:7e:3b:a1:cd:3d: 1c:f6:56:0e:39:47:12:77:5e:2e:ff:1d:4d:0c:d9:26:b5:69: d6:83:a2:a5:54:22:17:db:8f:a9:29:23:72:a8:78:08:5a:a7: 58:81:64:4a:29:84:71:e8:6a:3c:0e:73:aa:9a:5c:69:a8:c8: 89:3d:3b:ce:ce:1b:d8:2a:78:00:f4:13:9c:f1:39:8f:2a:b6: f1:c1:bb:d9:0b:58:81:14:b1:88:db:cc:49:26:e5:1e:55:f9: 1a:a0:a0:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3/JmAC2Ehgf4NNcb9fxocMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhYWY3OGI2OTc3NGE1NTUwN2RlYWJmOGM0Yzk2OTQyZTll ZjBkMjAwHhcNMjUxMjE5MTkwMDU5WhcNMjUxMjIwMTkwMDU5WjAzMTEwLwYDVQQD EygxNWYwMDUxMDRkYzEyMGI5YzcwZjA5YzRhNjZkODRkZTIzZTYyZTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOj4EdDh0npP6Dbcviltl+rvXR1B YbVb4uY1//XRVl8T13qx4ABsLWeHvX74/elFlmHK1naUU0RVnQKBNL3NxPctDbJ0 OXvyUvIUySPm4WfFx3BUrSlEyzBL2KZfxDGYpBjIYk5MogjbDvlGdQ2zSwDaz9FE +TUGoiPcB/Om1IeTdoGIFAhVTD1amKtxBz38P+KPL8MVcgFQPwaY1H2hA/WmiBdj Q4Upqqi+iTlvHZ2aSe2NafD11VHLdkygJ2wZg1dJTrwk5+jXeA+dhiQWIefa0Fyo fky3/na+lfI+LwMsQhj4V20Pm3cex8vvlDDRUyxVGEiPYzTqdgibAZ2x1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBXwBRBNwSC5xw8JxKZthN4j5i5GMB8GA1UdIwQY MBaAFIqveLaXdKVVB96r+MTJaULp7w0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83OTczOTAtODFkNC00YzVkLWFiNzEt NzA4ODU2OGM1MWMwLzEvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS83OTczOTAtODFkNC00YzVkLWFiNzEtNzA4ODU2OGM1MWMw LzEvaXE5NHRwZDBwVlVIM3F2NHhNbHBRdW52RFNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMQbV3dIz VkEr10/MRRhtWS2wWZ4M+Uxa+A3TR7QfrrY/e4//SiCQUAoMGeH0IvK7p2/hIpI1 MIOLebI+dj65FQItauVxX0HBzl0XFJfqzv4FtcXT/B204+3BsX2XsnLZREGXW8R2 4vAYAe6FNfGCWEsbvoYXtOr7rKgCtAOk/XcbqBwb4WFqpYGehQSTx+5OClfU6+I6 Cy19Co0ejX47oc09HPZWDjlHEndeLv8dTQzZJrVp1oOipVQiF9uPqSkjcqh4CFqn WIFkSimEcehqPA5zqppcaajIiT07zs4b2Cp4APQTnPE5jyq28cG72QtYgRSxiNvM SSblHlX5GqCgRg== -----END CERTIFICATE-----Generated at Fri Dec 19 22:08:37 2025 by rpki-client