This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft File: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft (raw, json) Hash identifier: W3H+GoDqt1UQ0k8hMR8scjb4q4N7LbF/20Kox6tmYeg= Subject key identifier: 2A:20:E6:9A:4A:14:F7:C7:78:BE:10:24:E7:D0:82:23:43:E6:14:94 Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA Certificate issuer: /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa Certificate serial: 019B5A516DC4A99F588E14FB3BAE072C36C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft Manifest number: 179A Signing time: Fri 26 Dec 2025 11:00:44 +0000 Manifest this update: Fri 26 Dec 2025 11:00:44 +0000 Manifest next update: Sat 27 Dec 2025 11:00:44 +0000 Files and hashes: 1: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl (hash: gJZqeuhdgsAXDebb2gDaj61tI47/Jvi5vd4xfcel3eE=) 2: ZUnY6DcgMFOkn5YPuY63h16XVew.roa (hash: j75VTgwm6ax4o8jG9UYWYEtlaoF5sYfNI7iKEcRNxJM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:6d:c4:a9:9f:58:8e:14:fb:3b:ae:07:2c:36:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa Validity Not Before: Dec 26 11:00:44 2025 GMT Not After : Dec 27 11:00:44 2025 GMT Subject: CN=2a20e69a4a14f7c778be1024e7d0822343e61494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:17:68:92:b7:62:ac:5d:36:53:14:70:98:8f: 04:09:9c:19:6a:43:2d:60:50:a8:81:33:66:2d:a1: e3:f9:79:81:51:10:06:13:ea:24:65:0f:71:b2:0a: f3:c6:4d:45:6d:fd:7f:5a:d9:32:2d:a9:97:50:21: 20:8a:f7:98:44:13:80:c8:88:4b:ca:6a:bb:26:5f: a7:3e:69:c3:ad:ea:da:82:79:a4:5f:f6:b1:9f:89: 0b:65:f4:55:5a:b4:a9:dd:73:00:26:e9:f4:17:39: 58:61:a7:3d:ed:aa:50:e2:37:f0:f8:d1:7e:4f:c7: d5:38:bf:7d:40:26:02:da:37:08:c9:4b:fa:cc:e4: 0a:3c:ac:7a:58:60:f4:09:0c:85:dd:ed:21:60:e4: fd:91:49:cb:dc:d5:10:66:26:a6:41:d3:21:f5:af: 81:bc:19:4f:a4:d1:ea:fc:cd:5c:a7:3e:51:16:4d: 2e:19:c3:07:bf:d3:71:3f:c6:ea:92:58:71:49:14: b1:83:74:7d:79:b9:8b:fd:a3:44:15:4c:30:58:90: e7:3e:8a:79:f1:5a:59:c5:d5:03:12:80:4d:60:62: 96:f6:c0:4d:36:f3:53:83:ca:01:87:f1:bb:84:19: 8f:62:7c:30:f7:7f:1b:a1:8e:b4:2f:ba:4e:d7:35: cf:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:20:E6:9A:4A:14:F7:C7:78:BE:10:24:E7:D0:82:23:43:E6:14:94 X509v3 Authority Key Identifier: keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:86:c5:74:da:5f:37:c6:d2:c0:b8:4e:73:d8:54:bc:40:f2: ad:3c:23:2e:5e:7c:ee:97:b0:03:51:bc:3b:c6:47:4d:f4:0f: 4e:ed:6e:1e:6e:d4:cf:06:48:12:d4:c9:5a:3b:12:22:c2:24: 7f:94:88:5a:a5:93:fe:56:32:06:25:41:ae:9e:87:47:b0:76: 3a:8d:4f:22:94:e1:00:26:cb:39:c8:63:26:90:d3:b6:f0:a5: 48:a7:42:d4:b5:e4:b6:6b:64:75:b6:42:7a:f5:17:66:04:b1: b7:23:69:6f:5f:40:38:99:57:3d:29:bb:04:ea:9c:33:12:20: 72:38:7d:2d:1e:67:49:9d:1f:ae:1a:ee:28:f4:70:09:70:a7: 23:d0:3e:fa:f6:fb:6e:24:72:59:65:f7:98:16:f8:ac:70:bf: 27:52:9e:63:10:76:4d:c2:b4:6c:00:02:3c:02:29:05:b2:24: f4:74:ee:87:17:55:cf:ee:94:5a:9b:7f:9f:d4:db:d4:a0:64: a9:c3:67:fc:8c:d5:6f:46:aa:49:11:26:32:d5:43:4f:ce:a6: 59:0f:bf:15:79:e9:48:21:cf:0c:90:b9:31:7e:79:35:1d:bd: e3:54:1d:93:90:0c:66:9b:5d:84:d4:da:ea:1c:ed:a9:b6:e3: 80:28:7d:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUW3EqZ9YjhT7O64HLDbHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw ZjVhYWEwHhcNMjUxMjI2MTEwMDQ0WhcNMjUxMjI3MTEwMDQ0WjAzMTEwLwYDVQQD EygyYTIwZTY5YTRhMTRmN2M3NzhiZTEwMjRlN2QwODIyMzQzZTYxNDk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRdokrdirF02UxRwmI8ECZwZakMt YFCogTNmLaHj+XmBURAGE+okZQ9xsgrzxk1Fbf1/WtkyLamXUCEgiveYRBOAyIhL ymq7Jl+nPmnDreragnmkX/axn4kLZfRVWrSp3XMAJun0FzlYYac97apQ4jfw+NF+ T8fVOL99QCYC2jcIyUv6zOQKPKx6WGD0CQyF3e0hYOT9kUnL3NUQZiamQdMh9a+B vBlPpNHq/M1cpz5RFk0uGcMHv9NxP8bqklhxSRSxg3R9ebmL/aNEFUwwWJDnPop5 8VpZxdUDEoBNYGKW9sBNNvNTg8oBh/G7hBmPYnww938boY60L7pO1zXP5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCog5ppKFPfHeL4QJOfQgiND5hSUMB8GA1UdIwQY MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt Zjk5NzNjNTc2YjAzLzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADobFdNpf N8bSwLhOc9hUvEDyrTwjLl587pewA1G8O8ZHTfQPTu1uHm7UzwZIEtTJWjsSIsIk f5SIWqWT/lYyBiVBrp6HR7B2Oo1PIpThACbLOchjJpDTtvClSKdC1LXktmtkdbZC evUXZgSxtyNpb19AOJlXPSm7BOqcMxIgcjh9LR5nSZ0frhruKPRwCXCnI9A++vb7 biRyWWX3mBb4rHC/J1KeYxB2TcK0bAACPAIpBbIk9HTuhxdVz+6UWpt/n9Tb1KBk qcNn/IzVb0aqSREmMtVDT86mWQ+/FXnpSCHPDJC5MX55NR2941Qdk5AMZptdhNTa 6hztqbbjgCh9Bw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:49 2025 by rpki-client