This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft File: 1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft (raw, json) Hash identifier: ZGjOaeadhZW0hyRvQI21r8F0uEqmmq6GgJj87CBRdt8= Subject key identifier: EE:BB:39:0D:98:2B:10:85:E9:E5:C4:B9:F8:19:A0:78:CA:32:92:F8 Authority key identifier: D4:22:36:74:33:76:5B:54:1A:37:39:0A:99:89:97:B7:37:C4:64:72 Certificate issuer: /CN=d422367433765b541a37390a998997b737c46472 Certificate serial: 019B5A88C9152659CB250F0FB3B6F7B75A9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft Manifest number: 172A Signing time: Fri 26 Dec 2025 12:01:11 +0000 Manifest this update: Fri 26 Dec 2025 12:01:11 +0000 Manifest next update: Sat 27 Dec 2025 12:01:11 +0000 Files and hashes: 1: 1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl (hash: syn5Hyg7J+7vspplf9Vve2n0+iKr4NEUXIN/bo1xwIQ=) 2: dO1sDlUm4GNT1NLwZmfUYJ1pPqA.roa (hash: JWs3QU5N8u442ANJ16//ujHqSWgzP2/558mG+17RvNo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:c9:15:26:59:cb:25:0f:0f:b3:b6:f7:b7:5a:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d422367433765b541a37390a998997b737c46472 Validity Not Before: Dec 26 12:01:11 2025 GMT Not After : Dec 27 12:01:11 2025 GMT Subject: CN=eebb390d982b1085e9e5c4b9f819a078ca3292f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:c9:2a:7b:c5:65:45:48:c6:48:2b:9b:c5:1d: ad:fc:4e:a8:b7:bd:8f:57:c4:aa:ae:5b:31:2b:2a: 15:4d:82:26:b6:50:31:b9:06:fe:ea:f1:93:a4:63: c7:2c:66:e2:35:00:e3:9a:95:42:8d:b2:79:47:83: e9:af:88:8a:70:eb:8d:a4:69:72:e7:15:35:03:03: d6:8b:48:d7:23:a5:65:a4:a2:67:6c:e4:23:1a:a8: 51:d4:12:e9:d3:78:96:42:d9:26:1d:e3:29:ce:02: 36:ee:29:56:0d:0b:c3:3e:61:99:cd:09:5f:47:27: e0:bc:f5:84:25:28:55:fd:67:bd:a6:f1:79:26:82: 04:1b:7e:9d:af:3c:ba:0d:e1:cc:8e:04:3d:d5:30: 64:ab:ac:c1:e8:fd:a4:c0:a5:14:a1:62:77:39:18: 7c:df:0d:66:5c:e7:08:31:1a:f1:b5:06:f4:8e:2b: 97:76:69:41:f4:36:df:45:75:c1:cb:b7:c8:9e:95: ae:3e:ad:77:95:21:05:83:29:9e:cf:2e:90:96:00: 27:d4:4e:d8:8a:91:93:ad:03:db:c9:be:54:54:91: da:18:5c:24:8b:cc:56:4b:22:c1:7e:82:44:c7:1a: 59:db:28:e9:cc:62:98:1f:77:ee:69:00:22:7f:67: 56:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:BB:39:0D:98:2B:10:85:E9:E5:C4:B9:F8:19:A0:78:CA:32:92:F8 X509v3 Authority Key Identifier: keyid:D4:22:36:74:33:76:5B:54:1A:37:39:0A:99:89:97:B7:37:C4:64:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CI2dDN2W1QaNzkKmYmXtzfEZHI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/45be32-821f-4514-aa31-bc75466047c9/1/1CI2dDN2W1QaNzkKmYmXtzfEZHI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:65:44:ce:ef:3b:22:6e:ff:f4:9e:a0:b0:f2:43:db:74:51: 5d:d4:f1:97:ca:eb:a7:4f:82:cf:a4:76:a9:0d:3b:83:93:52: 93:b8:d5:83:c3:d9:43:58:a6:6e:1d:d5:c3:c3:02:f3:ad:fa: ff:d0:c1:4d:f8:eb:d2:4a:c1:14:86:97:87:7d:d3:3c:c1:4c: bb:3a:9a:91:ce:0d:e3:38:19:e7:44:9b:1f:7e:d8:62:fc:3e: 57:36:e2:3c:b2:c9:ca:1e:bf:e5:25:f2:20:0f:c1:f7:19:88: 5d:15:5f:25:b0:5d:cd:90:d1:47:79:5c:20:77:a7:69:65:fe: 69:cb:ea:b3:07:aa:a7:04:05:23:8e:8e:ab:d6:90:a6:1b:3e: 07:92:2f:c9:d2:16:a0:96:be:90:eb:18:c3:55:87:40:74:6f: 01:6a:1e:07:7b:b1:7e:50:7d:e2:af:60:86:00:44:ae:f8:99: 4c:8b:d9:96:67:4d:b0:87:a9:92:c3:b7:31:e8:5c:e5:10:94: 1a:e9:59:63:64:d6:0a:09:6b:0c:fc:4e:7a:bd:e4:da:cb:5d: 87:33:3c:3e:6d:33:76:a6:35:73:07:a8:01:2e:b7:29:7f:98: 58:1f:ab:29:b4:06:9e:4d:3a:5d:73:ba:38:8d:ef:04:bc:3e: 24:d2:6f:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiMkVJlnLJQ8Ps7b3t1qaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0MjIzNjc0MzM3NjViNTQxYTM3MzkwYTk5ODk5N2I3Mzdj NDY0NzIwHhcNMjUxMjI2MTIwMTExWhcNMjUxMjI3MTIwMTExWjAzMTEwLwYDVQQD EyhlZWJiMzkwZDk4MmIxMDg1ZTllNWM0YjlmODE5YTA3OGNhMzI5MmY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8kqe8VlRUjGSCubxR2t/E6ot72P V8SqrlsxKyoVTYImtlAxuQb+6vGTpGPHLGbiNQDjmpVCjbJ5R4Ppr4iKcOuNpGly 5xU1AwPWi0jXI6VlpKJnbOQjGqhR1BLp03iWQtkmHeMpzgI27ilWDQvDPmGZzQlf RyfgvPWEJShV/We9pvF5JoIEG36drzy6DeHMjgQ91TBkq6zB6P2kwKUUoWJ3ORh8 3w1mXOcIMRrxtQb0jiuXdmlB9DbfRXXBy7fInpWuPq13lSEFgymezy6QlgAn1E7Y ipGTrQPbyb5UVJHaGFwki8xWSyLBfoJExxpZ2yjpzGKYH3fuaQAif2dWRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO67OQ2YKxCF6eXEufgZoHjKMpL4MB8GA1UdIwQY MBaAFNQiNnQzdltUGjc5CpmJl7c3xGRyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy80NWJlMzItODIxZi00NTE0LWFhMzEt YmM3NTQ2NjA0N2M5LzEvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy80NWJlMzItODIxZi00NTE0LWFhMzEtYmM3NTQ2NjA0N2M5 LzEvMUNJMmRETjJXMVFhTnprS21ZbVh0emZFWkhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGVEzu87 Im7/9J6gsPJD23RRXdTxl8rrp0+Cz6R2qQ07g5NSk7jVg8PZQ1imbh3Vw8MC8636 /9DBTfjr0krBFIaXh33TPMFMuzqakc4N4zgZ50SbH37YYvw+VzbiPLLJyh6/5SXy IA/B9xmIXRVfJbBdzZDRR3lcIHenaWX+acvqsweqpwQFI46Oq9aQphs+B5IvydIW oJa+kOsYw1WHQHRvAWoeB3uxflB94q9ghgBErviZTIvZlmdNsIepksO3Mehc5RCU GulZY2TWCglrDPxOer3k2stdhzM8Pm0zdqY1cweoAS63KX+YWB+rKbQGnk06XXO6 OI3vBLw+JNJv9A== -----END CERTIFICATE-----Generated at Fri Dec 26 21:03:38 2025 by rpki-client