This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json) Hash identifier: VRBou3nDE9ewqLj83DXSYSlWw+gENwLrD7s6W5mSV5Q= Subject key identifier: 05:8A:18:4E:99:07:12:1A:8E:05:15:0B:20:05:0B:1C:08:4E:AF:36 Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9 Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9 Certificate serial: 019B2B8A2FC75B2859708C4989A8223C9C51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft Manifest number: 1712 Signing time: Wed 17 Dec 2025 09:00:35 +0000 Manifest this update: Wed 17 Dec 2025 09:00:35 +0000 Manifest next update: Thu 18 Dec 2025 09:00:35 +0000 Files and hashes: 1: FXy87TSnS3zZKpD3cubdEzL9JTI.roa (hash: ev8YOzfcP94Okj6loLdeokLYKFfF9CSd4o8ZPprNj7U=) 2: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: QPRpdB70mKj0GKinqrsP98p/WwvFW3CaJ7cxy0h0XBY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8a:2f:c7:5b:28:59:70:8c:49:89:a8:22:3c:9c:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9 Validity Not Before: Dec 17 09:00:35 2025 GMT Not After : Dec 18 09:00:35 2025 GMT Subject: CN=058a184e9907121a8e05150b20050b1c084eaf36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:44:bb:5f:8b:0c:84:4e:6d:24:9c:a0:4f:cb: ff:b3:3e:8b:16:13:8a:e7:5b:ec:11:e2:b8:ff:8c: 3e:8a:88:b9:83:0c:e1:97:00:81:5b:a0:4b:df:9c: 81:b8:9f:ea:98:7e:0b:43:17:33:a3:b6:12:71:89: b4:6c:86:56:9d:10:75:3b:a7:c8:3e:79:a6:2c:56: 25:d7:de:f3:32:c2:f5:45:71:7a:7b:05:4e:6e:7b: bf:15:00:ba:8c:cf:c5:b6:40:07:00:c5:1b:20:96: cf:61:3b:bf:4f:86:28:1b:ae:bd:76:dc:d0:fd:67: 9e:dd:d3:87:ff:01:f3:ba:04:d1:4a:11:7d:8a:dd: 6e:aa:f1:27:22:60:58:2d:8b:8a:b5:89:71:a4:3e: 62:38:e4:c6:8f:67:fa:65:d7:b1:75:45:a9:09:52: 52:a3:63:24:13:28:e6:4d:7b:d1:7d:5d:33:60:79: 35:5b:2a:64:ab:aa:60:7d:aa:c0:97:bd:ad:2a:ce: d8:bf:35:12:66:b8:39:6e:35:d2:68:84:6c:80:60: 98:48:e6:a0:24:ed:43:2b:33:fd:6e:fb:26:c2:dd: 54:52:f2:27:7b:14:62:c9:97:52:39:f5:c9:61:09: ce:87:91:b6:21:bb:be:d3:9f:fd:2f:04:86:4c:18: 7d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:8A:18:4E:99:07:12:1A:8E:05:15:0B:20:05:0B:1C:08:4E:AF:36 X509v3 Authority Key Identifier: keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:a2:11:1d:13:0b:e1:40:55:f2:93:47:6b:c2:11:5e:c8:10: 42:3f:71:ce:0a:20:36:ff:ad:89:0f:a9:23:4f:90:97:34:f2: b3:b5:68:db:83:ae:3c:f6:1a:07:9a:10:1c:17:24:b0:f9:40: 36:ff:7c:d5:60:94:ba:35:8c:a2:40:5a:f0:00:33:ee:2e:3a: bb:ef:a9:ee:04:3a:a6:f3:b2:7b:01:9d:7a:f6:82:ce:43:00: b9:cc:e2:c8:de:dd:12:33:15:4f:0c:26:27:84:13:98:8b:d4: 18:c0:9a:8b:32:ee:f9:3c:e4:7b:3f:6d:47:7b:53:5f:ee:68: f4:a4:54:8a:d3:78:4f:db:24:08:1d:93:98:04:ed:62:b3:2e: b1:73:aa:49:b8:24:8f:58:eb:30:79:2c:a7:d1:47:ad:b4:bc: 29:f4:91:03:b3:d7:21:a1:8d:6a:ae:c2:d6:a6:8a:0c:01:4c: 9e:82:e5:49:d4:94:2a:da:2b:86:86:05:b1:0f:27:56:48:ad: 37:e9:19:d3:5d:5b:ee:bb:8a:26:48:9f:68:81:90:b7:5f:38: 3d:5d:ed:fa:ca:31:09:bc:03:61:42:54:33:00:e9:51:44:b0: 5b:6d:a9:f5:70:a8:fa:f6:c3:c7:09:65:ae:c4:e2:6b:71:8b: 3b:d5:48:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrii/HWyhZcIxJiagiPJxRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh ZTMzZTkwHhcNMjUxMjE3MDkwMDM1WhcNMjUxMjE4MDkwMDM1WjAzMTEwLwYDVQQD EygwNThhMTg0ZTk5MDcxMjFhOGUwNTE1MGIyMDA1MGIxYzA4NGVhZjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvES7X4sMhE5tJJygT8v/sz6LFhOK 51vsEeK4/4w+ioi5gwzhlwCBW6BL35yBuJ/qmH4LQxczo7YScYm0bIZWnRB1O6fI PnmmLFYl197zMsL1RXF6ewVObnu/FQC6jM/FtkAHAMUbIJbPYTu/T4YoG669dtzQ /Wee3dOH/wHzugTRShF9it1uqvEnImBYLYuKtYlxpD5iOOTGj2f6ZdexdUWpCVJS o2MkEyjmTXvRfV0zYHk1Wypkq6pgfarAl72tKs7YvzUSZrg5bjXSaIRsgGCYSOag JO1DKzP9bvsmwt1UUvInexRiyZdSOfXJYQnOh5G2Ibu+05/9LwSGTBh9VwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAWKGE6ZBxIajgUVCyAFCxwITq82MB8GA1UdIwQY MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl6IRHRML 4UBV8pNHa8IRXsgQQj9xzgogNv+tiQ+pI0+QlzTys7Vo24OuPPYaB5oQHBcksPlA Nv981WCUujWMokBa8AAz7i46u++p7gQ6pvOyewGdevaCzkMAucziyN7dEjMVTwwm J4QTmIvUGMCaizLu+Tzkez9tR3tTX+5o9KRUitN4T9skCB2TmATtYrMusXOqSbgk j1jrMHksp9FHrbS8KfSRA7PXIaGNaq7C1qaKDAFMnoLlSdSUKtorhoYFsQ8nVkit N+kZ011b7ruKJkifaIGQt184PV3t+soxCbwDYUJUMwDpUUSwW22p9XCo+vbDxwll rsTia3GLO9VIlQ== -----END CERTIFICATE-----Generated at Wed Dec 17 19:04:42 2025 by rpki-client