This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft File: I6IOrOflZNlFaAhkd3q-nCu41NY.mft (raw, json) Hash identifier: JajGdBMNI2cS/D5ynPd0h2EAVFSWLHjIPDTWN5JXCpk= Subject key identifier: F7:1D:88:5E:0E:DB:FD:96:90:07:D7:34:9A:FC:C0:54:16:AE:85:67 Authority key identifier: 23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6 Certificate issuer: /CN=23a20eace7e564d945680864777abe9c2bb8d4d6 Certificate serial: 019AF19AB5A2F7A2E5B81C57CC58A6029FFE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft Manifest number: 01AF Signing time: Sat 06 Dec 2025 03:00:39 +0000 Manifest this update: Sat 06 Dec 2025 03:00:39 +0000 Manifest next update: Sun 07 Dec 2025 03:00:39 +0000 Files and hashes: 1: I6IOrOflZNlFaAhkd3q-nCu41NY.crl (hash: Al4CZTY4k0m3wrpCVgGe4b4dDYGzXfdXixsw67LH8Oo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:b5:a2:f7:a2:e5:b8:1c:57:cc:58:a6:02:9f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23a20eace7e564d945680864777abe9c2bb8d4d6 Validity Not Before: Dec 6 03:00:39 2025 GMT Not After : Dec 7 03:00:39 2025 GMT Subject: CN=f71d885e0edbfd969007d7349afcc05416ae8567 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a6:2d:d0:89:84:e1:87:ca:a6:4f:90:fd:61: 58:f3:00:e8:09:d9:1f:a4:58:57:b8:3c:fd:74:bf: c1:68:ee:f1:04:5d:38:d3:71:b1:47:b5:00:5b:da: 76:16:a1:5a:40:45:41:58:ac:83:d9:8a:ff:67:65: df:11:a0:cb:f8:72:5d:ee:bc:81:30:44:f0:29:bf: 2f:8d:62:1a:4e:47:9b:c0:17:4d:68:8b:c2:2d:9d: 92:35:41:d2:4c:f2:b8:6f:7f:0b:95:62:ca:9e:95: 96:29:a2:fe:db:21:11:b5:ac:86:30:8d:e9:e5:92: b6:ff:43:7f:79:55:42:71:23:d3:c6:a4:02:a2:2a: d0:67:92:de:ce:40:f2:e0:96:c0:c5:21:4b:4b:06: f3:3a:9d:76:3e:8f:4f:2d:1b:a1:8d:cb:49:d4:4a: 95:bb:05:43:b7:4d:bd:33:d3:ee:56:db:f8:26:fb: 5d:08:ea:1e:41:51:ac:02:3b:8d:30:7d:1e:dd:14: f1:86:01:a8:2d:cc:a2:46:c4:10:1c:2b:a4:56:54: 87:60:47:ad:b6:5a:9b:39:67:b1:c1:0d:80:20:3c: 0a:c6:13:cf:03:76:04:cf:0b:46:92:d8:f5:1c:77: af:d3:e9:e3:31:c1:db:60:20:c1:d9:25:06:70:71: db:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:1D:88:5E:0E:DB:FD:96:90:07:D7:34:9A:FC:C0:54:16:AE:85:67 X509v3 Authority Key Identifier: keyid:23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:f9:a3:c8:d5:fa:98:e0:57:bd:22:05:b5:d9:6a:2c:6d:9b: f9:d4:30:d0:47:44:2c:e9:20:74:38:de:6c:97:68:f7:29:48: 85:ba:84:d3:e5:e2:63:30:2f:d9:40:b4:cb:99:fa:6f:00:f5: c3:58:0f:3d:58:ad:f4:80:0b:9c:0b:d0:9c:2e:a7:2d:88:c5: 51:23:e1:c4:43:6f:bf:f5:ad:2f:a5:6a:2f:79:98:58:b1:73: 38:a9:5b:01:c8:84:cd:f1:44:8f:8e:35:33:79:0d:8b:90:c8: a2:ac:8e:c3:12:03:48:d3:ab:bb:d8:b6:32:45:5a:ca:a9:9f: 48:19:1f:b7:ec:1d:b6:c5:6f:7b:db:be:1b:8a:04:3d:2b:39: 31:d8:d1:e2:1a:27:95:de:f8:92:ac:a2:4e:a4:05:aa:ba:16: 86:08:e4:5f:dc:dc:17:6d:40:8c:e7:6c:75:38:de:1e:a7:08: e2:29:ce:3d:a1:b7:e2:e4:74:7f:f1:b3:80:07:6c:7d:77:f7: ae:61:86:c1:9f:85:d7:38:51:90:c5:1e:f6:3d:91:fe:07:a1: 09:22:08:43:04:55:34:13:97:39:8a:b6:d3:f7:a1:d8:eb:98: f1:8d:c8:6e:ee:63:9b:ee:25:cd:b3:af:6b:88:bf:cf:d0:e8: 5c:dc:7d:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmrWi96LluBxXzFimAp/+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzYTIwZWFjZTdlNTY0ZDk0NTY4MDg2NDc3N2FiZTljMmJi OGQ0ZDYwHhcNMjUxMjA2MDMwMDM5WhcNMjUxMjA3MDMwMDM5WjAzMTEwLwYDVQQD EyhmNzFkODg1ZTBlZGJmZDk2OTAwN2Q3MzQ5YWZjYzA1NDE2YWU4NTY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKYt0ImE4YfKpk+Q/WFY8wDoCdkf pFhXuDz9dL/BaO7xBF0403GxR7UAW9p2FqFaQEVBWKyD2Yr/Z2XfEaDL+HJd7ryB METwKb8vjWIaTkebwBdNaIvCLZ2SNUHSTPK4b38LlWLKnpWWKaL+2yERtayGMI3p 5ZK2/0N/eVVCcSPTxqQCoirQZ5LezkDy4JbAxSFLSwbzOp12Po9PLRuhjctJ1EqV uwVDt029M9PuVtv4JvtdCOoeQVGsAjuNMH0e3RTxhgGoLcyiRsQQHCukVlSHYEet tlqbOWexwQ2AIDwKxhPPA3YEzwtGktj1HHev0+njMcHbYCDB2SUGcHHb3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPcdiF4O2/2WkAfXNJr8wFQWroVnMB8GA1UdIwQY MBaAFCOiDqzn5WTZRWgIZHd6vpwruNTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYt NzVlMGQ0Nzk3NTNmLzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYtNzVlMGQ0Nzk3NTNm LzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK/mjyNX6 mOBXvSIFtdlqLG2b+dQw0EdELOkgdDjebJdo9ylIhbqE0+XiYzAv2UC0y5n6bwD1 w1gPPVit9IALnAvQnC6nLYjFUSPhxENvv/WtL6VqL3mYWLFzOKlbAciEzfFEj441 M3kNi5DIoqyOwxIDSNOru9i2MkVayqmfSBkft+wdtsVve9u+G4oEPSs5MdjR4hon ld74kqyiTqQFqroWhgjkX9zcF21AjOdsdTjeHqcI4inOPaG34uR0f/GzgAdsfXf3 rmGGwZ+F1zhRkMUe9j2R/gehCSIIQwRVNBOXOYq20/eh2OuY8Y3Ibu5jm+4lzbOv a4i/z9DoXNx9Cg== -----END CERTIFICATE-----Generated at Sat Dec 6 11:35:26 2025 by rpki-client