This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft File: IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json) Hash identifier: EMbBU6zKsUgQUeTw/YFo3CaCq7pcVNs/GQ4SANsVeCc= Subject key identifier: 14:36:97:A7:85:8E:68:28:81:10:16:70:AD:D1:D6:7E:05:08:4F:91 Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30 Certificate issuer: /CN=20f75069bd56efc5170383ed31cad22464fdf030 Certificate serial: 019B5A1AEA1CDDD60427EC0E9520D208189B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft Manifest number: 0546 Signing time: Fri 26 Dec 2025 10:01:11 +0000 Manifest this update: Fri 26 Dec 2025 10:01:11 +0000 Manifest next update: Sat 27 Dec 2025 10:01:11 +0000 Files and hashes: 1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: f8XxygMlDSmks2BfF/ufcQ9EZrVXDtyl673MZchkBHI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:ea:1c:dd:d6:04:27:ec:0e:95:20:d2:08:18:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030 Validity Not Before: Dec 26 10:01:11 2025 GMT Not After : Dec 27 10:01:11 2025 GMT Subject: CN=143697a7858e682881101670add1d67e05084f91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:88:5f:6b:94:c9:07:88:f5:c9:cc:f4:bc:ff: 0a:c2:01:70:23:57:5d:c6:ef:e0:22:31:3c:f3:ff: 96:54:f5:68:5f:15:9f:5d:4d:4f:c7:e3:e4:e1:42: dd:e0:36:59:10:42:6e:71:32:d4:69:c2:29:fc:60: 84:da:bb:72:86:86:2e:fc:ec:58:9d:1e:f6:12:95: c7:c3:37:23:59:df:76:02:3d:89:d7:40:1e:5f:aa: 30:63:99:15:e3:77:5f:17:2c:99:13:96:e8:87:56: 42:42:dc:60:73:1b:fb:e5:29:8f:5b:92:e4:0e:92: b3:9d:14:da:01:af:b3:bd:c4:f1:39:5e:05:a5:bc: 0a:65:d3:a3:c8:cd:ad:4d:5c:17:b6:9d:e0:e9:fb: 65:0c:c2:ed:93:bc:31:40:7c:39:74:85:a9:fe:20: a3:6c:8d:0e:eb:02:f7:78:13:7a:ac:af:d8:08:71: 4e:a3:4a:80:4b:0e:ff:90:3b:6c:ba:7d:c3:93:47: 8b:0c:d2:61:75:bd:08:49:83:cb:55:97:db:ca:f5: a2:36:30:df:9c:8e:86:b0:cc:fd:34:33:fe:d1:dd: 0b:e9:f5:0c:2b:1a:36:bb:98:85:86:b9:17:3d:2d: a7:f3:14:0a:0a:c9:ae:d3:43:8c:2c:94:54:c1:06: c0:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:36:97:A7:85:8E:68:28:81:10:16:70:AD:D1:D6:7E:05:08:4F:91 X509v3 Authority Key Identifier: keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:52:25:d3:c6:c7:95:ea:23:78:20:99:19:fd:1c:ea:6a:3f: c0:89:84:27:aa:09:84:df:0e:b4:b2:c5:af:bd:40:e8:fa:d9: aa:92:40:30:0c:33:ec:a1:e7:8f:21:9e:16:fa:8c:e8:2e:7d: 8b:f7:39:ce:7b:33:cc:37:b3:0c:38:80:e0:ea:29:b0:50:05: 4d:fa:ab:ea:d0:19:8f:5f:67:37:8b:c1:bc:a4:1f:e8:e5:67: c4:0a:cd:d3:fe:6a:b6:24:42:f8:b8:0d:3b:6b:e0:8f:46:fc: f6:6d:e6:a1:f4:c7:f9:93:3f:c5:13:ff:b6:0f:0b:1d:07:33: 2a:f3:84:0b:a2:88:24:28:b1:6b:9a:ed:b6:fe:85:26:bd:8f: 8b:1e:24:07:e2:2d:14:39:8a:3c:3a:39:59:70:bc:d1:f2:55: 02:7a:e7:c6:d7:2d:3f:ba:1e:77:ec:ae:3e:88:6c:d9:8f:ff: 9f:32:8a:ae:fd:6a:5b:0a:21:d8:be:91:10:22:d7:f8:79:a5: cc:fa:8f:c0:3a:59:41:0d:64:38:e0:c8:5e:3e:c5:ce:14:27: 71:70:ac:51:80:7b:83:6e:15:57:ac:e9:1e:17:51:bf:da:92: cf:f6:50:ae:0f:da:16:56:af:9a:21:3b:cb:ba:6d:9e:0f:10: f9:b5:da:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGuoc3dYEJ+wOlSDSCBibMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm ZGYwMzAwHhcNMjUxMjI2MTAwMTExWhcNMjUxMjI3MTAwMTExWjAzMTEwLwYDVQQD EygxNDM2OTdhNzg1OGU2ODI4ODExMDE2NzBhZGQxZDY3ZTA1MDg0ZjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4hfa5TJB4j1ycz0vP8KwgFwI1dd xu/gIjE88/+WVPVoXxWfXU1Px+Pk4ULd4DZZEEJucTLUacIp/GCE2rtyhoYu/OxY nR72EpXHwzcjWd92Aj2J10AeX6owY5kV43dfFyyZE5boh1ZCQtxgcxv75SmPW5Lk DpKznRTaAa+zvcTxOV4FpbwKZdOjyM2tTVwXtp3g6ftlDMLtk7wxQHw5dIWp/iCj bI0O6wL3eBN6rK/YCHFOo0qASw7/kDtsun3Dk0eLDNJhdb0ISYPLVZfbyvWiNjDf nI6GsMz9NDP+0d0L6fUMKxo2u5iFhrkXPS2n8xQKCsmu00OMLJRUwQbAdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBQ2l6eFjmgogRAWcK3R1n4FCE+RMB8GA1UdIwQY MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5 LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1Il08bH leojeCCZGf0c6mo/wImEJ6oJhN8OtLLFr71A6PrZqpJAMAwz7KHnjyGeFvqM6C59 i/c5znszzDezDDiA4OopsFAFTfqr6tAZj19nN4vBvKQf6OVnxArN0/5qtiRC+LgN O2vgj0b89m3mofTH+ZM/xRP/tg8LHQczKvOEC6KIJCixa5rttv6FJr2Pix4kB+It FDmKPDo5WXC80fJVAnrnxtctP7oed+yuPohs2Y//nzKKrv1qWwoh2L6RECLX+Hml zPqPwDpZQQ1kOODIXj7FzhQncXCsUYB7g24VV6zpHhdRv9qSz/ZQrg/aFlavmiE7 y7ptng8Q+bXaYQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:15:44 2025 by rpki-client