This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft File: IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft (raw, json) Hash identifier: 75ks+y4gwF5Wya+pZVNMA/z/Rg6xuNKhkU/7ov6/pcE= Subject key identifier: F1:03:1E:67:55:E8:6B:B2:34:BE:70:C6:19:AD:2C:2E:51:E4:28:BC Authority key identifier: 20:70:6D:C8:5C:49:6A:A6:F4:CA:11:D8:40:91:84:6C:8D:E3:58:06 Certificate issuer: /CN=20706dc85c496aa6f4ca11d84091846c8de35806 Certificate serial: 019B5ABFBDD92581BFCFEADDE60C6C495862 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IHBtyFxJaqb0yhHYQJGEbI3jWAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft Manifest number: 15 Signing time: Fri 26 Dec 2025 13:01:13 +0000 Manifest this update: Fri 26 Dec 2025 13:01:13 +0000 Manifest next update: Sat 27 Dec 2025 13:01:13 +0000 Files and hashes: 1: IHBtyFxJaqb0yhHYQJGEbI3jWAY.crl (hash: nCMa5blvhL8Wz3QLMyflR+8cGFKOG+EoCntUPjkLLd4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft rsync://rpki.ripe.net/repository/DEFAULT/IHBtyFxJaqb0yhHYQJGEbI3jWAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:bd:d9:25:81:bf:cf:ea:dd:e6:0c:6c:49:58:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20706dc85c496aa6f4ca11d84091846c8de35806 Validity Not Before: Dec 26 13:01:13 2025 GMT Not After : Dec 27 13:01:13 2025 GMT Subject: CN=f1031e6755e86bb234be70c619ad2c2e51e428bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:b4:62:23:16:00:2c:24:cd:d0:af:68:d5:e9: bc:17:da:3e:23:30:73:3d:0b:91:f5:6a:00:59:9f: a5:ec:8b:10:d5:74:ce:9d:2f:5a:55:65:8e:7e:33: d5:41:fc:ba:f9:b7:e4:d1:63:aa:66:cb:f8:10:72: 42:c6:46:02:f8:b2:0b:56:d3:0e:6b:db:6f:96:9d: 1b:0c:99:5a:dc:a9:1d:8b:52:4b:56:f1:2b:7b:06: 72:78:bb:6f:5f:73:84:af:58:00:fc:04:90:bb:13: 44:60:d3:f0:0b:49:54:cd:dd:1c:e9:09:ae:12:ff: d9:3f:21:32:29:26:0a:e9:b6:f7:cd:68:27:c0:1a: 61:3a:13:25:6b:41:b5:9c:c5:cc:5e:50:33:34:27: a6:b0:96:83:e2:de:62:f3:69:b7:06:60:33:c2:35: fa:5d:6d:03:c9:ec:52:e7:d6:e9:0f:ab:5a:33:a9: 01:21:9d:d9:22:35:b6:1e:c9:d4:ed:a2:38:ee:25: 75:0d:aa:f9:a6:75:93:87:54:b1:80:c0:8d:a8:9f: 31:39:6a:6f:3d:8c:40:ad:da:b6:a0:74:33:06:0b: 27:c4:5c:61:20:fd:81:22:3c:32:c7:0e:80:73:73: 50:b6:5a:b3:bd:39:fe:a1:2b:7b:25:33:ed:7c:16: 95:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:03:1E:67:55:E8:6B:B2:34:BE:70:C6:19:AD:2C:2E:51:E4:28:BC X509v3 Authority Key Identifier: keyid:20:70:6D:C8:5C:49:6A:A6:F4:CA:11:D8:40:91:84:6C:8D:E3:58:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHBtyFxJaqb0yhHYQJGEbI3jWAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:fa:bf:66:31:b1:fa:21:7b:4f:ef:b3:98:81:c3:2d:5a:4d: 96:ac:94:ce:ba:f7:32:de:62:e8:16:64:70:c7:aa:d6:4e:eb: 46:4c:04:70:5c:cd:a8:f8:17:01:96:28:57:ff:bb:d9:ad:46: 7f:91:46:12:7a:af:a6:3f:ff:83:6c:27:7a:9a:b1:ea:a7:0d: 1b:fa:1c:da:82:ee:5d:61:28:f2:d2:8d:86:3f:59:d1:aa:9e: 19:b8:92:42:9d:35:27:fa:b3:93:df:06:72:b9:bd:49:50:bd: 59:f6:c1:cd:a7:2f:6c:cc:05:50:9f:b4:5e:e3:fa:26:c3:70: 15:83:65:8d:01:22:bd:47:52:ae:10:96:eb:1e:69:a5:8a:11: 17:c4:77:f9:db:0c:8a:43:24:b3:21:c9:88:51:70:f2:6a:64: 16:a0:ba:70:9a:ca:1d:72:44:e1:cf:3e:e8:e3:57:a8:ca:5d: a3:86:b1:00:fa:b9:c3:d2:27:5d:d0:93:04:ac:98:c4:3e:af: b4:17:62:a4:2e:f8:af:46:7e:5e:7a:35:f5:9b:e2:eb:7b:36: 7d:8f:c2:cb:85:a4:56:86:14:9a:10:8f:9a:a0:e0:fc:34:e6: 5e:25:1a:0d:90:b8:31:8f:63:ea:34:f6:32:00:a2:bf:a9:f9: f8:b2:81:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav73ZJYG/z+rd5gxsSVhiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwNzA2ZGM4NWM0OTZhYTZmNGNhMTFkODQwOTE4NDZjOGRl MzU4MDYwHhcNMjUxMjI2MTMwMTEzWhcNMjUxMjI3MTMwMTEzWjAzMTEwLwYDVQQD EyhmMTAzMWU2NzU1ZTg2YmIyMzRiZTcwYzYxOWFkMmMyZTUxZTQyOGJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7RiIxYALCTN0K9o1em8F9o+IzBz PQuR9WoAWZ+l7IsQ1XTOnS9aVWWOfjPVQfy6+bfk0WOqZsv4EHJCxkYC+LILVtMO a9tvlp0bDJla3Kkdi1JLVvErewZyeLtvX3OEr1gA/ASQuxNEYNPwC0lUzd0c6Qmu Ev/ZPyEyKSYK6bb3zWgnwBphOhMla0G1nMXMXlAzNCemsJaD4t5i82m3BmAzwjX6 XW0DyexS59bpD6taM6kBIZ3ZIjW2HsnU7aI47iV1Dar5pnWTh1SxgMCNqJ8xOWpv PYxArdq2oHQzBgsnxFxhIP2BIjwyxw6Ac3NQtlqzvTn+oSt7JTPtfBaVDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPEDHmdV6GuyNL5wxhmtLC5R5Ci8MB8GA1UdIwQY MBaAFCBwbchcSWqm9MoR2ECRhGyN41gGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUhCdHlGeEphcWIweWhIWVFKR0ViSTNqV0FZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yZmJkYzctZTU1Zi00ODQxLWI3MDQt NmNiYjBhY2Y4NGU3LzEvSUhCdHlGeEphcWIweWhIWVFKR0ViSTNqV0FZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy8yZmJkYzctZTU1Zi00ODQxLWI3MDQtNmNiYjBhY2Y4NGU3 LzEvSUhCdHlGeEphcWIweWhIWVFKR0ViSTNqV0FZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjfq/ZjGx +iF7T++zmIHDLVpNlqyUzrr3Mt5i6BZkcMeq1k7rRkwEcFzNqPgXAZYoV/+72a1G f5FGEnqvpj//g2wnepqx6qcNG/oc2oLuXWEo8tKNhj9Z0aqeGbiSQp01J/qzk98G crm9SVC9WfbBzacvbMwFUJ+0XuP6JsNwFYNljQEivUdSrhCW6x5ppYoRF8R3+dsM ikMksyHJiFFw8mpkFqC6cJrKHXJE4c8+6ONXqMpdo4axAPq5w9InXdCTBKyYxD6v tBdipC74r0Z+Xno19Zvi63s2fY/Cy4WkVoYUmhCPmqDg/DTmXiUaDZC4MY9j6jT2 MgCiv6n5+LKBtg== -----END CERTIFICATE-----Generated at Fri Dec 26 15:42:28 2025 by rpki-client