This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft File: IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json) Hash identifier: ES2wBB4Ys6/3FdfvNyRJ+XJ3pzcpB3EwF6rBfB+Meqc= Subject key identifier: 46:F1:89:47:11:30:05:EB:F7:80:3A:D0:9D:F4:63:B6:30:37:1F:DD Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2 Certificate issuer: /CN=22e8c1b40ee579c183796455f4092573d995a1d2 Certificate serial: 019AF12D75CF04A89509D127DA4C12376640 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft Manifest number: 0BC3 Signing time: Sat 06 Dec 2025 01:01:19 +0000 Manifest this update: Sat 06 Dec 2025 01:01:19 +0000 Manifest next update: Sun 07 Dec 2025 01:01:19 +0000 Files and hashes: 1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: csxdKr85a7+1rlS9tP2b1+PXp2CONvraHBmXNoxQgpI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:75:cf:04:a8:95:09:d1:27:da:4c:12:37:66:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2 Validity Not Before: Dec 6 01:01:19 2025 GMT Not After : Dec 7 01:01:19 2025 GMT Subject: CN=46f18947113005ebf7803ad09df463b630371fdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3e:89:55:fe:c3:d2:7d:4c:cd:4c:85:fe:9a: 65:bf:6f:94:b7:00:f3:71:02:eb:eb:41:20:8a:95: 45:24:18:41:19:37:9d:bc:b5:32:59:eb:dd:10:d3: 59:dd:4d:50:bf:77:5c:a3:0c:54:1d:32:75:93:7b: 31:7f:fb:d6:9a:57:bb:8b:96:46:5f:d9:58:c6:b8: 2e:67:56:ab:46:51:52:1c:7f:63:cd:e0:11:12:d6: 9a:24:d8:65:78:59:7e:61:da:48:c6:4d:6a:f6:34: f7:e2:e7:34:cf:1d:f9:90:4f:13:82:2f:bc:aa:de: 0c:17:80:72:78:99:02:80:52:c1:2b:de:f6:4b:7f: 85:3a:e9:d2:46:73:e2:cb:b8:31:e4:61:55:3f:4c: b8:e0:5e:e7:1c:40:93:9e:a8:89:ea:46:84:f3:f9: 3d:ae:fe:6a:28:9a:3d:9c:2a:56:3b:af:f5:e2:21: d8:71:f1:b3:16:b9:4f:15:e8:ac:0a:76:32:09:69: 34:6f:2d:17:d8:83:34:64:58:e9:7a:7b:73:e9:a1: 9a:44:17:66:68:59:55:8c:d0:fa:9e:45:dc:e6:ad: 49:87:83:a8:e6:df:53:71:36:9b:9b:77:2b:09:99: f5:01:9c:55:cf:ac:66:64:35:e5:2c:a1:0a:e8:7e: e6:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:F1:89:47:11:30:05:EB:F7:80:3A:D0:9D:F4:63:B6:30:37:1F:DD X509v3 Authority Key Identifier: keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:6c:67:b8:83:80:2b:27:ec:f3:05:18:40:06:6d:00:ef:3c: c9:d8:8c:b5:03:2f:9f:17:98:60:9b:17:ea:0d:67:af:a1:10: 5a:99:91:84:35:31:34:20:f8:6b:37:b1:69:18:1d:25:62:68: ed:15:e9:2d:6e:ae:fc:e5:a1:98:41:36:3b:f1:63:11:61:ef: 24:e5:93:1f:af:35:17:1e:0b:89:7d:43:ae:b9:7d:ca:a9:8a: bd:58:7d:76:fc:8e:b4:85:a7:7a:a0:c8:17:f0:93:3c:92:d7: cf:a8:1b:6c:8b:ae:8b:ee:fd:cb:38:71:09:b1:34:fd:4f:40: 7b:72:9e:77:4d:a8:b6:08:98:2e:8e:d8:f1:2e:9b:64:d1:5c: f8:84:4a:41:f7:c1:ef:c1:65:01:c8:2c:30:a9:1e:f0:b1:3d: c9:dd:b8:a4:11:76:f2:95:af:eb:c2:b8:e6:6d:c1:9e:e8:93: 82:eb:d0:48:7d:da:ee:88:7b:d3:c2:57:7a:d0:19:cf:41:86: b2:a9:97:8e:05:4c:da:19:17:f6:54:01:4f:41:44:d6:d9:ed: aa:13:1e:a5:70:e8:5f:30:b0:7e:61:be:7c:a8:ac:46:3d:b5: 0a:7b:43:bb:2f:0d:aa:4b:51:4b:d7:eb:1e:3c:93:db:9e:0b: a4:93:ee:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLXXPBKiVCdEn2kwSN2ZAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5 NWExZDIwHhcNMjUxMjA2MDEwMTE5WhcNMjUxMjA3MDEwMTE5WjAzMTEwLwYDVQQD Eyg0NmYxODk0NzExMzAwNWViZjc4MDNhZDA5ZGY0NjNiNjMwMzcxZmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT6JVf7D0n1MzUyF/pplv2+UtwDz cQLr60EgipVFJBhBGTedvLUyWevdENNZ3U1Qv3dcowxUHTJ1k3sxf/vWmle7i5ZG X9lYxrguZ1arRlFSHH9jzeAREtaaJNhleFl+YdpIxk1q9jT34uc0zx35kE8Tgi+8 qt4MF4ByeJkCgFLBK972S3+FOunSRnPiy7gx5GFVP0y44F7nHECTnqiJ6kaE8/k9 rv5qKJo9nCpWO6/14iHYcfGzFrlPFeisCnYyCWk0by0X2IM0ZFjpentz6aGaRBdm aFlVjND6nkXc5q1Jh4Oo5t9TcTabm3crCZn1AZxVz6xmZDXlLKEK6H7mcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEbxiUcRMAXr94A60J30Y7YwNx/dMB8GA1UdIwQY MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmxnuIOA Kyfs8wUYQAZtAO88ydiMtQMvnxeYYJsX6g1nr6EQWpmRhDUxNCD4azexaRgdJWJo 7RXpLW6u/OWhmEE2O/FjEWHvJOWTH681Fx4LiX1Drrl9yqmKvVh9dvyOtIWneqDI F/CTPJLXz6gbbIuui+79yzhxCbE0/U9Ae3Ked02otgiYLo7Y8S6bZNFc+IRKQffB 78FlAcgsMKke8LE9yd24pBF28pWv68K45m3BnuiTguvQSH3a7oh708JXetAZz0GG sqmXjgVM2hkX9lQBT0FE1tntqhMepXDoXzCwfmG+fKisRj21CntDuy8NqktRS9fr HjyT254LpJPuCw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:24:53 2025 by rpki-client