This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft File: IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft (raw, json) Hash identifier: mqpmKLc0Vg5nMvCvcmS3NhKxOgKCaqJEikNqgARLtpI= Subject key identifier: F2:9A:24:60:D2:18:33:F8:B2:FB:8A:D6:C0:ED:E4:8E:BD:20:62:87 Authority key identifier: 21:9B:7C:14:5E:0A:CF:81:48:41:8D:54:24:7D:FD:DF:FC:19:FA:4C Certificate issuer: /CN=219b7c145e0acf8148418d54247dfddffc19fa4c Certificate serial: 019B3CB4EC79B033CF8871BA406FC310EDFF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZt8FF4Kz4FIQY1UJH393_wZ-kw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft Manifest number: 033B Signing time: Sat 20 Dec 2025 17:00:48 +0000 Manifest this update: Sat 20 Dec 2025 17:00:48 +0000 Manifest next update: Sun 21 Dec 2025 17:00:48 +0000 Files and hashes: 1: IZt8FF4Kz4FIQY1UJH393_wZ-kw.crl (hash: /8rks23vhPLZV1BCjKAELvk6CTluoDotrR8+7oCC9yM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft rsync://rpki.ripe.net/repository/DEFAULT/IZt8FF4Kz4FIQY1UJH393_wZ-kw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b4:ec:79:b0:33:cf:88:71:ba:40:6f:c3:10:ed:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=219b7c145e0acf8148418d54247dfddffc19fa4c Validity Not Before: Dec 20 17:00:48 2025 GMT Not After : Dec 21 17:00:48 2025 GMT Subject: CN=f29a2460d21833f8b2fb8ad6c0ede48ebd206287 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:71:b4:a6:e4:5c:ef:31:da:6f:1f:84:da:a4: 17:a6:34:af:a5:b9:fd:c8:0c:7e:75:44:7d:d5:82: e4:59:cf:92:34:56:1e:12:d3:3f:03:ee:49:61:f3: 30:a3:9b:2c:5e:e8:52:09:7b:4d:c3:ef:23:f1:a7: ca:26:4d:4d:25:f3:60:44:c7:94:40:61:eb:87:a0: 9f:56:06:1b:c4:0b:ef:79:1d:29:fd:40:a0:ae:6f: 42:ca:01:ec:54:04:a0:b0:73:ac:5c:04:77:d5:4f: f0:5f:f1:3e:55:6d:db:63:47:c9:e8:02:21:f8:34: a3:09:d6:54:a2:24:13:db:19:9c:4d:16:97:06:ed: 42:58:5d:c8:22:20:66:4b:b9:18:2f:a8:95:4b:a4: b4:b3:8f:71:4b:60:d7:75:6f:e9:ec:74:e7:13:36: 48:18:31:d7:83:a3:da:2f:f7:10:74:2b:e2:61:e4: 73:80:bb:6b:2e:6e:3b:cc:8e:7e:59:db:c6:05:d8: 3d:18:d1:d4:e6:96:fc:54:65:56:6f:d3:25:12:3b: 3e:95:2f:84:4a:13:27:93:a4:48:dd:5f:1c:8b:71: 0c:8f:c9:a1:9c:91:f9:c4:ad:e6:5f:f5:0a:b0:cf: 04:76:ba:21:5d:21:a7:b6:e3:90:d2:ba:d1:a2:28: 2b:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:9A:24:60:D2:18:33:F8:B2:FB:8A:D6:C0:ED:E4:8E:BD:20:62:87 X509v3 Authority Key Identifier: keyid:21:9B:7C:14:5E:0A:CF:81:48:41:8D:54:24:7D:FD:DF:FC:19:FA:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZt8FF4Kz4FIQY1UJH393_wZ-kw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/fa1004-e450-41ec-9d5e-4a1f7c1bdf78/1/IZt8FF4Kz4FIQY1UJH393_wZ-kw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 13:79:fd:ee:2f:a4:69:dc:12:55:23:e9:30:5d:9c:cc:19:ea: 02:44:f5:33:ea:2f:9a:3e:75:98:0e:4e:c2:11:ff:53:5c:f2: ac:ba:f7:ec:dd:d5:d6:b6:23:d8:ff:3a:d4:15:26:22:d7:bd: 5a:56:1a:9b:ee:d4:b1:90:65:2b:6a:38:61:d5:20:20:d6:e9: 3b:4c:9f:e6:ff:c4:28:58:f9:d4:09:bb:40:22:2f:4a:e6:cd: 6b:15:12:24:78:30:b0:67:b8:26:40:d4:35:bb:28:a0:76:d3: 62:74:b6:61:c2:71:7d:47:74:d9:bb:db:8a:f2:94:ee:4f:a3: dc:5d:44:f8:66:26:6f:3c:ab:70:bc:36:ed:ac:41:06:68:2c: 13:cc:75:83:a5:d3:e6:64:b7:2e:73:2d:9f:35:09:fd:94:f6: 6f:e2:98:68:e4:0d:f2:10:f8:2b:82:f7:25:1f:a8:55:67:36: 20:e9:93:49:b1:bf:0b:4a:a0:40:ac:33:3e:73:fd:4c:a2:b5: aa:fd:17:4a:b4:20:de:b5:75:9a:b0:13:c6:f2:5e:94:31:01: e2:53:5a:24:d9:c2:bc:6a:ca:b3:8a:19:ae:b6:ef:8f:6a:3b: 8a:ac:82:ad:e3:77:f9:54:1c:7d:01:40:c8:d5:c1:e0:f5:6a: f7:4f:2d:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tOx5sDPPiHG6QG/DEO3/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxOWI3YzE0NWUwYWNmODE0ODQxOGQ1NDI0N2RmZGRmZmMx OWZhNGMwHhcNMjUxMjIwMTcwMDQ4WhcNMjUxMjIxMTcwMDQ4WjAzMTEwLwYDVQQD EyhmMjlhMjQ2MGQyMTgzM2Y4YjJmYjhhZDZjMGVkZTQ4ZWJkMjA2Mjg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23G0puRc7zHabx+E2qQXpjSvpbn9 yAx+dUR91YLkWc+SNFYeEtM/A+5JYfMwo5ssXuhSCXtNw+8j8afKJk1NJfNgRMeU QGHrh6CfVgYbxAvveR0p/UCgrm9CygHsVASgsHOsXAR31U/wX/E+VW3bY0fJ6AIh +DSjCdZUoiQT2xmcTRaXBu1CWF3IIiBmS7kYL6iVS6S0s49xS2DXdW/p7HTnEzZI GDHXg6PaL/cQdCviYeRzgLtrLm47zI5+WdvGBdg9GNHU5pb8VGVWb9MlEjs+lS+E ShMnk6RI3V8ci3EMj8mhnJH5xK3mX/UKsM8EdrohXSGntuOQ0rrRoigreQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPKaJGDSGDP4svuK1sDt5I69IGKHMB8GA1UdIwQY MBaAFCGbfBReCs+BSEGNVCR9/d/8GfpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVp0OEZGNEt6NEZJUVkxVUpIMzkzX3daLWt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9mYTEwMDQtZTQ1MC00MWVjLTlkNWUt NGExZjdjMWJkZjc4LzEvSVp0OEZGNEt6NEZJUVkxVUpIMzkzX3daLWt3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS9mYTEwMDQtZTQ1MC00MWVjLTlkNWUtNGExZjdjMWJkZjc4 LzEvSVp0OEZGNEt6NEZJUVkxVUpIMzkzX3daLWt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE3n97i+k adwSVSPpMF2czBnqAkT1M+ovmj51mA5OwhH/U1zyrLr37N3V1rYj2P861BUmIte9 WlYam+7UsZBlK2o4YdUgINbpO0yf5v/EKFj51Am7QCIvSubNaxUSJHgwsGe4JkDU NbsooHbTYnS2YcJxfUd02bvbivKU7k+j3F1E+GYmbzyrcLw27axBBmgsE8x1g6XT 5mS3LnMtnzUJ/ZT2b+KYaOQN8hD4K4L3JR+oVWc2IOmTSbG/C0qgQKwzPnP9TKK1 qv0XSrQg3rV1mrATxvJelDEB4lNaJNnCvGrKs4oZrrbvj2o7iqyCreN3+VQcfQFA yNXB4PVq908tMA== -----END CERTIFICATE-----Generated at Sun Dec 21 00:57:33 2025 by rpki-client