This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft File: IbgvyO2I-ZyrV9doAxdusnqfC_o.mft (raw, json) Hash identifier: MQZRz0qjg3VEUrvKLEf3Ok8WT/x2MgFzqRUtJ1MQh5A= Subject key identifier: D2:77:A7:47:A1:EF:07:0B:6C:6A:CD:B6:2A:F5:2D:EA:2A:DC:7B:8A Authority key identifier: 21:B8:2F:C8:ED:88:F9:9C:AB:57:D7:68:03:17:6E:B2:7A:9F:0B:FA Certificate issuer: /CN=21b82fc8ed88f99cab57d76803176eb27a9f0bfa Certificate serial: 019AF31B2C47FE21BF80E648668B79B9FA2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft Manifest number: 0EEE Signing time: Sat 06 Dec 2025 10:00:35 +0000 Manifest this update: Sat 06 Dec 2025 10:00:35 +0000 Manifest next update: Sun 07 Dec 2025 10:00:35 +0000 Files and hashes: 1: IbgvyO2I-ZyrV9doAxdusnqfC_o.crl (hash: OD4K7SK6CbyMLVuqi14VZSOBCAajnAnzhW56P+5zeL0=) 2: ItUhScrgPwKkKUyhqEMMP6UQG5o.roa (hash: gmpeHaOEVGgSYmwc/n6Xey1Y6I6lJR2qqLtWqmrTzmc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:2c:47:fe:21:bf:80:e6:48:66:8b:79:b9:fa:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21b82fc8ed88f99cab57d76803176eb27a9f0bfa Validity Not Before: Dec 6 10:00:35 2025 GMT Not After : Dec 7 10:00:35 2025 GMT Subject: CN=d277a747a1ef070b6c6acdb62af52dea2adc7b8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a8:bc:cb:f7:26:dc:02:b7:9d:9c:71:5e:6f: 2a:ad:52:3d:16:15:28:db:00:94:7b:4d:fc:57:52: e1:e0:27:c2:c9:28:60:c7:e7:46:4d:20:57:3a:af: b8:80:11:11:62:1e:9f:03:e2:81:b1:eb:a3:8e:9f: 2b:53:be:b1:d4:d5:40:85:79:b8:99:96:c8:42:1c: 27:c6:1d:ad:3a:7e:11:ba:be:43:f3:2a:b3:5c:d0: 61:81:6c:96:c7:f1:df:87:a7:3c:d6:1e:41:e4:03: 1f:a9:a9:33:89:3f:b2:9f:e5:df:46:4f:bc:1c:40: 23:e2:ea:85:ff:58:c5:61:5e:60:e1:25:e5:56:16: 0f:69:d6:65:80:50:51:3a:cc:09:19:47:c5:fa:b5: 62:68:8f:68:2c:1f:a8:d3:1b:90:05:ff:1e:53:8a: 40:be:6d:11:7d:6e:ff:dc:06:51:9a:f9:52:73:fe: d8:a2:c5:47:fc:c8:b7:6c:19:68:78:16:4c:36:41: ad:bd:43:e0:d8:1c:6c:c0:ed:f8:32:94:7b:95:49: 06:db:a1:40:0d:c8:1a:66:fb:ad:44:dc:37:44:00: fa:86:f7:2b:46:4b:d3:70:d5:87:1e:45:24:f2:72: 23:26:a3:87:31:e9:fc:04:37:9a:9c:e6:dd:d3:e8: 1f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:77:A7:47:A1:EF:07:0B:6C:6A:CD:B6:2A:F5:2D:EA:2A:DC:7B:8A X509v3 Authority Key Identifier: keyid:21:B8:2F:C8:ED:88:F9:9C:AB:57:D7:68:03:17:6E:B2:7A:9F:0B:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbgvyO2I-ZyrV9doAxdusnqfC_o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ab65f6-31be-4149-a6e3-ae5fa53b93b2/1/IbgvyO2I-ZyrV9doAxdusnqfC_o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:bd:31:d1:51:bd:17:fe:11:7d:47:bb:37:6a:7e:33:41:60: 72:24:57:06:02:ce:b1:28:7d:c0:01:ce:3b:42:26:e3:50:a0: ed:5a:37:9d:98:9a:96:5d:f7:b0:4d:3e:04:f4:bb:19:a7:00: 31:ff:89:95:cf:4b:bb:40:c4:66:55:b0:cf:e8:6f:ce:76:c2: 9e:0f:72:89:f8:e5:d1:7f:6d:a9:12:8e:91:cf:79:a8:a2:e7: ce:07:01:6a:4d:7f:6a:0f:1a:0c:42:ba:38:3d:12:e1:42:6b: 4c:c9:fa:a6:20:44:ff:fe:38:f2:a0:8a:d9:56:7f:6c:94:8d: b2:cc:84:62:17:1c:7b:7f:49:4e:52:d9:bd:39:89:b2:4b:dc: c7:8b:13:80:db:2b:9a:52:9f:9d:f0:9e:0f:ce:41:7f:0c:35: 93:b8:06:6d:17:4e:a3:79:1e:5f:89:95:d7:49:5f:ac:fb:41: af:28:bc:8d:b1:28:6f:70:bb:f8:f4:9f:a0:ed:52:5d:61:c0: 9a:bc:50:84:58:19:2a:24:90:54:5f:4e:c9:69:a5:4a:84:a2: d7:69:e8:de:f2:9b:b9:db:1c:1e:72:25:e0:2b:b6:7d:bc:f0: 43:1e:cb:01:11:65:6a:89:31:cb:36:01:32:78:c8:7a:40:e5: 48:25:6c:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGyxH/iG/gOZIZot5ufouMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxYjgyZmM4ZWQ4OGY5OWNhYjU3ZDc2ODAzMTc2ZWIyN2E5 ZjBiZmEwHhcNMjUxMjA2MTAwMDM1WhcNMjUxMjA3MTAwMDM1WjAzMTEwLwYDVQQD EyhkMjc3YTc0N2ExZWYwNzBiNmM2YWNkYjYyYWY1MmRlYTJhZGM3YjhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuai8y/cm3AK3nZxxXm8qrVI9FhUo 2wCUe038V1Lh4CfCyShgx+dGTSBXOq+4gBERYh6fA+KBseujjp8rU76x1NVAhXm4 mZbIQhwnxh2tOn4Rur5D8yqzXNBhgWyWx/Hfh6c81h5B5AMfqakziT+yn+XfRk+8 HEAj4uqF/1jFYV5g4SXlVhYPadZlgFBROswJGUfF+rViaI9oLB+o0xuQBf8eU4pA vm0RfW7/3AZRmvlSc/7YosVH/Mi3bBloeBZMNkGtvUPg2BxswO34MpR7lUkG26FA DcgaZvutRNw3RAD6hvcrRkvTcNWHHkUk8nIjJqOHMen8BDeanObd0+gfFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNJ3p0eh7wcLbGrNtir1Leoq3HuKMB8GA1UdIwQY MBaAFCG4L8jtiPmcq1fXaAMXbrJ6nwv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hYjY1ZjYtMzFiZS00MTQ5LWE2ZTMt YWU1ZmE1M2I5M2IyLzEvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS9hYjY1ZjYtMzFiZS00MTQ5LWE2ZTMtYWU1ZmE1M2I5M2Iy LzEvSWJndnlPMkktWnlyVjlkb0F4ZHVzbnFmQ19vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXb0x0VG9 F/4RfUe7N2p+M0FgciRXBgLOsSh9wAHOO0Im41Cg7Vo3nZiall33sE0+BPS7GacA Mf+Jlc9Lu0DEZlWwz+hvznbCng9yifjl0X9tqRKOkc95qKLnzgcBak1/ag8aDEK6 OD0S4UJrTMn6piBE//448qCK2VZ/bJSNssyEYhcce39JTlLZvTmJskvcx4sTgNsr mlKfnfCeD85Bfww1k7gGbRdOo3keX4mV10lfrPtBryi8jbEob3C7+PSfoO1SXWHA mrxQhFgZKiSQVF9OyWmlSoSi12no3vKbudscHnIl4Cu2fbzwQx7LARFlaokxyzYB MnjIekDlSCVseA== -----END CERTIFICATE-----Generated at Sat Dec 6 17:51:48 2025 by rpki-client