This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft File: IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json) Hash identifier: /3fl9JN4bZ5Sf5hj0aLi7+JV086yWxbW0f5Px7hUvKA= Subject key identifier: 8C:44:18:CC:C0:48:9B:B8:55:F3:C2:C8:B8:65:6B:E9:75:DF:7E:A5 Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A Certificate issuer: /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a Certificate serial: 019AF12D18B9428A38E5495B8848685D3F06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft Manifest number: 0785 Signing time: Sat 06 Dec 2025 01:00:55 +0000 Manifest this update: Sat 06 Dec 2025 01:00:55 +0000 Manifest next update: Sun 07 Dec 2025 01:00:55 +0000 Files and hashes: 1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: 1PPLXHx2Neyes7E8Kf3JaZl0vMoqj0ixMpWrej5dOWs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:18:b9:42:8a:38:e5:49:5b:88:48:68:5d:3f:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a Validity Not Before: Dec 6 01:00:55 2025 GMT Not After : Dec 7 01:00:55 2025 GMT Subject: CN=8c4418ccc0489bb855f3c2c8b8656be975df7ea5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:c1:43:fa:0c:d3:60:83:4d:94:e5:da:ea:de: ef:01:92:15:48:a2:ef:80:ca:6c:15:46:8a:ef:3b: 45:08:5b:e7:21:fc:a9:5b:4e:74:a2:92:ea:2c:b9: 47:c9:8b:09:38:bc:9f:33:1b:37:37:57:26:09:2a: bb:b3:90:d5:0b:3d:b4:43:dd:da:1a:00:7b:dd:e7: 8c:52:6a:db:90:a8:1b:24:4c:38:7a:87:89:6b:d1: e0:90:b6:bf:a8:ea:be:97:fe:c4:97:aa:04:9c:e4: bb:5e:54:6a:46:61:42:4f:be:51:d0:3a:19:4f:cd: c4:3c:bc:2c:54:e2:a6:aa:af:bc:e3:e3:db:87:e2: 45:fb:42:72:df:1c:2e:eb:bb:a8:f2:30:f6:5e:c5: 62:c5:88:b2:02:ac:a7:53:70:93:a1:c0:bd:54:51: 2f:9d:fe:23:bf:95:90:05:c7:fc:12:92:ac:85:34: bf:92:cc:11:31:ce:ca:19:6c:c7:09:4c:71:01:fb: ee:ff:e6:a6:93:07:62:d4:42:61:b1:ef:64:d0:14: ca:aa:cd:a3:a6:e3:f2:1c:07:d9:02:86:4e:e0:30: c9:75:bf:fd:24:b9:13:48:2c:5e:03:97:11:7d:33: 7a:87:5d:1c:f5:6b:d9:6e:9e:ba:22:fb:1d:42:a4: 7c:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:44:18:CC:C0:48:9B:B8:55:F3:C2:C8:B8:65:6B:E9:75:DF:7E:A5 X509v3 Authority Key Identifier: keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:03:45:37:03:97:e9:c0:10:93:99:22:9b:f7:e9:40:dc:73: f0:7a:50:45:a2:01:f7:8f:f7:c1:02:91:b7:c9:e3:c1:68:a9: fa:45:1d:75:84:69:48:19:c1:00:39:64:af:7d:64:8c:51:1e: fd:d5:b0:92:72:1d:82:30:8c:95:29:6d:12:0e:9e:48:d4:5b: 40:83:eb:ca:e2:c6:5e:82:86:3b:d9:7a:fc:77:1b:49:21:fe: 26:0d:97:46:6e:b0:14:44:4c:70:a6:c1:ea:33:88:a3:d1:ca: a4:cd:f1:db:18:af:64:03:24:21:db:ca:02:9b:c4:e0:13:84: 31:e9:9e:b2:cd:34:56:1b:1f:87:78:0a:7a:f3:61:04:5f:8f: 30:3b:90:be:67:4f:5f:6f:4a:58:8f:b1:a0:07:d1:74:43:ff: 38:41:6e:89:d8:40:64:08:52:10:ff:4c:0a:22:d3:d0:ad:f2: e9:ac:7b:8f:02:43:65:e7:93:c5:cb:35:cb:75:3e:92:c3:a9: c2:c9:85:77:b9:eb:fa:ce:4a:ab:16:eb:ba:50:db:36:52:48: 0b:1b:5d:b8:fc:39:90:2c:5c:13:75:0e:a7:1c:d0:8c:be:80: 8d:fc:24:6d:57:1d:89:9b:07:5c:3f:09:66:5b:2e:cc:49:1c: 99:18:64:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLRi5Qoo45UlbiEhoXT8GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk OTZhNGEwHhcNMjUxMjA2MDEwMDU1WhcNMjUxMjA3MDEwMDU1WjAzMTEwLwYDVQQD Eyg4YzQ0MThjY2MwNDg5YmI4NTVmM2MyYzhiODY1NmJlOTc1ZGY3ZWE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsFD+gzTYINNlOXa6t7vAZIVSKLv gMpsFUaK7ztFCFvnIfypW050opLqLLlHyYsJOLyfMxs3N1cmCSq7s5DVCz20Q93a GgB73eeMUmrbkKgbJEw4eoeJa9HgkLa/qOq+l/7El6oEnOS7XlRqRmFCT75R0DoZ T83EPLwsVOKmqq+84+Pbh+JF+0Jy3xwu67uo8jD2XsVixYiyAqynU3CTocC9VFEv nf4jv5WQBcf8EpKshTS/kswRMc7KGWzHCUxxAfvu/+amkwdi1EJhse9k0BTKqs2j puPyHAfZAoZO4DDJdb/9JLkTSCxeA5cRfTN6h10c9WvZbp66IvsdQqR8JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIxEGMzASJu4VfPCyLhla+l1336lMB8GA1UdIwQY MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0 LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYgNFNwOX 6cAQk5kim/fpQNxz8HpQRaIB94/3wQKRt8njwWip+kUddYRpSBnBADlkr31kjFEe /dWwknIdgjCMlSltEg6eSNRbQIPryuLGXoKGO9l6/HcbSSH+Jg2XRm6wFERMcKbB 6jOIo9HKpM3x2xivZAMkIdvKApvE4BOEMemess00Vhsfh3gKevNhBF+PMDuQvmdP X29KWI+xoAfRdEP/OEFuidhAZAhSEP9MCiLT0K3y6ax7jwJDZeeTxcs1y3U+ksOp wsmFd7nr+s5KqxbrulDbNlJICxtduPw5kCxcE3UOpxzQjL6AjfwkbVcdiZsHXD8J ZlsuzEkcmRhkWg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:12:03 2025 by rpki-client