This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft File: I9FK_odQITwoDltovvsYhm95SX8.mft (raw, json) Hash identifier: 71XvNUcAsCp7Jim1WOW57kbMxN6ceUjVkxPo7vxQGlE= Subject key identifier: 14:D2:87:96:9B:B9:B7:05:A3:82:32:08:88:B0:57:C3:2B:18:3A:BB Authority key identifier: 23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F Certificate issuer: /CN=23d14afe8750213c280e5b68befb18866f79497f Certificate serial: 019AF12E19C66CF1E939E7A4D6C96AA14D17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft Manifest number: 03E2 Signing time: Sat 06 Dec 2025 01:02:01 +0000 Manifest this update: Sat 06 Dec 2025 01:02:01 +0000 Manifest next update: Sun 07 Dec 2025 01:02:01 +0000 Files and hashes: 1: I9FK_odQITwoDltovvsYhm95SX8.crl (hash: JbBuBXInj3A+4QBH/OuyxhBIDolZw5TKI/2jFxnFFPA=) 2: bfd_WpvacXpVJP__dq6vej5IyyY.roa (hash: /B+pNt8vIwVV5x8COrKPeKukz7hh0c0T1g3kvtIg6Z0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:19:c6:6c:f1:e9:39:e7:a4:d6:c9:6a:a1:4d:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23d14afe8750213c280e5b68befb18866f79497f Validity Not Before: Dec 6 01:02:01 2025 GMT Not After : Dec 7 01:02:01 2025 GMT Subject: CN=14d287969bb9b705a382320888b057c32b183abb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:92:c4:8b:4f:0c:f1:9d:f5:bd:a7:73:39:dc: 2d:2c:3f:cf:94:7a:c3:cc:bb:8f:42:4a:e6:9f:b8: a3:33:41:49:11:f9:a6:5e:cc:3f:8c:9c:05:1b:70: 20:86:33:8c:5c:de:89:33:f7:ae:2b:94:6d:ae:c0: 7a:31:c7:89:a3:08:09:ce:c7:ce:eb:ac:f2:6c:58: c9:f5:65:ce:1d:59:f7:15:f8:1a:99:9b:58:94:05: e8:08:ca:2b:97:12:9c:f5:4e:a7:d2:f0:5b:85:50: 38:11:c0:32:e3:a4:36:e1:83:6d:e0:1e:a1:5c:35: f4:78:b7:cc:74:92:98:d6:96:71:42:2f:70:50:dd: 5b:d6:69:5f:76:ce:ad:4f:39:13:bb:7f:38:e0:17: e2:e1:bd:0c:68:63:c4:5e:7d:29:9f:0c:91:50:93: fd:07:d2:3b:7d:a5:87:dd:3d:0d:7e:8d:77:20:04: a8:cf:7d:59:69:44:f9:cc:7a:60:1e:95:a5:e3:d0: 23:cb:ed:a6:ed:23:11:89:0a:dd:a2:5b:bf:16:53: 18:12:47:d2:ac:f9:ec:20:2a:57:1c:ea:6a:9a:b8: 24:2d:71:2b:53:0d:fd:48:52:b8:66:18:d3:0d:07: d1:f0:aa:81:05:f6:5e:ea:38:81:39:e3:bb:04:1a: 91:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:D2:87:96:9B:B9:B7:05:A3:82:32:08:88:B0:57:C3:2B:18:3A:BB X509v3 Authority Key Identifier: keyid:23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:3e:73:a7:71:25:94:eb:17:f5:32:f5:dd:c7:bb:92:c8:e2: 70:23:19:ff:4e:6c:45:59:01:cd:4e:bc:68:a5:1c:be:63:95: a7:9b:67:42:fb:c5:b1:fd:05:4c:b2:cc:c5:54:28:b3:63:52: 6c:4c:30:30:73:17:14:b0:ac:66:1b:66:af:7a:4d:1f:b1:9d: 70:67:77:dc:6f:af:5d:84:5e:d7:9e:f3:17:cb:80:ca:41:e1: c6:9c:b3:db:b4:1a:44:7e:28:27:98:94:81:28:38:0b:c6:1f: a9:91:a8:ae:f3:9e:8d:47:25:7f:9c:1c:de:8e:19:46:55:c4: 32:43:e4:9e:d9:b8:d5:e1:9a:05:b8:40:33:76:5c:4a:a3:e9: 7c:e1:42:a1:b4:cb:64:96:90:57:07:4f:cb:38:f3:36:78:7c: fc:a6:4d:c2:68:63:a8:3c:b5:db:c5:e0:21:1a:86:0d:bb:da: 19:a2:96:2c:8a:ac:c1:d2:59:8c:10:61:73:e8:47:c9:97:26: 24:e5:60:6b:f3:24:dc:bb:7e:09:15:96:4d:6f:5e:6f:32:58: 21:bd:fd:ae:8f:70:32:0a:d4:1b:69:50:c4:90:9c:97:c9:1e: 28:d6:00:1c:8a:38:ba:de:f2:17:46:f4:72:7c:49:86:83:46: 3d:de:fd:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLhnGbPHpOeek1slqoU0XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZDE0YWZlODc1MDIxM2MyODBlNWI2OGJlZmIxODg2NmY3 OTQ5N2YwHhcNMjUxMjA2MDEwMjAxWhcNMjUxMjA3MDEwMjAxWjAzMTEwLwYDVQQD EygxNGQyODc5NjliYjliNzA1YTM4MjMyMDg4OGIwNTdjMzJiMTgzYWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpLEi08M8Z31vadzOdwtLD/PlHrD zLuPQkrmn7ijM0FJEfmmXsw/jJwFG3AghjOMXN6JM/euK5RtrsB6MceJowgJzsfO 66zybFjJ9WXOHVn3FfgamZtYlAXoCMorlxKc9U6n0vBbhVA4EcAy46Q24YNt4B6h XDX0eLfMdJKY1pZxQi9wUN1b1mlfds6tTzkTu3844Bfi4b0MaGPEXn0pnwyRUJP9 B9I7faWH3T0Nfo13IASoz31ZaUT5zHpgHpWl49Ajy+2m7SMRiQrdolu/FlMYEkfS rPnsICpXHOpqmrgkLXErUw39SFK4ZhjTDQfR8KqBBfZe6jiBOeO7BBqR+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBTSh5abubcFo4IyCIiwV8MrGDq7MB8GA1UdIwQY MBaAFCPRSv6HUCE8KA5baL77GIZveUl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2Qt ODQ3MmNhNDBmN2E3LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2QtODQ3MmNhNDBmN2E3 LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARD5zp3El lOsX9TL13ce7ksjicCMZ/05sRVkBzU68aKUcvmOVp5tnQvvFsf0FTLLMxVQos2NS bEwwMHMXFLCsZhtmr3pNH7GdcGd33G+vXYRe157zF8uAykHhxpyz27QaRH4oJ5iU gSg4C8YfqZGorvOejUclf5wc3o4ZRlXEMkPkntm41eGaBbhAM3ZcSqPpfOFCobTL ZJaQVwdPyzjzNnh8/KZNwmhjqDy128XgIRqGDbvaGaKWLIqswdJZjBBhc+hHyZcm JOVga/Mk3Lt+CRWWTW9ebzJYIb39ro9wMgrUG2lQxJCcl8keKNYAHIo4ut7yF0b0 cnxJhoNGPd79RQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:07 2025 by rpki-client