This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft File: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft (raw, json) Hash identifier: uISwzceB5ZkN/Pl88/2g3Uxir1KIB5k2N45tg3pdwNc= Subject key identifier: 3F:A2:B5:3E:2E:CC:CE:50:66:7A:7E:DE:82:C6:13:20:B1:01:73:D3 Authority key identifier: 89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E Certificate issuer: /CN=89af8769339703da3b0cb5e831023d3bf63f022e Certificate serial: 019AF2096891B517BF16880179F23377AFBD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft Manifest number: 100B Signing time: Sat 06 Dec 2025 05:01:33 +0000 Manifest this update: Sat 06 Dec 2025 05:01:33 +0000 Manifest next update: Sun 07 Dec 2025 05:01:33 +0000 Files and hashes: 1: JBBfWvBvIPbMFEPW3wW2A3eZfMw.roa (hash: HPVfysoAPIIkBoYBVqV/VP2S0bfAf3Hk6zV6kpgHup8=) 2: ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl (hash: pVIsEBKYGHMqcQrXf1VCQ/r7N5jnyFxpzc+Y2Tl2tyk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:68:91:b5:17:bf:16:88:01:79:f2:33:77:af:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89af8769339703da3b0cb5e831023d3bf63f022e Validity Not Before: Dec 6 05:01:33 2025 GMT Not After : Dec 7 05:01:33 2025 GMT Subject: CN=3fa2b53e2eccce50667a7ede82c61320b10173d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:07:16:a6:2f:07:8e:a2:ff:30:a9:ff:5a:87: ca:90:47:ad:8a:c9:76:d6:dc:1f:7e:41:0a:8f:09: 9a:78:0d:69:27:96:b3:75:e1:f9:6d:75:74:3d:5f: 74:35:5f:1a:7c:e3:3a:28:df:72:ad:5c:53:2f:aa: e7:10:40:86:ed:e0:3c:f5:61:89:a4:39:b8:d8:0e: 74:49:73:73:85:f5:be:c0:b3:7b:8a:b3:9b:e1:11: 97:3b:e9:64:c9:15:93:45:76:1e:cb:4f:db:1b:c7: 12:e4:d6:f1:0e:76:46:06:ad:f4:a2:d3:84:7c:b3: 11:1b:cc:6e:44:39:96:17:26:a7:39:24:12:0f:16: 9c:47:95:14:a1:01:15:12:2b:63:5f:18:8b:04:68: 7b:74:55:b0:32:88:05:67:e2:31:80:90:c1:f0:8b: f2:d5:8c:c1:17:3c:cf:05:e9:fc:39:9b:9a:ca:e2: 96:2d:12:ea:50:6e:49:51:59:26:2b:e9:ae:67:cc: 6c:8e:a6:f6:08:91:1f:cf:41:44:81:9a:0f:d9:70: 48:be:d8:1f:1e:40:90:91:1a:f4:5d:12:6e:6b:f8: ff:3b:da:55:29:ee:35:b1:d1:2b:f7:6c:6d:d6:80: a1:61:c5:78:ef:99:61:c7:cc:c1:96:01:c7:5e:85: 87:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:A2:B5:3E:2E:CC:CE:50:66:7A:7E:DE:82:C6:13:20:B1:01:73:D3 X509v3 Authority Key Identifier: keyid:89:AF:87:69:33:97:03:DA:3B:0C:B5:E8:31:02:3D:3B:F6:3F:02:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5e82d6-c611-40ad-958e-301e4654ddf6/1/ia-HaTOXA9o7DLXoMQI9O_Y_Ai4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c1:d9:37:31:89:d2:78:14:2b:71:f5:3e:a3:c4:5d:ea:9a:e4: 97:fe:a0:d2:c0:87:2f:ca:64:5c:81:30:cf:0e:af:b3:3e:42: 8f:89:a3:af:33:a5:17:9d:ac:cb:3c:79:c2:4d:06:4a:6d:a8: 74:72:1a:5c:eb:83:45:50:ee:3b:b5:30:b1:7a:03:50:c2:cd: 04:54:5d:34:8b:51:ba:88:44:57:32:78:02:db:0f:8f:70:c9: c8:8d:12:d7:e7:0f:8b:b8:d8:53:0d:72:62:21:8e:28:9c:3c: 9e:63:29:01:c9:88:b1:4e:8f:d3:f5:26:f8:d1:94:04:1f:e0: b9:1d:e3:0f:5e:e3:93:68:f1:51:0d:8a:91:f1:ca:de:0f:6e: c2:31:42:34:51:56:69:0a:8d:3d:a1:a3:63:b4:47:31:2e:94: 7f:f0:6a:ad:e4:b4:a4:c4:4c:1e:48:d9:c2:1a:46:73:d7:80: a9:42:67:ce:27:f9:28:94:ee:72:b1:c9:28:6b:0a:e5:42:6a: 10:1a:7e:76:bf:d5:c8:7d:4e:11:52:19:2b:0a:64:7c:ab:c2: 64:ea:67:7e:ff:da:4b:4f:39:b4:cf:b2:40:88:e8:5d:f0:a6: 14:0a:20:16:86:4c:8e:f6:d7:9d:44:d7:77:b9:e9:e1:b1:12: 60:38:3d:59 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCWiRtRe/FogBefIzd6+9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YWY4NzY5MzM5NzAzZGEzYjBjYjVlODMxMDIzZDNiZjYz ZjAyMmUwHhcNMjUxMjA2MDUwMTMzWhcNMjUxMjA3MDUwMTMzWjAzMTEwLwYDVQQD EygzZmEyYjUzZTJlY2NjZTUwNjY3YTdlZGU4MmM2MTMyMGIxMDE3M2QzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgcWpi8HjqL/MKn/WofKkEetisl2 1twffkEKjwmaeA1pJ5azdeH5bXV0PV90NV8afOM6KN9yrVxTL6rnEECG7eA89WGJ pDm42A50SXNzhfW+wLN7irOb4RGXO+lkyRWTRXYey0/bG8cS5NbxDnZGBq30otOE fLMRG8xuRDmWFyanOSQSDxacR5UUoQEVEitjXxiLBGh7dFWwMogFZ+IxgJDB8Ivy 1YzBFzzPBen8OZuayuKWLRLqUG5JUVkmK+muZ8xsjqb2CJEfz0FEgZoP2XBIvtgf HkCQkRr0XRJua/j/O9pVKe41sdEr92xt1oChYcV475lhx8zBlgHHXoWHaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD+itT4uzM5QZnp+3oLGEyCxAXPTMB8GA1UdIwQY MBaAFImvh2kzlwPaOwy16DECPTv2PwIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUt MzAxZTQ2NTRkZGY2LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC81ZTgyZDYtYzYxMS00MGFkLTk1OGUtMzAxZTQ2NTRkZGY2 LzEvaWEtSGFUT1hBOW83RExYb01RSTlPX1lfQWk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwdk3MYnS eBQrcfU+o8Rd6prkl/6g0sCHL8pkXIEwzw6vsz5Cj4mjrzOlF52syzx5wk0GSm2o dHIaXOuDRVDuO7UwsXoDUMLNBFRdNItRuohEVzJ4AtsPj3DJyI0S1+cPi7jYUw1y YiGOKJw8nmMpAcmIsU6P0/Um+NGUBB/guR3jD17jk2jxUQ2KkfHK3g9uwjFCNFFW aQqNPaGjY7RHMS6Uf/BqreS0pMRMHkjZwhpGc9eAqUJnzif5KJTucrHJKGsK5UJq EBp+dr/VyH1OEVIZKwpkfKvCZOpnfv/aS085tM+yQIjoXfCmFAogFoZMjvbXnUTX d7np4bESYDg9WQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:28 2025 by rpki-client