This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft File: iDa9j605PlExoCNykxWzVgFOZjc.mft (raw, json) Hash identifier: Z1e3VrTPk9HREfeqmhL2UyMdp1+BLF5vjJwoIeGiHTs= Subject key identifier: EE:63:8F:CD:1B:FE:0F:22:84:55:A2:6B:B6:43:9C:74:DD:0C:AA:98 Authority key identifier: 88:36:BD:8F:AD:39:3E:51:31:A0:23:72:93:15:B3:56:01:4E:66:37 Certificate issuer: /CN=8836bd8fad393e5131a023729315b356014e6637 Certificate serial: 019B5A88DE79E004050B4FA5B1B4C73AEF19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft Manifest number: 1797 Signing time: Fri 26 Dec 2025 12:01:17 +0000 Manifest this update: Fri 26 Dec 2025 12:01:17 +0000 Manifest next update: Sat 27 Dec 2025 12:01:17 +0000 Files and hashes: 1: UKX34TFCd0figIbF32wm6M0tdxE.roa (hash: BFLvjvBRECITaOdgL/U7OU6npGQVInzdalw4vhrK37A=) 2: iDa9j605PlExoCNykxWzVgFOZjc.crl (hash: Q0c00xG8B1Lt6i0pWUzTmknbOOJzMhOgslZScOF8Bpc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:de:79:e0:04:05:0b:4f:a5:b1:b4:c7:3a:ef:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8836bd8fad393e5131a023729315b356014e6637 Validity Not Before: Dec 26 12:01:17 2025 GMT Not After : Dec 27 12:01:17 2025 GMT Subject: CN=ee638fcd1bfe0f228455a26bb6439c74dd0caa98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c0:aa:64:c9:36:9c:fa:90:a8:d8:d0:93:43: fe:01:92:d5:bf:1d:df:83:a0:16:4a:30:ac:fe:bc: 4f:69:10:8d:14:21:35:7f:f9:16:9a:ea:4a:2e:dc: 52:4a:a7:59:5e:b8:0d:81:8a:57:3c:ec:0f:07:63: 6e:4c:42:84:ee:0e:cb:db:c6:1e:2b:b3:4f:99:a3: d2:88:91:6d:2e:46:57:16:f9:a5:e1:a3:5a:4a:4f: 9a:95:55:ac:1a:71:90:a6:2a:07:de:e8:0a:a7:1a: 8b:b4:d6:40:ee:5d:44:c6:29:5d:20:70:ce:f7:4b: 56:b5:67:da:bd:7c:88:99:4f:57:07:70:1a:7e:f5: 3e:54:83:7a:e4:be:e0:71:6e:28:47:f6:a9:4f:52: 8d:98:a4:4d:74:94:68:8a:b0:a4:cc:cf:20:e0:20: 56:04:3f:8a:3a:d4:54:e5:3e:ac:3f:bf:e6:8e:65: 67:9f:c1:73:f0:a1:92:d0:ea:3b:24:0c:37:88:60: 80:3e:e0:29:d5:4b:0d:e5:6e:86:51:2a:e4:00:9b: 39:bf:a4:88:fc:41:bf:f1:46:e5:1b:67:83:a8:b9: c0:9b:80:1b:c6:ce:8e:e5:49:59:bd:b8:9f:0f:b3: 00:22:a8:74:c2:35:ea:8b:f8:a5:95:a5:ef:9c:23: 40:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:63:8F:CD:1B:FE:0F:22:84:55:A2:6B:B6:43:9C:74:DD:0C:AA:98 X509v3 Authority Key Identifier: keyid:88:36:BD:8F:AD:39:3E:51:31:A0:23:72:93:15:B3:56:01:4E:66:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDa9j605PlExoCNykxWzVgFOZjc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/129a5b-b7f6-49d0-95c2-12f9cb0a2118/1/iDa9j605PlExoCNykxWzVgFOZjc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:09:01:eb:24:b4:85:a7:c5:82:0c:a7:aa:d6:9a:13:d3:89: 58:36:82:77:42:5f:ee:98:f8:68:39:f1:52:1f:17:20:20:54: 91:17:76:e8:4f:29:e3:88:cf:51:1f:02:b6:d5:4b:45:c6:7e: e1:a6:ad:ee:21:e0:77:1b:e8:3d:91:0a:31:07:42:c8:b3:b4: 49:d7:d2:14:05:2b:5f:4d:4e:ae:bb:61:5d:ae:b1:58:71:f3: 5a:27:31:90:f1:d4:d8:d3:5f:0b:0a:f9:16:68:52:8d:a2:8e: 8f:f7:5a:2f:92:69:f2:3d:f4:8d:b4:27:65:89:34:d9:36:58: ab:22:85:b1:1a:a4:99:28:a9:cb:7e:ab:48:b7:c7:b0:70:34: ed:29:1f:bd:da:83:10:37:f5:4e:04:71:36:aa:e8:e3:42:e9: fa:09:f0:9b:8f:41:12:a4:1f:32:02:72:c6:21:3e:5f:69:81: 0a:b6:ea:7d:04:32:b2:0d:df:82:c3:a2:5b:37:58:f1:7f:14: 20:6c:9c:fa:8a:8f:b1:5a:9d:4d:e6:a9:51:41:3d:ed:8d:9c: 7b:a0:f9:b1:94:3e:5f:ef:e7:1d:b9:06:96:99:c0:83:89:e6: 5c:37:f4:47:04:16:53:37:f8:5b:ce:e2:9d:48:4d:44:e7:9c: 64:91:63:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiN554AQFC0+lsbTHOu8ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MzZiZDhmYWQzOTNlNTEzMWEwMjM3MjkzMTViMzU2MDE0 ZTY2MzcwHhcNMjUxMjI2MTIwMTE3WhcNMjUxMjI3MTIwMTE3WjAzMTEwLwYDVQQD EyhlZTYzOGZjZDFiZmUwZjIyODQ1NWEyNmJiNjQzOWM3NGRkMGNhYTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcCqZMk2nPqQqNjQk0P+AZLVvx3f g6AWSjCs/rxPaRCNFCE1f/kWmupKLtxSSqdZXrgNgYpXPOwPB2NuTEKE7g7L28Ye K7NPmaPSiJFtLkZXFvml4aNaSk+alVWsGnGQpioH3ugKpxqLtNZA7l1ExildIHDO 90tWtWfavXyImU9XB3AafvU+VIN65L7gcW4oR/apT1KNmKRNdJRoirCkzM8g4CBW BD+KOtRU5T6sP7/mjmVnn8Fz8KGS0Oo7JAw3iGCAPuAp1UsN5W6GUSrkAJs5v6SI /EG/8UblG2eDqLnAm4Abxs6O5UlZvbifD7MAIqh0wjXqi/illaXvnCNAOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO5jj80b/g8ihFWia7ZDnHTdDKqYMB8GA1UdIwQY MBaAFIg2vY+tOT5RMaAjcpMVs1YBTmY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaURhOWo2MDVQbEV4b0NOeWt4V3pWZ0ZPWmpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMjlhNWItYjdmNi00OWQwLTk1YzIt MTJmOWNiMGEyMTE4LzEvaURhOWo2MDVQbEV4b0NOeWt4V3pWZ0ZPWmpjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi8xMjlhNWItYjdmNi00OWQwLTk1YzItMTJmOWNiMGEyMTE4 LzEvaURhOWo2MDVQbEV4b0NOeWt4V3pWZ0ZPWmpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcQkB6yS0 hafFggynqtaaE9OJWDaCd0Jf7pj4aDnxUh8XICBUkRd26E8p44jPUR8CttVLRcZ+ 4aat7iHgdxvoPZEKMQdCyLO0SdfSFAUrX01OrrthXa6xWHHzWicxkPHU2NNfCwr5 FmhSjaKOj/daL5Jp8j30jbQnZYk02TZYqyKFsRqkmSipy36rSLfHsHA07SkfvdqD EDf1TgRxNqro40Lp+gnwm49BEqQfMgJyxiE+X2mBCrbqfQQysg3fgsOiWzdY8X8U IGyc+oqPsVqdTeapUUE97Y2ce6D5sZQ+X+/nHbkGlpnAg4nmXDf0RwQWUzf4W87i nUhNROecZJFjqg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:48 2025 by rpki-client