This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft File: ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft (raw, json) Hash identifier: 9B0tWjdP4zDcln93pbkek/D5m1hvC0jjZHCVjJn2z6M= Subject key identifier: 64:66:6E:05:4F:67:93:1A:FB:5E:AC:5B:B6:2F:5E:54:87:CB:F4:7D Authority key identifier: 8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA Certificate issuer: /CN=8af7f32d33f6646779a51fb23201c6442d1451ca Certificate serial: 019AF1D1A35EA93BE410B99E71222ED2CFC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft Manifest number: 0B49 Signing time: Sat 06 Dec 2025 04:00:38 +0000 Manifest this update: Sat 06 Dec 2025 04:00:38 +0000 Manifest next update: Sun 07 Dec 2025 04:00:38 +0000 Files and hashes: 1: RZMmAomJrqs0yCU-Sl6pSFt5lLQ.roa (hash: mHTuz89sEZswLAvVyf4aCavMINMyLcZOi1mRW8tq0vE=) 2: ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl (hash: GSlAxAamZ0QHhI6xi8tcDlPvaXuCX6m1eFlQa9bRjWU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a3:5e:a9:3b:e4:10:b9:9e:71:22:2e:d2:cf:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8af7f32d33f6646779a51fb23201c6442d1451ca Validity Not Before: Dec 6 04:00:38 2025 GMT Not After : Dec 7 04:00:38 2025 GMT Subject: CN=64666e054f67931afb5eac5bb62f5e5487cbf47d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:50:a4:da:a9:c9:a7:eb:99:36:69:d7:d8:46: b2:6d:2f:88:bb:f0:3c:95:c6:e6:18:2e:f6:3d:0a: 31:73:f5:aa:c6:78:3f:62:dc:bb:64:a0:42:d5:05: 4a:ee:d7:c1:2d:56:b0:13:ae:8d:0c:09:12:3e:59: c3:81:85:f7:9d:1f:24:6d:27:59:53:13:ac:6a:48: a8:f3:4e:a7:ff:99:f3:1e:c6:d9:85:a3:ea:61:22: 9a:f5:df:bb:df:cf:04:de:9a:f5:cf:ac:15:85:0f: 23:e2:c9:02:da:e3:83:75:08:63:33:ae:3f:18:4a: 90:fb:70:e6:fa:b7:ce:3d:58:9b:8e:49:33:46:c7: 4f:6e:84:d6:2a:c9:c7:93:69:68:b0:6c:4d:68:c4: ac:78:77:65:4d:15:d7:0d:d5:51:a4:4b:4b:31:9c: 33:1d:09:af:c9:91:43:2e:b8:e4:a6:88:4f:42:ea: 99:d3:f1:2d:80:9b:a8:ed:8f:5d:54:2f:05:ba:01: ea:1d:da:7b:41:7c:dc:83:37:7f:2f:f9:55:fd:92: 5b:95:a9:29:33:d7:de:05:4a:4b:88:0f:fd:8a:5f: 09:81:07:97:f4:57:c8:49:c5:83:eb:d0:b2:3a:b4: 91:a8:a0:eb:06:ff:be:90:1d:f0:6e:75:82:9f:07: da:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:66:6E:05:4F:67:93:1A:FB:5E:AC:5B:B6:2F:5E:54:87:CB:F4:7D X509v3 Authority Key Identifier: keyid:8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:42:1f:97:17:98:99:bf:01:8b:29:1a:b9:a4:00:21:bd:6e: 46:75:e4:36:e2:be:21:96:46:d3:6c:3d:ad:eb:a6:7b:e4:a5: 6f:52:91:0d:ee:59:02:31:67:d7:e1:6d:37:0d:0a:1e:83:d0: 84:41:be:9f:47:8f:32:cc:3d:53:fc:2e:f6:5d:02:d4:6e:76: fc:da:36:b1:35:6a:44:4c:81:33:a0:20:6a:60:30:63:e0:39: 7a:6f:57:d1:c9:b6:43:08:3f:93:6e:d6:aa:96:51:4e:a5:7f: ea:ff:54:bb:f0:de:f7:d2:1e:7d:b3:3c:8a:96:7e:bd:a1:f7: 22:52:8f:d0:7a:f9:e4:31:30:dd:00:0c:53:ad:2a:dc:83:50: 07:5d:59:2f:03:7b:cb:72:ba:b1:fc:0d:5d:c5:2e:34:fe:1a: 5a:79:ee:92:d1:ef:29:9c:ec:51:ec:d1:11:7e:87:99:71:26: bd:87:04:1d:fd:dc:c7:a6:d5:b1:f0:4d:87:e6:22:ba:92:c4: 2e:f4:15:24:70:18:d8:8f:82:c5:1c:de:8e:8a:22:a4:ba:15: 36:ac:ee:57:75:38:65:77:a2:36:47:02:01:14:ff:f0:22:d2: b7:cf:eb:cf:88:81:ef:6a:fb:d4:a1:11:a0:9b:d3:42:6f:b9: 93:c1:0d:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0aNeqTvkELmecSIu0s/GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhZjdmMzJkMzNmNjY0Njc3OWE1MWZiMjMyMDFjNjQ0MmQx NDUxY2EwHhcNMjUxMjA2MDQwMDM4WhcNMjUxMjA3MDQwMDM4WjAzMTEwLwYDVQQD Eyg2NDY2NmUwNTRmNjc5MzFhZmI1ZWFjNWJiNjJmNWU1NDg3Y2JmNDdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlCk2qnJp+uZNmnX2EaybS+Iu/A8 lcbmGC72PQoxc/Wqxng/Yty7ZKBC1QVK7tfBLVawE66NDAkSPlnDgYX3nR8kbSdZ UxOsakio806n/5nzHsbZhaPqYSKa9d+7388E3pr1z6wVhQ8j4skC2uODdQhjM64/ GEqQ+3Dm+rfOPVibjkkzRsdPboTWKsnHk2losGxNaMSseHdlTRXXDdVRpEtLMZwz HQmvyZFDLrjkpohPQuqZ0/EtgJuo7Y9dVC8FugHqHdp7QXzcgzd/L/lV/ZJblakp M9feBUpLiA/9il8JgQeX9FfIScWD69CyOrSRqKDrBv++kB3wbnWCnwfaSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGRmbgVPZ5Ma+16sW7YvXlSHy/R9MB8GA1UdIwQY MBaAFIr38y0z9mRneaUfsjIBxkQtFFHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMt NWI3MmZiOTI3ZDFjLzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMtNWI3MmZiOTI3ZDFj LzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnEIflxeY mb8BiykauaQAIb1uRnXkNuK+IZZG02w9reume+Slb1KRDe5ZAjFn1+FtNw0KHoPQ hEG+n0ePMsw9U/wu9l0C1G52/No2sTVqREyBM6AgamAwY+A5em9X0cm2Qwg/k27W qpZRTqV/6v9Uu/De99IefbM8ipZ+vaH3IlKP0Hr55DEw3QAMU60q3INQB11ZLwN7 y3K6sfwNXcUuNP4aWnnuktHvKZzsUezREX6HmXEmvYcEHf3cx6bVsfBNh+YiupLE LvQVJHAY2I+CxRzejooipLoVNqzuV3U4ZXeiNkcCART/8CLSt8/rz4iB72r71KER oJvTQm+5k8ENlQ== -----END CERTIFICATE-----Generated at Sat Dec 6 06:59:20 2025 by rpki-client