This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.mft File: iDjoVrInLfF0ulpAqPx9XTAxyso.mft (raw, json) Hash identifier: 8M7ar6edvcHEQqqaHIa2aZxt9JRD5z2hCw0i4z8w20I= Subject key identifier: 74:D8:85:B0:CF:81:E2:AC:67:63:2B:18:B0:19:8C:FA:B4:EE:9E:81 Authority key identifier: 88:38:E8:56:B2:27:2D:F1:74:BA:5A:40:A8:FC:7D:5D:30:31:CA:CA Certificate issuer: /CN=8838e856b2272df174ba5a40a8fc7d5d3031caca Certificate serial: 019AF16471552AEC53CAC7AC2C4730351275 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.mft Manifest number: 10CA Signing time: Sat 06 Dec 2025 02:01:22 +0000 Manifest this update: Sat 06 Dec 2025 02:01:22 +0000 Manifest next update: Sun 07 Dec 2025 02:01:22 +0000 Files and hashes: 1: OZKug-HD4Xa2ZWdFBgCPcOgskwk.roa (hash: 3+egBPFrVIi/azwFyFARnF9adwzzIgSQuiDCKqIhA8c=) 2: iDjoVrInLfF0ulpAqPx9XTAxyso.crl (hash: yle7NTK5Y055eH6hTK9AIevZbCp9xkddJe326qfiPxE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.crl rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.mft rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:71:55:2a:ec:53:ca:c7:ac:2c:47:30:35:12:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8838e856b2272df174ba5a40a8fc7d5d3031caca Validity Not Before: Dec 6 02:01:22 2025 GMT Not After : Dec 7 02:01:22 2025 GMT Subject: CN=74d885b0cf81e2ac67632b18b0198cfab4ee9e81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:58:b7:d7:5f:db:72:2c:d4:f6:f1:60:51:c4: 2d:81:54:85:9b:14:90:25:08:bb:16:26:17:c6:c4: 51:26:9d:6f:06:88:0d:6e:71:89:67:f3:45:66:aa: e7:29:c5:70:1e:f6:35:bf:47:d3:91:74:fa:bb:f7: 9c:b5:60:2f:c9:c2:93:c2:3c:e4:5a:5c:f0:8e:f3: a9:ed:a7:28:7b:6e:e2:41:67:fb:7b:72:3c:53:4f: bb:b2:4a:7f:87:86:69:a7:08:98:0a:d9:7c:3d:1e: 6a:2d:4a:e5:6b:e9:b6:de:4c:19:22:91:71:26:12: 43:d0:1d:bb:00:02:8f:d6:d2:85:e0:b4:84:0d:4e: 08:34:28:f0:72:fc:c6:31:7c:82:f5:7d:69:ae:cd: c2:b7:22:d3:38:7d:4e:7c:c0:68:80:00:dc:38:c4: b1:16:f4:11:66:f5:c4:54:b0:44:19:b1:4c:18:a3: d6:5f:a2:cd:6d:7d:08:fd:70:d8:60:c3:1b:a4:14: cc:34:a7:d5:d8:2a:20:81:97:5d:13:a9:59:c3:e3: ea:7d:1d:2c:2f:de:49:0a:5d:d2:c6:aa:9b:a3:c8: 23:48:26:b0:6e:c3:9b:ed:82:ca:c2:c4:01:5d:95: 4c:eb:28:de:8c:e1:71:28:18:17:74:60:3a:71:56: 1f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:D8:85:B0:CF:81:E2:AC:67:63:2B:18:B0:19:8C:FA:B4:EE:9E:81 X509v3 Authority Key Identifier: keyid:88:38:E8:56:B2:27:2D:F1:74:BA:5A:40:A8:FC:7D:5D:30:31:CA:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:eb:ec:db:76:12:87:6c:98:6d:f3:e4:9c:33:f5:53:b4:e6: 6d:30:35:55:35:dc:cc:38:7e:6d:d7:70:10:ad:5e:0a:13:ad: 54:09:3b:b8:03:11:02:a0:22:83:07:6c:41:e8:18:7c:cb:e3: 77:fd:ae:79:d0:34:f2:09:c0:ec:5a:ec:76:c8:ef:a5:9e:f4: b5:0a:a0:79:31:ef:3b:89:1b:0b:65:b3:6b:b1:bc:97:35:3c: db:08:46:2b:06:e2:cd:21:90:ee:15:02:55:dd:eb:81:e0:61: 7e:03:90:5d:32:d5:65:43:7b:13:78:ab:6f:cb:e2:02:5a:a4: e1:48:58:9a:f2:0c:91:06:ee:32:ab:c1:ad:b2:51:00:37:ae: c6:ce:89:9e:fb:d9:04:e3:44:2c:fd:bb:55:e6:38:18:6c:f4: bd:af:75:41:f5:4b:7b:7b:cc:e0:b4:f9:0f:90:ca:42:f9:28: b8:41:ef:98:5f:28:5c:13:83:38:28:82:fb:96:e6:01:a5:3e: aa:fd:21:7e:70:3d:e8:28:60:96:d3:4d:14:68:32:be:d6:da: 3b:7d:f7:c3:54:2d:40:2f:14:72:df:fe:07:8b:1b:15:2b:62: 67:58:e6:42:f1:30:df:a8:d9:5c:2c:db:98:68:4c:d6:2c:50: 19:7b:4d:94 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZHFVKuxTysesLEcwNRJ1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MzhlODU2YjIyNzJkZjE3NGJhNWE0MGE4ZmM3ZDVkMzAz MWNhY2EwHhcNMjUxMjA2MDIwMTIyWhcNMjUxMjA3MDIwMTIyWjAzMTEwLwYDVQQD Eyg3NGQ4ODViMGNmODFlMmFjNjc2MzJiMThiMDE5OGNmYWI0ZWU5ZTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Fi311/bcizU9vFgUcQtgVSFmxSQ JQi7FiYXxsRRJp1vBogNbnGJZ/NFZqrnKcVwHvY1v0fTkXT6u/ectWAvycKTwjzk WlzwjvOp7acoe27iQWf7e3I8U0+7skp/h4ZppwiYCtl8PR5qLUrla+m23kwZIpFx JhJD0B27AAKP1tKF4LSEDU4INCjwcvzGMXyC9X1prs3CtyLTOH1OfMBogADcOMSx FvQRZvXEVLBEGbFMGKPWX6LNbX0I/XDYYMMbpBTMNKfV2CoggZddE6lZw+PqfR0s L95JCl3Sxqqbo8gjSCawbsOb7YLKwsQBXZVM6yjejOFxKBgXdGA6cVYfTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHTYhbDPgeKsZ2MrGLAZjPq07p6BMB8GA1UdIwQY MBaAFIg46FayJy3xdLpaQKj8fV0wMcrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaURqb1ZySW5MZkYwdWxwQXFQeDlYVEF4eXNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83ZGEzYTktMzRkZi00OGY4LThhMWIt MDc5ZTExMWVkYmY5LzEvaURqb1ZySW5MZkYwdWxwQXFQeDlYVEF4eXNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC83ZGEzYTktMzRkZi00OGY4LThhMWItMDc5ZTExMWVkYmY5 LzEvaURqb1ZySW5MZkYwdWxwQXFQeDlYVEF4eXNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABevs23YS h2yYbfPknDP1U7TmbTA1VTXczDh+bddwEK1eChOtVAk7uAMRAqAigwdsQegYfMvj d/2uedA08gnA7FrsdsjvpZ70tQqgeTHvO4kbC2Wza7G8lzU82whGKwbizSGQ7hUC Vd3rgeBhfgOQXTLVZUN7E3irb8viAlqk4UhYmvIMkQbuMqvBrbJRADeuxs6JnvvZ BONELP27VeY4GGz0va91QfVLe3vM4LT5D5DKQvkouEHvmF8oXBODOCiC+5bmAaU+ qv0hfnA96ChgltNNFGgyvtbaO333w1QtQC8Uct/+B4sbFStiZ1jmQvEw36jZXCzb mGhM1ixQGXtNlA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:59:27 2025 by rpki-client