This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft File: IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft (raw, json) Hash identifier: iucvtmX7uUa5EnCrHE2bQdRgCWGDyhRMIcikmpQi0LE= Subject key identifier: 9D:35:CC:2F:C8:C2:EE:A2:10:D1:79:DF:59:61:B8:A1:B9:6B:3C:7F Authority key identifier: 21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6 Certificate issuer: /CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6 Certificate serial: 019B0F6EC553D10DD381DA09E6207041E3D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft Manifest number: FD Signing time: Thu 11 Dec 2025 22:01:16 +0000 Manifest this update: Thu 11 Dec 2025 22:01:16 +0000 Manifest next update: Fri 12 Dec 2025 22:01:16 +0000 Files and hashes: 1: IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl (hash: 47BjgsXdp/h/Zyw5l6kOaWWR0VqxOGSFf+xBY03tbK4=) 2: Tq4R9IdG22N3vnBq8Qo-UFuJbpQ.roa (hash: af3sYHdNbdlvdprU3qi9kp0Nrk2mSxcsF15s0Xd+YhM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:c5:53:d1:0d:d3:81:da:09:e6:20:70:41:e3:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6 Validity Not Before: Dec 11 22:01:16 2025 GMT Not After : Dec 12 22:01:16 2025 GMT Subject: CN=9d35cc2fc8c2eea210d179df5961b8a1b96b3c7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:41:85:1f:b5:75:4b:d6:a8:90:bc:e3:b5:bf: 11:cd:a6:b0:ac:ca:af:71:ca:31:99:4e:64:bb:6f: b4:80:a5:2a:fa:38:8f:2b:f0:b0:de:3d:fe:aa:e8: c1:ca:fc:28:e3:3b:6c:f6:8d:ed:2a:80:d0:d7:15: c7:ff:1c:d0:23:e3:df:45:bb:ad:5e:9b:ed:e5:0a: 70:bd:46:ba:44:f3:0b:2c:42:7f:8f:be:f8:bf:b4: 46:9a:e7:36:5d:98:a5:d9:67:8a:7b:3c:d2:8c:c3: ce:36:b2:1d:49:18:48:e1:dc:44:af:c2:51:7c:d2: ab:c9:5b:59:38:e6:8f:04:3c:42:57:62:78:21:7e: f1:14:d6:31:09:2f:5a:3c:6c:3f:11:b3:8a:e6:bf: 3e:95:79:a9:07:10:c3:6a:8f:9b:39:1b:fb:72:20: 33:ca:a5:e3:0a:ff:07:c4:f5:72:a4:26:c7:c0:ec: 5b:f9:da:3d:71:f2:e7:b9:6f:3f:6b:c7:04:d1:2b: 58:2e:5f:cf:25:c6:2a:cb:22:48:1c:14:84:d9:f5: 84:8d:ef:2c:8f:56:da:5f:1e:a3:da:ab:0c:20:98: a4:f3:36:77:e7:3e:b2:8e:a0:31:67:1f:a4:fc:29: 21:bd:c8:ef:2c:82:1f:be:75:e7:cd:3b:14:dd:27: 1c:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:35:CC:2F:C8:C2:EE:A2:10:D1:79:DF:59:61:B8:A1:B9:6B:3C:7F X509v3 Authority Key Identifier: keyid:21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:8a:9d:11:dc:19:eb:a8:c2:90:6a:cb:1d:b8:31:d6:1c:5f: 53:45:de:93:1f:6c:b6:fd:c8:38:8d:94:9f:63:25:08:41:e1: 2b:72:94:e6:53:6b:a2:e9:c9:2d:ce:0b:18:e7:dd:83:6c:26: f3:f2:45:aa:97:4d:be:ce:3c:05:2f:f0:e6:ec:dd:c3:6a:e8: 78:ae:93:3c:66:25:b0:05:e1:b8:a3:e8:c7:a9:bc:0a:7a:db: 63:70:7e:7f:5c:3e:9e:76:e2:66:66:d2:0b:34:09:91:a9:b4: c7:64:5d:3b:e8:a1:5f:87:b7:57:54:87:21:45:58:31:18:2a: 8e:69:7e:10:42:6b:16:00:f1:d3:d8:0a:f4:28:7c:c6:0d:9a: b4:c2:d3:56:2c:85:a7:a7:f7:7e:8d:a2:4c:f4:a8:52:42:61: 0e:45:64:a2:15:92:26:47:0c:a1:65:e8:22:bd:5a:59:72:db: 87:f5:bd:b7:f1:45:3f:83:ed:61:4e:a3:0a:c7:04:27:57:3e: 63:8d:a0:16:de:3d:08:57:06:b3:55:b4:30:2b:07:30:6c:d5: 75:1e:0a:89:52:66:8f:45:0c:2c:bd:d6:b4:b3:8b:ea:9e:70: ea:15:a2:9e:8a:48:05:3c:88:ea:cd:cf:41:f3:60:13:92:76: 30:65:ae:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPbsVT0Q3TgdoJ5iBwQePSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxODFjNWIzY2I3ZWViMWU0OTU4MjE1NWExOTE4ZWM2MTJm OTVhYzYwHhcNMjUxMjExMjIwMTE2WhcNMjUxMjEyMjIwMTE2WjAzMTEwLwYDVQQD Eyg5ZDM1Y2MyZmM4YzJlZWEyMTBkMTc5ZGY1OTYxYjhhMWI5NmIzYzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEGFH7V1S9aokLzjtb8RzaawrMqv ccoxmU5ku2+0gKUq+jiPK/Cw3j3+qujByvwo4zts9o3tKoDQ1xXH/xzQI+PfRbut Xpvt5QpwvUa6RPMLLEJ/j774v7RGmuc2XZil2WeKezzSjMPONrIdSRhI4dxEr8JR fNKryVtZOOaPBDxCV2J4IX7xFNYxCS9aPGw/EbOK5r8+lXmpBxDDao+bORv7ciAz yqXjCv8HxPVypCbHwOxb+do9cfLnuW8/a8cE0StYLl/PJcYqyyJIHBSE2fWEje8s j1baXx6j2qsMIJik8zZ35z6yjqAxZx+k/CkhvcjvLIIfvnXnzTsU3Scc/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ01zC/Iwu6iENF531lhuKG5azx/MB8GA1UdIwQY MBaAFCGBxbPLfuseSVghVaGRjsYS+VrGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAt MDIyNmQ0NWE3NTMyLzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAtMDIyNmQ0NWE3NTMy LzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApoqdEdwZ 66jCkGrLHbgx1hxfU0Xekx9stv3IOI2Un2MlCEHhK3KU5lNrounJLc4LGOfdg2wm 8/JFqpdNvs48BS/w5uzdw2roeK6TPGYlsAXhuKPox6m8CnrbY3B+f1w+nnbiZmbS CzQJkam0x2RdO+ihX4e3V1SHIUVYMRgqjml+EEJrFgDx09gK9Ch8xg2atMLTViyF p6f3fo2iTPSoUkJhDkVkohWSJkcMoWXoIr1aWXLbh/W9t/FFP4PtYU6jCscEJ1c+ Y42gFt49CFcGs1W0MCsHMGzVdR4KiVJmj0UMLL3WtLOL6p5w6hWinopIBTyI6s3P QfNgE5J2MGWu7A== -----END CERTIFICATE-----Generated at Fri Dec 12 00:59:15 2025 by rpki-client