This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft File: iaBBZwABZgo3ILd9dk2DaFIZATg.mft (raw, json) Hash identifier: a3NppDhmwVxjYxEkPbO7t8rdTm/Pwyx4UWEzk0UWC+o= Subject key identifier: FD:50:CD:34:D3:D7:AE:67:97:DD:D3:9D:9B:00:A7:E8:20:70:12:BE Authority key identifier: 89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38 Certificate issuer: /CN=89a041670001660a3720b77d764d836852190138 Certificate serial: 019AF24026C7C0EC06764EFA25DE85EF6FF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft Manifest number: 0568 Signing time: Sat 06 Dec 2025 06:01:21 +0000 Manifest this update: Sat 06 Dec 2025 06:01:21 +0000 Manifest next update: Sun 07 Dec 2025 06:01:21 +0000 Files and hashes: 1: YYgzCJR0-0gXgfzyBpOEkQ4pXkc.roa (hash: DEoGAyI9/dVWa6pEX3QAslv+mwYbksED/2fQOt0a8aI=) 2: iaBBZwABZgo3ILd9dk2DaFIZATg.crl (hash: 0htKmQe29Ka+qJHgxJGDCQKauSAS5KFAVeqwV/I2/qk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:26:c7:c0:ec:06:76:4e:fa:25:de:85:ef:6f:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89a041670001660a3720b77d764d836852190138 Validity Not Before: Dec 6 06:01:21 2025 GMT Not After : Dec 7 06:01:21 2025 GMT Subject: CN=fd50cd34d3d7ae6797ddd39d9b00a7e8207012be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:92:35:38:d4:0f:b6:a1:93:98:f4:5a:45:e5: b0:b8:9e:04:4e:c1:f2:c6:aa:71:4e:26:d8:f1:47: e4:fe:b0:86:31:5d:39:5b:28:12:96:3a:40:3c:55: 58:1f:f6:44:a7:29:df:b1:57:34:e2:c4:16:3d:3e: 9b:32:12:b5:13:ac:ad:03:3f:a2:f2:63:11:3a:a2: 59:d6:27:01:ca:6f:1a:32:bb:6d:c4:f7:a9:6e:af: 22:ce:c0:51:77:15:89:44:86:28:2e:e3:24:2b:0c: 3d:a3:b8:14:94:bd:54:2d:33:53:1e:fc:4b:e1:78: ac:e5:54:dd:00:b0:bc:a6:c3:c7:86:08:e9:cc:6a: b1:9f:f2:d2:ae:f7:1e:94:8a:f8:c4:e5:c0:7e:ab: 4f:1b:39:ea:57:63:78:6f:88:6a:55:5a:fc:02:ec: 25:00:40:bd:67:6e:c3:f0:42:23:f1:4d:c6:31:df: 5e:fe:57:30:06:39:52:fb:5a:f2:4f:4e:36:5f:ec: 11:68:b7:1e:2a:92:ff:a0:ba:28:6c:0f:b6:ea:38: 02:e8:c4:c5:9b:93:be:84:e3:08:5c:ba:e9:35:36: ee:ab:76:97:15:0f:d5:ed:4c:54:39:9f:93:50:c6: de:b3:5a:b0:cc:1f:78:de:5a:87:26:d1:a1:05:62: 68:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:50:CD:34:D3:D7:AE:67:97:DD:D3:9D:9B:00:A7:E8:20:70:12:BE X509v3 Authority Key Identifier: keyid:89:A0:41:67:00:01:66:0A:37:20:B7:7D:76:4D:83:68:52:19:01:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaBBZwABZgo3ILd9dk2DaFIZATg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d4469a-13a8-472c-b46f-4bb414623a14/1/iaBBZwABZgo3ILd9dk2DaFIZATg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:7e:23:86:a1:e1:e4:3e:92:f4:df:13:c5:f3:e5:f3:a0:a0: 26:f9:10:07:23:95:44:2c:30:58:52:ac:08:8d:e5:22:70:75: 9a:45:a0:a0:5e:43:34:16:f0:45:32:98:c9:d0:f0:0a:27:ff: 06:28:7e:b7:d2:0e:d5:01:1b:2b:90:ca:c5:28:06:b8:3b:8c: 92:57:3c:21:24:9b:26:6f:4a:aa:9f:98:9f:05:5e:4a:e1:47: 5d:f5:38:5a:5d:8e:c3:af:11:5a:5c:5d:b7:e4:a9:a2:b3:90: ba:e7:d4:4b:f4:a1:25:2f:20:94:ff:5d:bd:0e:1d:f1:6d:b1: 49:bc:f9:d4:78:42:02:a2:87:6e:75:27:45:e4:e6:f8:d6:1f: 2e:31:98:56:7e:69:54:0f:29:53:ee:53:08:d4:df:cd:dc:71: 20:f1:f8:14:13:f9:8a:d6:5b:f6:f8:d7:14:28:9d:60:53:3f: 9a:0f:e1:89:0e:28:ff:4b:43:d1:e0:1a:0d:d5:f7:bf:35:61: 63:b2:07:fb:d1:38:65:ba:e3:fa:e5:bf:53:a9:e7:0c:0c:3e: 5d:85:34:80:b8:d0:db:f5:af:02:c4:a6:03:33:d6:5d:46:08: 4a:9b:25:48:b1:9c:0a:38:8d:a6:1c:5a:56:18:15:72:a2:43: 35:20:a4:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQCbHwOwGdk76Jd6F72/xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YTA0MTY3MDAwMTY2MGEzNzIwYjc3ZDc2NGQ4MzY4NTIx OTAxMzgwHhcNMjUxMjA2MDYwMTIxWhcNMjUxMjA3MDYwMTIxWjAzMTEwLwYDVQQD EyhmZDUwY2QzNGQzZDdhZTY3OTdkZGQzOWQ5YjAwYTdlODIwNzAxMmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pI1ONQPtqGTmPRaReWwuJ4ETsHy xqpxTibY8Ufk/rCGMV05WygSljpAPFVYH/ZEpynfsVc04sQWPT6bMhK1E6ytAz+i 8mMROqJZ1icBym8aMrttxPepbq8izsBRdxWJRIYoLuMkKww9o7gUlL1ULTNTHvxL 4Xis5VTdALC8psPHhgjpzGqxn/LSrvcelIr4xOXAfqtPGznqV2N4b4hqVVr8Auwl AEC9Z27D8EIj8U3GMd9e/lcwBjlS+1ryT042X+wRaLceKpL/oLoobA+26jgC6MTF m5O+hOMIXLrpNTbuq3aXFQ/V7UxUOZ+TUMbes1qwzB943lqHJtGhBWJo4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP1QzTTT165nl93TnZsAp+ggcBK+MB8GA1UdIwQY MBaAFImgQWcAAWYKNyC3fXZNg2hSGQE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYt NGJiNDE0NjIzYTE0LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9kNDQ2OWEtMTNhOC00NzJjLWI0NmYtNGJiNDE0NjIzYTE0 LzEvaWFCQlp3QUJaZ28zSUxkOWRrMkRhRklaQVRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMH4jhqHh 5D6S9N8TxfPl86CgJvkQByOVRCwwWFKsCI3lInB1mkWgoF5DNBbwRTKYydDwCif/ Bih+t9IO1QEbK5DKxSgGuDuMklc8ISSbJm9Kqp+YnwVeSuFHXfU4Wl2Ow68RWlxd t+SporOQuufUS/ShJS8glP9dvQ4d8W2xSbz51HhCAqKHbnUnReTm+NYfLjGYVn5p VA8pU+5TCNTfzdxxIPH4FBP5itZb9vjXFCidYFM/mg/hiQ4o/0tD0eAaDdX3vzVh Y7IH+9E4Zbrj+uW/U6nnDAw+XYU0gLjQ2/WvAsSmAzPWXUYISpslSLGcCjiNphxa VhgVcqJDNSCkIQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:59:53 2025 by rpki-client