This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft File: i7AWzMBcV2V0az92QtBD6BEgNwU.mft (raw, json) Hash identifier: Rl+1X9VzNw8DdxrnZrpajByjqzcvlBKN69fVYPF1zPI= Subject key identifier: 1F:73:85:24:25:34:B5:D6:F0:B9:D7:46:44:B1:F6:3B:D2:33:D1:18 Authority key identifier: 8B:B0:16:CC:C0:5C:57:65:74:6B:3F:76:42:D0:43:E8:11:20:37:05 Certificate issuer: /CN=8bb016ccc05c5765746b3f7642d043e811203705 Certificate serial: 019B1FBD5F00DEE4B6AA75A4B10082230AB1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft Manifest number: 0263 Signing time: Mon 15 Dec 2025 02:01:02 +0000 Manifest this update: Mon 15 Dec 2025 02:01:02 +0000 Manifest next update: Tue 16 Dec 2025 02:01:02 +0000 Files and hashes: 1: i7AWzMBcV2V0az92QtBD6BEgNwU.crl (hash: GluVJfFsK+6DJmEXQ6Cic7LQ11rzR1lOFOr6yL1dy0k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:bd:5f:00:de:e4:b6:aa:75:a4:b1:00:82:23:0a:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bb016ccc05c5765746b3f7642d043e811203705 Validity Not Before: Dec 15 02:01:02 2025 GMT Not After : Dec 16 02:01:02 2025 GMT Subject: CN=1f7385242534b5d6f0b9d74644b1f63bd233d118 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:b5:03:74:ff:68:5f:1e:eb:d1:dd:68:d3:11: 08:0a:26:88:6e:4c:09:fa:48:da:1c:1c:54:de:ec: db:4e:da:50:af:cb:22:1e:6c:87:3a:32:5f:53:87: 67:fc:df:be:d6:97:61:f5:bd:d9:d3:78:33:6c:22: a5:bb:8c:a4:2e:f9:9e:11:0f:56:0f:22:18:d6:a4: 2b:fe:64:5f:32:b3:da:e5:b4:f9:e8:c5:3f:9a:ab: 6e:8b:ff:9e:c1:d8:89:df:61:35:2f:0e:82:31:9b: a2:80:19:27:fd:ae:87:60:fe:51:26:6d:23:8e:4a: 3e:74:39:3f:87:1a:a0:bc:20:09:87:8f:cb:0c:39: d2:0c:de:4f:3e:93:d6:62:0f:34:aa:25:01:7c:32: f8:53:71:e3:13:40:a4:f4:b4:ba:64:6f:e8:3f:bc: 11:57:7d:f9:15:a9:d7:af:b7:41:9f:d6:05:46:6a: 48:f6:f6:b1:ae:ae:c0:26:ac:22:ae:d3:72:6b:99: 94:cd:9a:59:07:7e:56:34:11:75:3c:2d:80:d2:7a: f9:81:e0:bb:8b:c1:03:53:6c:48:ba:98:0f:fa:42: a4:1f:78:7e:bb:a6:9a:bb:7d:4f:73:62:1e:6e:ec: 32:82:40:be:36:69:cd:8d:fe:02:1f:34:48:90:91: 66:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:73:85:24:25:34:B5:D6:F0:B9:D7:46:44:B1:F6:3B:D2:33:D1:18 X509v3 Authority Key Identifier: keyid:8B:B0:16:CC:C0:5C:57:65:74:6B:3F:76:42:D0:43:E8:11:20:37:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:16:49:61:d1:63:0a:62:57:65:ec:d1:5f:13:a3:1a:38:04: 77:1f:d3:4d:39:9d:6a:9f:df:69:8a:c4:5a:57:bf:66:86:86: 56:fd:8e:f2:54:7c:26:55:8a:12:56:30:bc:fd:13:f1:fa:d9: e6:b5:19:c4:7e:c9:83:02:11:8b:4a:75:30:7e:ef:d6:c1:00: 54:de:f2:fd:7a:6c:6f:e9:0c:39:1f:4f:29:8e:5d:6e:45:b2: ca:dc:f4:e1:d1:ef:6c:db:78:2a:fe:02:07:ba:8f:f6:b0:72: 66:b5:52:f0:df:9e:83:92:ff:9d:16:b0:20:3a:34:a3:89:2d: b2:6a:ca:4d:14:38:a1:4d:0e:9b:dd:6f:63:43:c8:1c:4c:aa: 64:61:a3:a0:33:c6:f7:2c:b5:a3:62:1c:60:6c:02:6f:24:80: b3:97:58:03:b8:33:e7:28:0b:b1:0b:ae:0a:ef:09:3b:76:89: c0:1d:14:6d:84:a3:88:d1:98:54:7c:37:26:8e:3b:66:d1:71: c8:ba:32:db:7c:ee:ae:b1:a4:d4:30:fe:ed:7b:26:ac:15:02: d0:2b:fb:6e:43:fe:28:ff:0a:5d:11:a5:a3:76:16:ac:da:3d: 15:43:2d:a0:c0:a1:61:b4:89:7a:ba:bc:ed:e2:35:bd:cf:25: df:96:cb:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsfvV8A3uS2qnWksQCCIwqxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiYjAxNmNjYzA1YzU3NjU3NDZiM2Y3NjQyZDA0M2U4MTEy MDM3MDUwHhcNMjUxMjE1MDIwMTAyWhcNMjUxMjE2MDIwMTAyWjAzMTEwLwYDVQQD EygxZjczODUyNDI1MzRiNWQ2ZjBiOWQ3NDY0NGIxZjYzYmQyMzNkMTE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7UDdP9oXx7r0d1o0xEICiaIbkwJ +kjaHBxU3uzbTtpQr8siHmyHOjJfU4dn/N++1pdh9b3Z03gzbCKlu4ykLvmeEQ9W DyIY1qQr/mRfMrPa5bT56MU/mqtui/+ewdiJ32E1Lw6CMZuigBkn/a6HYP5RJm0j jko+dDk/hxqgvCAJh4/LDDnSDN5PPpPWYg80qiUBfDL4U3HjE0Ck9LS6ZG/oP7wR V335FanXr7dBn9YFRmpI9vaxrq7AJqwirtNya5mUzZpZB35WNBF1PC2A0nr5geC7 i8EDU2xIupgP+kKkH3h+u6aau31Pc2IebuwygkC+NmnNjf4CHzRIkJFmSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB9zhSQlNLXW8LnXRkSx9jvSM9EYMB8GA1UdIwQY MBaAFIuwFszAXFdldGs/dkLQQ+gRIDcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8wMThmZTctZTg2YS00NjZjLWI3MTAt ZmVkNTVlNmU1MmVmLzEvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8wMThmZTctZTg2YS00NjZjLWI3MTAtZmVkNTVlNmU1MmVm LzEvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnxZJYdFj CmJXZezRXxOjGjgEdx/TTTmdap/faYrEWle/ZoaGVv2O8lR8JlWKElYwvP0T8frZ 5rUZxH7JgwIRi0p1MH7v1sEAVN7y/Xpsb+kMOR9PKY5dbkWyytz04dHvbNt4Kv4C B7qP9rByZrVS8N+eg5L/nRawIDo0o4ktsmrKTRQ4oU0Om91vY0PIHEyqZGGjoDPG 9yy1o2IcYGwCbySAs5dYA7gz5ygLsQuuCu8JO3aJwB0UbYSjiNGYVHw3Jo47ZtFx yLoy23zurrGk1DD+7XsmrBUC0Cv7bkP+KP8KXRGlo3YWrNo9FUMtoMChYbSJerq8 7eI1vc8l35bLcg== -----END CERTIFICATE-----Generated at Mon Dec 15 04:54:28 2025 by rpki-client