This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft File: IT2HNcFEzxJWWEO2nrQKTRowGqU.mft (raw, json) Hash identifier: 3VgXSAdBtnXBF90mV40IQxUymsVhLCMlm9OFjyowfjw= Subject key identifier: 4F:DA:6F:85:9A:21:D5:FB:F8:CA:BE:90:03:20:40:54:8B:D6:EE:9C Authority key identifier: 21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5 Certificate issuer: /CN=213d8735c144cf12565843b69eb40a4d1a301aa5 Certificate serial: 019B5A1A91D66883E96D1862ED0D51D3173E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft Manifest number: 1108 Signing time: Fri 26 Dec 2025 10:00:49 +0000 Manifest this update: Fri 26 Dec 2025 10:00:49 +0000 Manifest next update: Sat 27 Dec 2025 10:00:49 +0000 Files and hashes: 1: IT2HNcFEzxJWWEO2nrQKTRowGqU.crl (hash: 9AsBHQG1WOI+HdLFHK5y1MHspZJh9Dzfm7rs1jdmcPw=) 2: oYl1-NMXXzEXtTi3L5l80mvOKew.roa (hash: HGKJcqJks4x1KvA9MPs1IeJtaKWdWbE52yFjhD/1Aak=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:91:d6:68:83:e9:6d:18:62:ed:0d:51:d3:17:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=213d8735c144cf12565843b69eb40a4d1a301aa5 Validity Not Before: Dec 26 10:00:49 2025 GMT Not After : Dec 27 10:00:49 2025 GMT Subject: CN=4fda6f859a21d5fbf8cabe90032040548bd6ee9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:2e:46:24:63:a5:50:9a:ec:35:a3:d1:12:90: b6:9e:c7:46:74:83:72:7d:05:c8:e2:58:97:f3:85: b9:82:fc:97:35:1a:d2:b8:38:bc:59:92:f5:04:56: 4c:7a:2e:c8:b1:c6:8f:15:91:ab:71:5c:47:20:f4: 3e:7a:40:b3:9f:88:4e:15:ce:24:70:d3:f0:9e:78: 1f:1a:c0:62:f0:9a:a1:29:57:7e:a5:6e:e4:0b:a5: b6:78:a6:93:7b:54:23:ac:33:c5:43:03:c8:a2:08: 74:b2:3d:54:b2:e2:db:2a:ef:dc:7b:38:37:d4:fd: cc:7d:30:81:8c:4c:af:5d:42:4e:d7:e3:ee:81:55: 41:d1:51:19:45:08:3d:09:6f:95:5d:5c:9d:18:c8: 49:f2:0f:f3:22:06:a3:5f:39:2b:e5:b6:b7:57:fb: 9b:7b:13:d6:45:3d:75:39:d2:67:b7:8c:50:8d:dc: 50:51:3b:25:cd:80:79:f3:76:6a:ba:73:99:69:2c: b1:1a:5f:3a:58:d8:46:57:ca:02:02:04:f9:e2:d6: 02:83:dc:9a:e8:00:07:a3:8b:3c:10:09:78:6b:04: 79:2f:58:24:68:10:56:22:32:5b:f2:8a:9a:cf:2e: ff:33:9a:11:fa:b4:21:67:7d:2e:a4:58:da:53:c6: cd:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:DA:6F:85:9A:21:D5:FB:F8:CA:BE:90:03:20:40:54:8B:D6:EE:9C X509v3 Authority Key Identifier: keyid:21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:fa:d7:73:26:61:59:d6:53:85:0d:0d:4c:57:34:0a:32:55: 53:73:1e:cd:a8:ca:94:49:5b:c0:2a:18:24:78:bc:a3:ff:65: 0c:54:6b:cb:d8:e6:69:ab:b1:10:eb:1e:9d:7d:1c:89:36:99: 38:ef:71:c0:02:41:15:6d:c6:40:c7:de:4c:af:96:c5:28:15: c3:2f:14:79:51:b0:5b:39:70:d3:56:dc:7e:9e:e1:df:c5:d8: 94:85:12:be:32:e9:84:ff:e8:c9:5e:77:b2:c2:bc:33:8d:4a: 3d:fc:31:d1:a6:3d:ff:cb:7d:be:bd:16:9e:b4:d8:99:0b:e6: 35:11:55:2f:22:56:e7:d6:26:6c:d7:b3:8d:92:cf:13:58:24: 24:37:5c:fd:3b:de:26:cc:56:26:5b:af:c3:dd:66:c3:0a:c6: 7f:11:6e:2c:51:fa:96:45:c7:b7:ac:20:4a:aa:f7:d5:8f:22: 97:69:e1:8e:97:03:bb:ac:47:8a:98:ac:e3:ea:9c:a4:53:72: e6:f7:1b:51:d1:2b:b8:b3:37:2b:ad:7d:35:26:14:f4:8a:45: 34:f7:eb:86:c7:f5:36:e6:59:43:a9:76:f9:3b:25:3b:83:57: eb:58:e7:83:6d:0c:a9:ff:0e:3f:ba:d4:73:4d:df:2c:7c:19: 0e:ee:25:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGpHWaIPpbRhi7Q1R0xc+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxM2Q4NzM1YzE0NGNmMTI1NjU4NDNiNjllYjQwYTRkMWEz MDFhYTUwHhcNMjUxMjI2MTAwMDQ5WhcNMjUxMjI3MTAwMDQ5WjAzMTEwLwYDVQQD Eyg0ZmRhNmY4NTlhMjFkNWZiZjhjYWJlOTAwMzIwNDA1NDhiZDZlZTljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS5GJGOlUJrsNaPREpC2nsdGdINy fQXI4liX84W5gvyXNRrSuDi8WZL1BFZMei7IscaPFZGrcVxHIPQ+ekCzn4hOFc4k cNPwnngfGsBi8JqhKVd+pW7kC6W2eKaTe1QjrDPFQwPIogh0sj1UsuLbKu/cezg3 1P3MfTCBjEyvXUJO1+PugVVB0VEZRQg9CW+VXVydGMhJ8g/zIgajXzkr5ba3V/ub exPWRT11OdJnt4xQjdxQUTslzYB583ZqunOZaSyxGl86WNhGV8oCAgT54tYCg9ya 6AAHo4s8EAl4awR5L1gkaBBWIjJb8oqazy7/M5oR+rQhZ30upFjaU8bNZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE/ab4WaIdX7+Mq+kAMgQFSL1u6cMB8GA1UdIwQY MBaAFCE9hzXBRM8SVlhDtp60Ck0aMBqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAt MzAxNDMzZWJlNDM2LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAtMzAxNDMzZWJlNDM2 LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbvrXcyZh WdZThQ0NTFc0CjJVU3MezajKlElbwCoYJHi8o/9lDFRry9jmaauxEOsenX0ciTaZ OO9xwAJBFW3GQMfeTK+WxSgVwy8UeVGwWzlw01bcfp7h38XYlIUSvjLphP/oyV53 ssK8M41KPfwx0aY9/8t9vr0WnrTYmQvmNRFVLyJW59YmbNezjZLPE1gkJDdc/Tve JsxWJluvw91mwwrGfxFuLFH6lkXHt6wgSqr31Y8il2nhjpcDu6xHipis4+qcpFNy 5vcbUdEruLM3K619NSYU9IpFNPfrhsf1NuZZQ6l2+TslO4NX61jng20Mqf8OP7rU c03fLHwZDu4lPg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:56 2025 by rpki-client