This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft File: IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json) Hash identifier: J+z2BwP59KLGzawsQdDJvNQA1YHvxznTWzXstccq64Y= Subject key identifier: FF:A5:B4:07:CB:DC:0E:94:4F:59:2F:E6:10:44:E9:8A:E2:52:4E:63 Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9 Certificate issuer: /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9 Certificate serial: 019AF23FCAEE98122B4D2AC2A836F812DAE7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft Manifest number: 06F3 Signing time: Sat 06 Dec 2025 06:00:58 +0000 Manifest this update: Sat 06 Dec 2025 06:00:58 +0000 Manifest next update: Sun 07 Dec 2025 06:00:58 +0000 Files and hashes: 1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: bc/m2CSDSe2AQ4AYkGAuIT1kQJ+hUxFj3Jt+YI8wy5g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:ca:ee:98:12:2b:4d:2a:c2:a8:36:f8:12:da:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9 Validity Not Before: Dec 6 06:00:58 2025 GMT Not After : Dec 7 06:00:58 2025 GMT Subject: CN=ffa5b407cbdc0e944f592fe61044e98ae2524e63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:41:b5:67:2c:eb:61:eb:16:c6:5b:39:ec:5e: 41:11:ca:2a:24:b8:4f:a0:6f:4f:12:f8:c4:9a:00: 49:54:49:52:82:9a:78:0d:a5:82:97:db:6b:3f:5d: 77:9d:a0:55:0f:ea:53:4e:8c:1f:a2:5b:99:90:30: 67:68:51:26:fa:d8:54:fb:03:af:3d:0d:2a:f5:22: de:41:c9:21:00:dd:4e:5c:a4:d8:b3:60:19:df:34: cc:ee:f8:d1:30:c1:3b:a3:0b:63:fb:ff:a4:80:b4: cd:8f:0c:10:91:48:38:35:7d:6f:ad:68:22:0d:b6: cd:bb:77:64:3e:23:bb:65:ac:29:20:91:91:1c:fc: e5:92:e3:b6:a6:eb:d6:2c:2c:99:bc:f6:c9:33:1c: 7c:85:c0:60:2d:3f:11:c1:46:17:fe:d6:b6:71:d3: 68:4e:34:6f:6b:f6:f5:ae:72:10:79:99:d4:6f:a0: fc:e4:70:f5:88:bf:0a:1b:6f:b5:84:0c:8e:f9:96: 60:07:3b:60:67:d8:b2:4a:f4:47:41:35:71:62:1b: d3:b8:fd:45:4c:98:d0:7f:0a:bc:6f:75:b1:a8:8d: 8d:8a:6b:9c:1c:57:70:bf:c4:0a:c0:e1:99:7f:b6: b2:b7:7a:e2:24:19:ec:87:58:b1:04:1f:1c:12:76: 44:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:A5:B4:07:CB:DC:0E:94:4F:59:2F:E6:10:44:E9:8A:E2:52:4E:63 X509v3 Authority Key Identifier: keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:c4:fe:f6:c8:06:3c:59:07:d1:80:d2:d9:30:85:04:dc:a2: fe:e2:93:d9:b5:83:f7:1d:8c:14:1e:f9:5c:b0:05:90:ff:fd: 9e:db:33:0b:3f:4f:6c:cf:92:cf:6f:0f:1c:27:d6:23:3f:fd: 7f:4a:ad:e3:ff:30:3a:1c:6e:81:2a:24:07:bd:5c:63:08:c4: 5d:0e:96:78:68:29:5a:0b:79:25:d6:0e:7d:99:72:4d:6b:69: d1:9e:af:8d:11:40:7b:48:5c:a0:03:0d:3e:c8:b3:9b:c6:e7: f5:d4:b2:f6:7e:bb:1f:2e:da:91:35:dc:ca:96:2b:da:15:87: 2f:c1:4a:5b:47:27:dc:89:c5:0d:7d:b5:f0:39:3d:25:ca:39: c9:02:0a:39:21:01:00:aa:33:ad:02:da:43:3d:27:a3:9e:aa: 94:86:48:92:5b:7b:9a:86:0b:c2:8a:b9:fc:dc:2b:d6:89:fe: 26:a7:91:b2:6f:d2:a5:48:88:d7:77:b9:bd:9b:e6:10:39:01: b5:e3:14:10:32:d9:27:01:c1:78:24:ab:45:61:51:e1:29:54: bd:e3:e3:a1:06:53:90:71:3e:08:7d:f2:6b:c6:4b:0c:f9:9a: 1b:21:f5:af:a8:6a:9d:66:f6:75:d9:20:f7:b0:1d:5c:5f:a8: 7f:22:3e:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP8rumBIrTSrCqDb4EtrnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3 MDhlYjkwHhcNMjUxMjA2MDYwMDU4WhcNMjUxMjA3MDYwMDU4WjAzMTEwLwYDVQQD EyhmZmE1YjQwN2NiZGMwZTk0NGY1OTJmZTYxMDQ0ZTk4YWUyNTI0ZTYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEG1ZyzrYesWxls57F5BEcoqJLhP oG9PEvjEmgBJVElSgpp4DaWCl9trP113naBVD+pTTowfoluZkDBnaFEm+thU+wOv PQ0q9SLeQckhAN1OXKTYs2AZ3zTM7vjRMME7owtj+/+kgLTNjwwQkUg4NX1vrWgi DbbNu3dkPiO7ZawpIJGRHPzlkuO2puvWLCyZvPbJMxx8hcBgLT8RwUYX/ta2cdNo TjRva/b1rnIQeZnUb6D85HD1iL8KG2+1hAyO+ZZgBztgZ9iySvRHQTVxYhvTuP1F TJjQfwq8b3WxqI2NimucHFdwv8QKwOGZf7ayt3riJBnsh1ixBB8cEnZEnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP+ltAfL3A6UT1kv5hBE6YriUk5jMB8GA1UdIwQY MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAsT+9sgG PFkH0YDS2TCFBNyi/uKT2bWD9x2MFB75XLAFkP/9ntszCz9PbM+Sz28PHCfWIz/9 f0qt4/8wOhxugSokB71cYwjEXQ6WeGgpWgt5JdYOfZlyTWtp0Z6vjRFAe0hcoAMN Psizm8bn9dSy9n67Hy7akTXcypYr2hWHL8FKW0cn3InFDX218Dk9Jco5yQIKOSEB AKozrQLaQz0no56qlIZIklt7moYLwoq5/Nwr1on+JqeRsm/SpUiI13e5vZvmEDkB teMUEDLZJwHBeCSrRWFR4SlUvePjoQZTkHE+CH3ya8ZLDPmaGyH1r6hqnWb2ddkg 97AdXF+ofyI++A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:06:48 2025 by rpki-client