This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft File: I32X8VCOekR4mfWaVfuKpiQe9RA.mft (raw, json) Hash identifier: ygw0qFzxuG62NRvGlwt++CUGa4UWSDNsN0m4i8Ovnd8= Subject key identifier: D2:AC:AB:38:DE:BA:27:2F:C5:EA:D9:E3:34:40:E2:CF:91:FB:76:C0 Authority key identifier: 23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 Certificate issuer: /CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Certificate serial: 019B108100E028D32FFB2B288E7653C96C70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft Manifest number: 05FD Signing time: Fri 12 Dec 2025 03:00:48 +0000 Manifest this update: Fri 12 Dec 2025 03:00:48 +0000 Manifest next update: Sat 13 Dec 2025 03:00:48 +0000 Files and hashes: 1: AgvVH_Z5ZikBFIUyEGB_f4ftLfg.roa (hash: Ii6l1o1UjR6zsFk/Ik5xPFxEIQrzvV/YcOC6UeUTh7g=) 2: I32X8VCOekR4mfWaVfuKpiQe9RA.crl (hash: lRE+ALVk4ceHZS4rPBohd69oZFiUUI/WEp2At3dU7m4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 03:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:81:00:e0:28:d3:2f:fb:2b:28:8e:76:53:c9:6c:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=237d97f1508e7a447899f59a55fb8aa6241ef510 Validity Not Before: Dec 12 03:00:48 2025 GMT Not After : Dec 13 03:00:48 2025 GMT Subject: CN=d2acab38deba272fc5ead9e33440e2cf91fb76c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c7:ef:bc:2e:43:58:15:ba:60:c9:99:86:b8: 28:df:6d:7e:c6:1e:0e:4e:df:05:28:82:d0:4f:52: ce:46:27:f3:96:31:a4:50:fa:45:fd:f8:f8:3e:fa: 96:17:12:4e:8e:9d:42:01:d9:6d:de:56:36:b5:8c: ba:cf:21:29:2c:a3:4b:7a:78:2c:66:bb:4e:91:6b: 0e:7c:df:25:f7:29:1d:1a:4c:de:c5:a5:a6:c5:c2: c0:28:14:b0:07:4f:a3:e9:10:15:3e:0d:28:ff:78: 32:7b:9c:3e:c8:c6:8a:16:3b:41:9e:24:4d:a4:25: 28:25:2d:9e:fb:5e:f4:23:d0:1e:eb:e6:32:88:63: 44:66:8a:ae:4a:97:3d:84:ae:b3:c2:34:f9:57:49: 9d:e2:3d:33:b7:68:6c:f3:ec:7e:38:9c:7b:34:c2: 95:e8:86:fd:6d:c9:13:73:b6:d2:5f:3a:b1:f9:18: fc:2b:9f:4c:f4:d6:19:01:0d:f4:4f:3c:81:bb:bf: 0d:7f:cd:fe:ff:7e:5d:96:fa:29:39:6e:60:de:1e: 21:9c:bc:22:fa:82:14:1b:48:89:77:cf:e5:de:b4: 9a:89:26:49:38:ae:0b:ac:54:13:e5:82:1e:dd:42: ef:11:1d:f9:b7:8f:9d:83:bd:03:5b:54:5e:ac:5c: 0c:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:AC:AB:38:DE:BA:27:2F:C5:EA:D9:E3:34:40:E2:CF:91:FB:76:C0 X509v3 Authority Key Identifier: keyid:23:7D:97:F1:50:8E:7A:44:78:99:F5:9A:55:FB:8A:A6:24:1E:F5:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I32X8VCOekR4mfWaVfuKpiQe9RA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f503d7-1fb6-4370-b44f-44a41a93113e/1/I32X8VCOekR4mfWaVfuKpiQe9RA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:e8:da:a5:56:c6:9b:4f:fd:b2:d4:69:6f:31:d1:2a:c0:d7: df:08:f0:40:69:b2:d4:60:a9:b7:1b:89:58:08:89:35:0b:7b: cc:48:ef:80:ef:b0:10:bb:1e:94:15:8c:58:ac:14:1c:9f:ce: 0d:eb:ad:e6:c5:55:c6:b4:d6:46:3d:45:00:e5:6b:3e:ad:1d: 8d:93:67:e3:35:83:83:b4:53:b6:af:2e:db:18:6f:1b:b3:33: e1:d3:da:ff:af:e4:81:24:ff:7b:34:95:d3:24:54:ee:58:5c: f7:00:d0:a4:65:3c:32:1b:12:d0:cf:95:58:b1:84:ab:22:22: cf:7d:b7:68:10:5c:d4:55:ea:ce:84:3b:8f:42:ac:57:27:1a: b7:d2:ed:f2:a3:0d:41:96:7d:62:dd:54:e4:7b:62:0a:c3:c7: 90:1f:f4:b1:cb:6f:df:5e:c5:58:8a:43:0f:fd:61:17:a4:08: a4:c1:91:6a:7d:e2:42:97:ea:44:90:b4:a7:4f:af:20:fa:b1: 7c:b0:59:65:e5:a7:28:37:a1:1f:32:00:9b:8b:90:e5:a5:01: ee:c1:39:88:c5:4d:69:a2:80:2a:d5:5c:49:7c:a1:40:c9:81: 9c:a0:52:98:d3:99:ff:7a:8f:1b:cf:fc:7b:18:0d:cd:88:e4: 6f:59:85:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQgQDgKNMv+ysojnZTyWxwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzN2Q5N2YxNTA4ZTdhNDQ3ODk5ZjU5YTU1ZmI4YWE2MjQx ZWY1MTAwHhcNMjUxMjEyMDMwMDQ4WhcNMjUxMjEzMDMwMDQ4WjAzMTEwLwYDVQQD EyhkMmFjYWIzOGRlYmEyNzJmYzVlYWQ5ZTMzNDQwZTJjZjkxZmI3NmMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMfvvC5DWBW6YMmZhrgo321+xh4O Tt8FKILQT1LORifzljGkUPpF/fj4PvqWFxJOjp1CAdlt3lY2tYy6zyEpLKNLengs ZrtOkWsOfN8l9ykdGkzexaWmxcLAKBSwB0+j6RAVPg0o/3gye5w+yMaKFjtBniRN pCUoJS2e+170I9Ae6+YyiGNEZoquSpc9hK6zwjT5V0md4j0zt2hs8+x+OJx7NMKV 6Ib9bckTc7bSXzqx+Rj8K59M9NYZAQ30TzyBu78Nf83+/35dlvopOW5g3h4hnLwi +oIUG0iJd8/l3rSaiSZJOK4LrFQT5YIe3ULvER35t4+dg70DW1RerFwMcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNKsqzjeuicvxerZ4zRA4s+R+3bAMB8GA1UdIwQY MBaAFCN9l/FQjnpEeJn1mlX7iqYkHvUQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYt NDRhNDFhOTMxMTNlLzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy9mNTAzZDctMWZiNi00MzcwLWI0NGYtNDRhNDFhOTMxMTNl LzEvSTMyWDhWQ09la1I0bWZXYVZmdUtwaVFlOVJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARujapVbG m0/9stRpbzHRKsDX3wjwQGmy1GCptxuJWAiJNQt7zEjvgO+wELselBWMWKwUHJ/O Deut5sVVxrTWRj1FAOVrPq0djZNn4zWDg7RTtq8u2xhvG7Mz4dPa/6/kgST/ezSV 0yRU7lhc9wDQpGU8MhsS0M+VWLGEqyIiz323aBBc1FXqzoQ7j0KsVycat9Lt8qMN QZZ9Yt1U5HtiCsPHkB/0sctv317FWIpDD/1hF6QIpMGRan3iQpfqRJC0p0+vIPqx fLBZZeWnKDehHzIAm4uQ5aUB7sE5iMVNaaKAKtVcSXyhQMmBnKBSmNOZ/3qPG8/8 exgNzYjkb1mFZA== -----END CERTIFICATE-----Generated at Fri Dec 12 13:19:01 2025 by rpki-client