This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft File: IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json) Hash identifier: MSe90FEL8XJFjUym+MvcUHtqlK7kllPTbpRgQNbDNYo= Subject key identifier: F8:3B:E4:64:E5:65:8A:DA:49:A6:6B:06:DD:FF:9E:9C:C6:FE:69:16 Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08 Certificate issuer: /CN=204050cc59536f2d9407692823890ccdda854508 Certificate serial: 019AF50B67779F511B19E436EB3DB7ED7533 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft Manifest number: 0572 Signing time: Sat 06 Dec 2025 19:02:36 +0000 Manifest this update: Sat 06 Dec 2025 19:02:36 +0000 Manifest next update: Sun 07 Dec 2025 19:02:36 +0000 Files and hashes: 1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: IgaKuzkGsdPzXL/PMRaIypAiZPei3zLA/Z6nDRGnFr8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:67:77:9f:51:1b:19:e4:36:eb:3d:b7:ed:75:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=204050cc59536f2d9407692823890ccdda854508 Validity Not Before: Dec 6 19:02:36 2025 GMT Not After : Dec 7 19:02:36 2025 GMT Subject: CN=f83be464e5658ada49a66b06ddff9e9cc6fe6916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:58:e8:98:93:44:74:cb:59:f6:66:26:b1:f3: 6c:11:c1:cd:61:d2:4c:f5:e1:7b:e5:c9:9d:8a:50: e1:ff:eb:c5:ef:04:3b:70:2f:eb:21:96:6a:a0:61: 3b:3a:90:15:38:3c:28:26:3a:71:90:0e:5e:19:f9: 1b:d9:f5:0a:f7:a5:09:fd:f7:f4:77:ee:9e:55:3a: 0c:fb:90:71:f4:00:4c:92:b3:9d:18:30:ed:13:63: 5c:94:9f:f7:88:ac:6d:d8:7b:22:64:d2:9f:f7:40: ee:46:3a:39:a9:87:ee:9f:0e:61:e7:50:2b:09:cb: 30:a0:58:1b:3d:f8:97:5d:de:ea:34:18:95:61:5b: d1:38:68:9d:b9:3f:b1:40:0e:e7:35:f5:e6:8d:6e: 61:df:42:85:06:39:1d:2e:e0:a8:53:53:1c:db:8c: 35:a4:3e:17:74:03:46:50:bb:d3:c0:1f:54:1d:20: 8c:16:c4:11:18:27:28:88:26:9d:a8:22:a2:74:72: c0:cb:08:67:05:89:5e:e9:97:19:bc:d3:9a:31:f9: ff:b2:df:47:12:bc:07:41:f6:60:0b:e9:d1:a8:b1: 56:5c:8b:fd:09:f9:02:92:0b:43:df:2c:06:f8:de: fc:f1:b2:ba:b1:57:d9:f7:b5:95:11:10:8d:31:6b: 99:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:3B:E4:64:E5:65:8A:DA:49:A6:6B:06:DD:FF:9E:9C:C6:FE:69:16 X509v3 Authority Key Identifier: keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:60:6b:b5:e1:6a:08:40:5b:da:13:f5:d7:c1:6d:f0:7c:8a: 4c:9c:25:c0:1e:90:3f:32:b6:31:a3:c8:e0:54:46:a0:4b:fe: 23:5f:b4:76:75:cd:54:d9:47:93:14:31:66:74:ee:73:81:85: 3f:2a:12:35:6f:41:f3:74:2e:c7:a5:74:94:f5:28:f9:45:9c: fb:d6:f5:e5:11:63:3c:fb:e7:c5:66:c2:b8:b7:b4:2e:a7:af: 1a:ce:37:d3:82:f6:c8:17:e4:6b:21:26:22:eb:aa:72:4a:f0: 11:d4:e4:1d:a3:f2:91:48:b5:f3:17:5a:ac:ed:8d:38:16:d9: a2:57:b9:86:6f:05:95:4c:29:96:a2:eb:e3:f8:72:da:29:bb: 52:ff:96:c6:3c:ee:57:3e:18:99:ae:a4:04:5f:f2:ff:44:dd: 69:53:9f:a8:3d:ca:45:6b:ec:2e:e0:a4:87:79:80:4b:23:4a: ce:14:ae:52:58:a8:50:44:e0:6f:ca:ec:8a:8c:3c:72:14:60: da:0b:a5:8a:10:4f:50:9a:2f:b0:5e:b6:02:d0:b1:ac:58:28: 6f:c4:74:52:31:5a:e8:fd:b2:00:e4:bf:24:69:02:b0:b3:c3: 09:1b:b0:a6:d2:63:8d:ff:0a:7c:b7:38:4a:b8:47:cd:25:64: d3:bd:d2:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C2d3n1EbGeQ26z237XUzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4 NTQ1MDgwHhcNMjUxMjA2MTkwMjM2WhcNMjUxMjA3MTkwMjM2WjAzMTEwLwYDVQQD EyhmODNiZTQ2NGU1NjU4YWRhNDlhNjZiMDZkZGZmOWU5Y2M2ZmU2OTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVjomJNEdMtZ9mYmsfNsEcHNYdJM 9eF75cmdilDh/+vF7wQ7cC/rIZZqoGE7OpAVODwoJjpxkA5eGfkb2fUK96UJ/ff0 d+6eVToM+5Bx9ABMkrOdGDDtE2NclJ/3iKxt2HsiZNKf90DuRjo5qYfunw5h51Ar CcswoFgbPfiXXd7qNBiVYVvROGiduT+xQA7nNfXmjW5h30KFBjkdLuCoU1Mc24w1 pD4XdANGULvTwB9UHSCMFsQRGCcoiCadqCKidHLAywhnBYle6ZcZvNOaMfn/st9H ErwHQfZgC+nRqLFWXIv9CfkCkgtD3ywG+N788bK6sVfZ97WVERCNMWuZjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPg75GTlZYraSaZrBt3/npzG/mkWMB8GA1UdIwQY MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe2BrteFq CEBb2hP118Ft8HyKTJwlwB6QPzK2MaPI4FRGoEv+I1+0dnXNVNlHkxQxZnTuc4GF PyoSNW9B83Qux6V0lPUo+UWc+9b15RFjPPvnxWbCuLe0LqevGs4304L2yBfkayEm IuuqckrwEdTkHaPykUi18xdarO2NOBbZole5hm8FlUwplqLr4/hy2im7Uv+Wxjzu Vz4Yma6kBF/y/0TdaVOfqD3KRWvsLuCkh3mASyNKzhSuUlioUETgb8rsiow8chRg 2gulihBPUJovsF62AtCxrFgob8R0UjFa6P2yAOS/JGkCsLPDCRuwptJjjf8KfLc4 SrhHzSVk073StQ== -----END CERTIFICATE-----Generated at Sun Dec 7 03:55:35 2025 by rpki-client