This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft File: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json) Hash identifier: SkE355ShJKVreTlEw07hcM4/97crMKIYfRej0t/Flr4= Subject key identifier: 18:92:C8:0F:27:DB:EC:1A:09:42:9E:CD:48:D3:EF:EE:D3:C7:E9:A4 Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0 Certificate issuer: /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0 Certificate serial: 019B59758194921A9881921EFB00ABEAD50F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft Manifest number: 13DC Signing time: Fri 26 Dec 2025 07:00:31 +0000 Manifest this update: Fri 26 Dec 2025 07:00:31 +0000 Manifest next update: Sat 27 Dec 2025 07:00:31 +0000 Files and hashes: 1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: dlVl+NnEXfOmr5grLhB4aD/HA8Y10XAbI7XecUO/sQo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:81:94:92:1a:98:81:92:1e:fb:00:ab:ea:d5:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0 Validity Not Before: Dec 26 07:00:31 2025 GMT Not After : Dec 27 07:00:31 2025 GMT Subject: CN=1892c80f27dbec1a09429ecd48d3efeed3c7e9a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:97:79:9b:7b:ca:58:e9:7f:f3:26:5b:ed:c5: d7:3d:fb:d2:8d:ee:b8:d9:99:f4:e0:e6:e0:f3:09: 5f:93:06:93:d6:f5:35:2c:d5:5c:8f:99:d2:5b:8a: 97:54:7a:e9:72:7c:12:8d:24:13:1a:2e:3b:c6:f4: a8:91:81:7e:61:ec:8b:ea:18:c5:b1:87:29:92:24: 0e:1a:48:c8:f4:ae:ec:6c:fa:1a:10:26:47:1f:4a: 09:42:e6:47:ac:24:2a:66:c5:be:9e:75:df:38:77: 50:f4:57:b7:f1:b9:d9:ff:89:0a:a0:57:cb:fd:49: 66:6c:bd:18:22:19:af:58:01:3f:b4:14:f3:aa:48: c1:48:50:95:8c:70:2e:37:27:b8:8e:a5:01:43:26: 21:79:11:ad:7f:9f:a4:cb:db:77:08:1f:04:ef:7c: 77:17:4b:e7:51:50:b2:d6:74:69:31:18:5a:14:a0: c9:64:0f:93:43:3a:77:e5:8d:42:c5:cf:75:8b:73: 3a:9e:6f:cc:3f:8e:6b:cc:c7:54:10:71:50:7d:df: ae:38:fa:3a:d9:fd:f3:23:8d:0d:1b:eb:5e:07:72: 90:1a:00:7a:e2:37:b8:69:c4:2f:76:e4:68:76:0f: 2d:10:9d:0f:de:44:f0:5b:6b:89:ca:62:1e:a3:c8: 41:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:92:C8:0F:27:DB:EC:1A:09:42:9E:CD:48:D3:EF:EE:D3:C7:E9:A4 X509v3 Authority Key Identifier: keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:40:d7:b7:bb:9b:2b:2c:07:24:ea:b3:a8:15:b7:95:cf:5a: d1:43:d6:70:63:71:26:38:42:4f:ae:4e:3a:ed:e4:c6:75:07: cf:5a:58:17:74:d7:04:d3:f9:8d:e3:2b:92:01:a1:1b:88:46: bf:69:08:3b:ec:d0:12:f5:9c:94:77:da:52:fb:f3:9a:e4:ef: e9:31:2c:7f:68:06:8e:93:45:0a:39:a4:e2:cc:e8:66:a4:38: ee:d0:4a:f5:51:fc:07:5a:20:ec:65:ef:7f:26:f0:69:f3:a7: cc:d6:9c:5b:48:88:a9:64:10:64:3f:cd:07:c9:58:91:5c:fe: bd:53:23:ee:d0:8f:e4:cd:83:cd:5a:6d:8c:63:9c:29:68:46: f5:61:f0:6e:90:9b:89:93:a3:db:56:50:35:d2:57:ad:87:ac: df:de:06:a0:ab:4c:0c:86:d1:36:9c:63:aa:18:11:3a:7e:27: 79:29:04:84:63:4f:d7:d1:a3:3c:1f:2f:9c:0b:9f:50:1b:59: 63:1e:fd:70:2c:be:a9:e7:cf:58:10:f2:46:4a:7a:31:bd:e6: e3:c7:41:d5:32:e6:80:e6:82:88:12:f9:38:20:d6:da:e5:6f: 96:c4:02:1f:fb:52:60:ab:ca:47:e3:39:d9:4a:dc:d4:20:af: 54:6e:e4:e5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdYGUkhqYgZIe+wCr6tUPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi NTYzZjAwHhcNMjUxMjI2MDcwMDMxWhcNMjUxMjI3MDcwMDMxWjAzMTEwLwYDVQQD EygxODkyYzgwZjI3ZGJlYzFhMDk0MjllY2Q0OGQzZWZlZWQzYzdlOWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5d5m3vKWOl/8yZb7cXXPfvSje64 2Zn04Obg8wlfkwaT1vU1LNVcj5nSW4qXVHrpcnwSjSQTGi47xvSokYF+YeyL6hjF sYcpkiQOGkjI9K7sbPoaECZHH0oJQuZHrCQqZsW+nnXfOHdQ9Fe38bnZ/4kKoFfL /UlmbL0YIhmvWAE/tBTzqkjBSFCVjHAuNye4jqUBQyYheRGtf5+ky9t3CB8E73x3 F0vnUVCy1nRpMRhaFKDJZA+TQzp35Y1Cxc91i3M6nm/MP45rzMdUEHFQfd+uOPo6 2f3zI40NG+teB3KQGgB64je4acQvduRodg8tEJ0P3kTwW2uJymIeo8hB4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBiSyA8n2+waCUKezUjT7+7Tx+mkMB8GA1UdIwQY MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH0DXt7ub KywHJOqzqBW3lc9a0UPWcGNxJjhCT65OOu3kxnUHz1pYF3TXBNP5jeMrkgGhG4hG v2kIO+zQEvWclHfaUvvzmuTv6TEsf2gGjpNFCjmk4szoZqQ47tBK9VH8B1og7GXv fybwafOnzNacW0iIqWQQZD/NB8lYkVz+vVMj7tCP5M2DzVptjGOcKWhG9WHwbpCb iZOj21ZQNdJXrYes394GoKtMDIbRNpxjqhgROn4neSkEhGNP19GjPB8vnAufUBtZ Yx79cCy+qefPWBDyRkp6Mb3m48dB1TLmgOaCiBL5OCDW2uVvlsQCH/tSYKvKR+M5 2Urc1CCvVG7k5Q== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:54 2025 by rpki-client