This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft File: IaqfF_jMpH37krSQLSwrMgPb7aY.mft (raw, json) Hash identifier: kkKXqjHnnShrS6Smi+MoF+n4I2o39nMYI4j+J0btrQ8= Subject key identifier: 79:C5:51:FE:6A:E7:06:84:FB:19:1B:DB:A1:6E:06:7A:C1:B9:3A:0F Authority key identifier: 21:AA:9F:17:F8:CC:A4:7D:FB:92:B4:90:2D:2C:2B:32:03:DB:ED:A6 Certificate issuer: /CN=21aa9f17f8cca47dfb92b4902d2c2b3203dbeda6 Certificate serial: 019AF31B9C3B0C0992049BB2C47AD6FBD981 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaqfF_jMpH37krSQLSwrMgPb7aY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft Manifest number: 07FE Signing time: Sat 06 Dec 2025 10:01:04 +0000 Manifest this update: Sat 06 Dec 2025 10:01:04 +0000 Manifest next update: Sun 07 Dec 2025 10:01:04 +0000 Files and hashes: 1: IaqfF_jMpH37krSQLSwrMgPb7aY.crl (hash: fzPcHmOAdPSfHyYaxqJs08Hv9Wgqkd0QfBBnHWaNObk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.crl rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft rsync://rpki.ripe.net/repository/DEFAULT/IaqfF_jMpH37krSQLSwrMgPb7aY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:9c:3b:0c:09:92:04:9b:b2:c4:7a:d6:fb:d9:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21aa9f17f8cca47dfb92b4902d2c2b3203dbeda6 Validity Not Before: Dec 6 10:01:04 2025 GMT Not After : Dec 7 10:01:04 2025 GMT Subject: CN=79c551fe6ae70684fb191bdba16e067ac1b93a0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:24:bf:ca:2a:65:7b:e4:0d:13:69:86:66:6d: a9:40:b5:45:5b:6e:a8:41:38:d4:b7:ac:6f:7b:93: 44:d9:57:26:00:f6:ab:fa:cc:f5:88:35:13:33:2f: 0e:7d:2f:4d:eb:b1:4d:ab:d9:ee:12:59:5c:8d:93: 31:f6:57:6a:9e:e5:ea:f1:05:20:5b:82:67:67:47: 82:27:4c:6b:78:78:ca:4c:76:eb:d9:5d:b7:ef:b4: 61:b7:b0:e2:72:88:cb:15:fd:31:c4:ec:8e:5d:9e: 17:b4:60:25:57:a8:13:22:cd:f3:ae:46:5d:45:ad: 1f:ca:f5:fb:99:cf:a8:e5:59:9a:ba:f8:5f:71:cf: df:4e:80:65:ef:3d:0f:1a:06:50:81:1b:46:41:59: 4d:c5:43:c3:67:f0:00:03:4c:5e:a8:ac:c8:b0:d7: d9:3e:59:81:e1:91:30:08:74:c9:9e:6b:72:36:ab: 36:a0:d7:84:6d:08:af:94:fa:69:c6:b6:ff:27:4a: 98:53:e3:5b:cc:6a:71:31:76:37:d3:b1:da:38:34: d6:cb:d9:d2:05:86:5e:5a:bf:e1:1e:1f:d6:c8:eb: 53:a7:89:54:00:6f:fe:01:b6:40:f7:db:3b:86:5e: 41:04:a3:32:98:81:82:f7:23:2e:20:42:7c:51:84: f8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:C5:51:FE:6A:E7:06:84:FB:19:1B:DB:A1:6E:06:7A:C1:B9:3A:0F X509v3 Authority Key Identifier: keyid:21:AA:9F:17:F8:CC:A4:7D:FB:92:B4:90:2D:2C:2B:32:03:DB:ED:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaqfF_jMpH37krSQLSwrMgPb7aY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:96:d9:e3:e9:0c:97:e6:e7:0b:fa:a2:9e:b9:fd:05:77:e8: de:f4:5b:62:63:1f:10:d9:1b:4d:76:75:84:30:56:76:4c:4c: 36:c6:ee:a0:21:e1:b1:07:89:66:f8:96:7a:4e:02:3a:e9:25: e5:bf:9f:b6:49:37:ed:d0:60:0f:fc:cc:67:24:6e:f2:07:99: 67:6c:25:34:8c:4d:57:1b:44:0e:81:f5:00:68:57:86:83:c1: f4:df:61:6c:20:9d:b0:20:53:84:b2:46:2b:5f:43:56:42:24: 35:5a:38:6e:4a:72:fc:64:5f:be:44:b9:c6:27:fb:d7:d3:2f: 95:ac:47:5b:f0:9f:4a:ad:de:f5:ed:02:ec:93:c0:93:e8:52: 6e:b1:12:73:62:6a:38:7b:ca:3d:88:67:f5:aa:2f:87:aa:aa: e3:e4:1a:40:fb:52:9d:1f:2f:0b:78:2f:3b:6b:a8:19:7b:66: de:25:10:9c:0a:08:43:a6:55:f7:06:05:73:9f:3d:25:d3:db: 08:55:fd:f7:93:80:b1:f8:0a:c7:ec:72:1b:b7:79:c4:df:d8: af:5f:07:fa:b8:01:1f:a6:5c:db:63:9a:63:45:2c:d1:c1:ef: b5:ff:de:49:94:e0:e1:61:9d:51:ad:b8:62:0a:91:81:31:65: 1d:76:66:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG5w7DAmSBJuyxHrW+9mBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxYWE5ZjE3ZjhjY2E0N2RmYjkyYjQ5MDJkMmMyYjMyMDNk YmVkYTYwHhcNMjUxMjA2MTAwMTA0WhcNMjUxMjA3MTAwMTA0WjAzMTEwLwYDVQQD Eyg3OWM1NTFmZTZhZTcwNjg0ZmIxOTFiZGJhMTZlMDY3YWMxYjkzYTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyS/yiple+QNE2mGZm2pQLVFW26o QTjUt6xve5NE2VcmAPar+sz1iDUTMy8OfS9N67FNq9nuEllcjZMx9ldqnuXq8QUg W4JnZ0eCJ0xreHjKTHbr2V2377Rht7DicojLFf0xxOyOXZ4XtGAlV6gTIs3zrkZd Ra0fyvX7mc+o5Vmauvhfcc/fToBl7z0PGgZQgRtGQVlNxUPDZ/AAA0xeqKzIsNfZ PlmB4ZEwCHTJnmtyNqs2oNeEbQivlPppxrb/J0qYU+NbzGpxMXY307HaODTWy9nS BYZeWr/hHh/WyOtTp4lUAG/+AbZA99s7hl5BBKMymIGC9yMuIEJ8UYT4QwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHnFUf5q5waE+xkb26FuBnrBuToPMB8GA1UdIwQY MBaAFCGqnxf4zKR9+5K0kC0sKzID2+2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWFxZkZfak1wSDM3a3JTUUxTd3JNZ1BiN2FZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kNjhkZmYtOTVlMS00YzkwLTllYzYt NTUwMjkyODBmZWMxLzEvSWFxZkZfak1wSDM3a3JTUUxTd3JNZ1BiN2FZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi9kNjhkZmYtOTVlMS00YzkwLTllYzYtNTUwMjkyODBmZWMx LzEvSWFxZkZfak1wSDM3a3JTUUxTd3JNZ1BiN2FZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAApbZ4+kM l+bnC/qinrn9BXfo3vRbYmMfENkbTXZ1hDBWdkxMNsbuoCHhsQeJZviWek4COukl 5b+ftkk37dBgD/zMZyRu8geZZ2wlNIxNVxtEDoH1AGhXhoPB9N9hbCCdsCBThLJG K19DVkIkNVo4bkpy/GRfvkS5xif719MvlaxHW/CfSq3e9e0C7JPAk+hSbrESc2Jq OHvKPYhn9aovh6qq4+QaQPtSnR8vC3gvO2uoGXtm3iUQnAoIQ6ZV9wYFc589JdPb CFX995OAsfgKx+xyG7d5xN/Yr18H+rgBH6Zc22OaY0Us0cHvtf/eSZTg4WGdUa24 YgqRgTFlHXZmag== -----END CERTIFICATE-----Generated at Sat Dec 6 12:25:33 2025 by rpki-client