This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json) Hash identifier: ZUZCmI4e+xbqhI27Hi8wKUpgXzGLqrGftgwAk05Nxh0= Subject key identifier: C5:E9:06:F6:96:18:B0:29:0D:14:BB:51:52:26:EC:D0:9C:DC:0A:65 Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Certificate serial: 019B0D4940396D172C141E332D3144B7C9F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft Manifest number: 0F51 Signing time: Thu 11 Dec 2025 12:01:02 +0000 Manifest this update: Thu 11 Dec 2025 12:01:02 +0000 Manifest next update: Fri 12 Dec 2025 12:01:02 +0000 Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: 8OEB/uJRIDZYE1GaYcqBL6WwJ8tFlNL5eKfPHsBob+0=) 2: vKn82l16VjLcws3vWmstSLyeRWc.roa (hash: 69t8lHqeYhq+/2Zvm3uALN86FxM4aXQbhwTdxmIef8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 12:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:49:40:39:6d:17:2c:14:1e:33:2d:31:44:b7:c9:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Validity Not Before: Dec 11 12:01:02 2025 GMT Not After : Dec 12 12:01:02 2025 GMT Subject: CN=c5e906f69618b0290d14bb515226ecd09cdc0a65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:de:3b:f9:25:4a:93:75:60:42:32:5e:c8:c3: e7:fc:3d:33:b1:59:e5:98:49:06:9e:59:b4:31:ec: 27:2a:e0:da:cd:ac:07:56:19:21:6b:67:aa:39:ae: 97:bd:07:75:55:2a:0c:83:bf:a1:d9:81:81:f4:05: 88:95:6b:85:ff:de:71:b5:e1:75:61:80:7b:cd:4d: 5a:a6:36:1b:6d:86:9b:5f:72:1d:4a:ce:df:63:6b: 05:c2:ad:2d:da:7e:3f:49:ea:4e:f0:97:0f:12:ea: 33:94:e7:76:fd:b1:0d:fd:af:c6:8c:f3:2e:88:94: bd:a4:a0:5b:88:da:25:c6:0c:8c:b1:5d:8f:bc:d8: f3:e2:49:84:c4:74:b2:d2:95:de:00:6f:ec:3c:80: 13:be:28:66:23:f7:b1:f9:9f:e1:06:d3:b7:73:63: e5:ac:f3:04:45:87:17:8f:5d:54:7c:c0:72:65:da: 1c:f5:68:8b:76:63:5c:bf:29:fa:b7:84:db:98:70: c8:16:fb:a6:70:c4:ca:4f:4b:e1:5f:b0:ce:5c:db: 15:57:39:18:4f:f8:6d:91:35:c3:32:f8:70:35:8a: 42:e4:aa:44:60:8e:7f:37:fc:f8:24:a0:ba:60:c9: d9:34:7d:5e:8f:82:85:bf:8f:63:e7:c2:35:bf:ae: 69:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:E9:06:F6:96:18:B0:29:0D:14:BB:51:52:26:EC:D0:9C:DC:0A:65 X509v3 Authority Key Identifier: keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:51:e4:15:b1:45:03:80:9b:11:b5:8a:14:92:21:30:6b:cf: 42:20:38:85:30:a8:b6:67:c1:3a:f9:e4:04:5a:9d:01:06:9d: a3:af:5c:35:bd:51:a9:1f:3a:db:c9:3e:c9:60:f3:cd:a2:db: 0e:de:d5:81:f0:4c:cd:5a:2c:e7:c7:21:25:3a:fe:2d:07:a6: 4f:c7:35:3a:71:ae:50:04:6a:57:70:2e:35:78:c6:dc:b8:52: 67:18:43:a5:2b:b5:ae:33:12:15:ac:57:76:77:c9:c6:c0:80: e7:88:1a:ea:19:e7:d7:19:6e:22:ea:38:4b:56:a7:5d:b0:96: c6:55:43:43:24:aa:2a:39:0f:4f:c0:5c:9c:a1:17:2e:76:1c: 5c:1a:0b:00:00:fa:84:40:03:9d:e3:00:24:75:79:f5:e8:81: 44:b9:ad:1b:c7:55:19:96:6f:be:a7:e7:56:ce:c3:a6:b8:31: de:93:ba:cb:b8:3d:81:ba:79:4c:7a:45:cf:ae:eb:c1:7a:2c: 8e:ef:77:03:73:9f:12:3c:be:c1:9f:aa:ca:af:ef:43:41:d2: f6:1e:e5:24:9d:a2:be:93:71:6f:8c:ee:b4:83:16:1f:0c:04: 4f:5c:c6:37:b5:7e:19:fd:f0:16:d0:f5:2f:6c:d2:10:f7:c4: b5:c2:2f:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsNSUA5bRcsFB4zLTFEt8n0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk ZGM3ZGYwHhcNMjUxMjExMTIwMTAyWhcNMjUxMjEyMTIwMTAyWjAzMTEwLwYDVQQD EyhjNWU5MDZmNjk2MThiMDI5MGQxNGJiNTE1MjI2ZWNkMDljZGMwYTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt47+SVKk3VgQjJeyMPn/D0zsVnl mEkGnlm0MewnKuDazawHVhkha2eqOa6XvQd1VSoMg7+h2YGB9AWIlWuF/95xteF1 YYB7zU1apjYbbYabX3IdSs7fY2sFwq0t2n4/SepO8JcPEuozlOd2/bEN/a/GjPMu iJS9pKBbiNolxgyMsV2PvNjz4kmExHSy0pXeAG/sPIATvihmI/ex+Z/hBtO3c2Pl rPMERYcXj11UfMByZdoc9WiLdmNcvyn6t4TbmHDIFvumcMTKT0vhX7DOXNsVVzkY T/htkTXDMvhwNYpC5KpEYI5/N/z4JKC6YMnZNH1ej4KFv49j58I1v65p0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMXpBvaWGLApDRS7UVIm7NCc3AplMB8GA1UdIwQY MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1 LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlHkFbFF A4CbEbWKFJIhMGvPQiA4hTCotmfBOvnkBFqdAQado69cNb1RqR8628k+yWDzzaLb Dt7VgfBMzVos58chJTr+LQemT8c1OnGuUARqV3AuNXjG3LhSZxhDpSu1rjMSFaxX dnfJxsCA54ga6hnn1xluIuo4S1anXbCWxlVDQySqKjkPT8BcnKEXLnYcXBoLAAD6 hEADneMAJHV59eiBRLmtG8dVGZZvvqfnVs7Dprgx3pO6y7g9gbp5THpFz67rwXos ju93A3OfEjy+wZ+qyq/vQ0HS9h7lJJ2ivpNxb4zutIMWHwwET1zGN7V+Gf3wFtD1 L2zSEPfEtcIvrQ== -----END CERTIFICATE-----Generated at Thu Dec 11 18:35:26 2025 by rpki-client