This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft File: IATWKTJ0OW9ajWkUhdaHagogcdk.mft (raw, json) Hash identifier: f06Vo2v3mFE0ZSz4qA8Ko+UJZm7G3K4YvaKMhRxKiT8= Subject key identifier: 23:97:96:EA:94:F0:57:CC:AD:D0:84:D8:AB:32:26:9E:3D:FF:8B:33 Authority key identifier: 20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9 Certificate issuer: /CN=2004d6293274396f5a8d691485d6876a0a2071d9 Certificate serial: 019AF5788236E897C0894FBFB59BFC9AFB62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft Manifest number: 1404 Signing time: Sat 06 Dec 2025 21:01:46 +0000 Manifest this update: Sat 06 Dec 2025 21:01:46 +0000 Manifest next update: Sun 07 Dec 2025 21:01:46 +0000 Files and hashes: 1: IATWKTJ0OW9ajWkUhdaHagogcdk.crl (hash: sK6eRDbXFggvwFaGj6pNXv4+mK0lSQwdCnzeHXAFYDc=) 2: aEJUX-P3iWzm8iZ2YmNhX1BUm-w.roa (hash: UCW6fp2JBu8X3L8wVEatff2uZp8yn3edNh91K1NyH88=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:82:36:e8:97:c0:89:4f:bf:b5:9b:fc:9a:fb:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2004d6293274396f5a8d691485d6876a0a2071d9 Validity Not Before: Dec 6 21:01:46 2025 GMT Not After : Dec 7 21:01:46 2025 GMT Subject: CN=239796ea94f057ccadd084d8ab32269e3dff8b33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:d8:ee:ea:4c:f9:4d:a4:64:f8:ee:ce:af:25: db:5d:c9:27:a2:bc:48:5a:cf:70:ac:e9:c9:7f:9c: d4:eb:d8:25:bf:c0:41:86:f1:8c:63:3c:a4:8d:ae: 89:84:81:71:90:a4:0e:5e:24:8a:5d:a3:01:d4:fe: ee:e0:95:6a:31:cd:11:fd:c6:ef:8e:5e:b7:b6:8c: e7:60:ba:99:cf:48:c8:82:41:c1:17:5f:4e:18:d4: a0:14:b8:40:15:1f:e7:1d:97:20:73:d7:52:a8:52: d7:de:cd:34:ff:5d:02:40:84:fe:e6:23:47:76:db: 16:5e:28:14:96:55:56:3c:99:0a:95:c5:a8:a4:ac: e5:00:29:eb:38:33:9a:63:e0:b5:10:6c:6e:67:30: 72:b0:65:89:d9:14:db:7d:93:51:4c:fe:64:90:52: 32:97:5e:ed:90:cb:5e:23:76:1b:ea:64:10:69:47: 9f:18:97:8d:4a:7e:30:b0:6b:83:fc:3a:1a:fe:80: 04:f4:b4:8e:ba:c4:1d:01:e3:f3:94:45:c8:40:40: 53:3b:b0:40:52:50:2a:eb:76:8a:51:96:a5:77:b3: 68:08:02:f0:1a:65:2a:bf:3b:52:4a:67:65:b4:f7: 38:c8:3a:ca:39:37:43:8e:c0:55:2d:0b:0f:23:5f: 4a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:97:96:EA:94:F0:57:CC:AD:D0:84:D8:AB:32:26:9E:3D:FF:8B:33 X509v3 Authority Key Identifier: keyid:20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:89:a9:01:c2:92:da:35:a7:fd:ec:5d:cc:f5:ef:a6:c5:45: 16:42:a4:8d:e9:6d:22:bf:1c:34:ea:f2:02:bc:ac:17:93:e2: e1:b6:3c:cf:f7:23:81:3d:84:4f:14:9a:0d:2b:67:9c:a6:f1: 2f:21:ab:40:32:85:51:b2:5b:96:f4:cd:a5:c4:96:2c:c7:2d: fe:ff:75:5d:e4:52:bb:81:5c:54:fa:fa:70:c4:67:e7:d1:85: c7:3b:c2:3b:d3:4d:8c:51:db:0b:e0:56:ef:94:86:3f:ff:5d: 19:47:c4:0c:0c:1f:f3:9b:74:56:30:84:7a:cf:94:b8:9c:34: e1:63:57:5e:6f:66:dd:33:52:18:dd:92:13:53:08:4d:14:e5: 32:44:8c:ea:b8:51:2e:81:e0:5c:d6:0b:c9:30:da:a7:63:4d: 0b:cd:28:14:e6:4f:0b:5b:a9:62:08:9c:1e:d3:ea:db:13:67: f2:0e:cd:bd:01:ee:ec:f8:0b:4b:15:a4:fc:11:f8:ec:7a:8a: ea:91:e6:18:96:b4:ed:e8:4c:62:fc:03:3c:eb:d2:f7:30:e2: 61:6b:22:7c:a1:86:fd:ea:23:c3:ec:a7:95:56:99:df:ec:41: 4e:d9:f7:28:ca:a1:ca:e0:f1:6c:ec:2e:af:fc:e5:e7:ae:a1: 53:85:b8:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eII26JfAiU+/tZv8mvtiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMDRkNjI5MzI3NDM5NmY1YThkNjkxNDg1ZDY4NzZhMGEy MDcxZDkwHhcNMjUxMjA2MjEwMTQ2WhcNMjUxMjA3MjEwMTQ2WjAzMTEwLwYDVQQD EygyMzk3OTZlYTk0ZjA1N2NjYWRkMDg0ZDhhYjMyMjY5ZTNkZmY4YjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Nju6kz5TaRk+O7OryXbXcknorxI Ws9wrOnJf5zU69glv8BBhvGMYzykja6JhIFxkKQOXiSKXaMB1P7u4JVqMc0R/cbv jl63toznYLqZz0jIgkHBF19OGNSgFLhAFR/nHZcgc9dSqFLX3s00/10CQIT+5iNH dtsWXigUllVWPJkKlcWopKzlACnrODOaY+C1EGxuZzBysGWJ2RTbfZNRTP5kkFIy l17tkMteI3Yb6mQQaUefGJeNSn4wsGuD/Doa/oAE9LSOusQdAePzlEXIQEBTO7BA UlAq63aKUZald7NoCALwGmUqvztSSmdltPc4yDrKOTdDjsBVLQsPI19KvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCOXluqU8FfMrdCE2KsyJp49/4szMB8GA1UdIwQY MBaAFCAE1ikydDlvWo1pFIXWh2oKIHHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzIt NGVmOWNjNzUxNTE3LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzItNGVmOWNjNzUxNTE3 LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQImpAcKS 2jWn/exdzPXvpsVFFkKkjeltIr8cNOryArysF5Pi4bY8z/cjgT2ETxSaDStnnKbx LyGrQDKFUbJblvTNpcSWLMct/v91XeRSu4FcVPr6cMRn59GFxzvCO9NNjFHbC+BW 75SGP/9dGUfEDAwf85t0VjCEes+UuJw04WNXXm9m3TNSGN2SE1MITRTlMkSM6rhR LoHgXNYLyTDap2NNC80oFOZPC1upYgicHtPq2xNn8g7NvQHu7PgLSxWk/BH47HqK 6pHmGJa07ehMYvwDPOvS9zDiYWsifKGG/eojw+ynlVaZ3+xBTtn3KMqhyuDxbOwu r/zl566hU4W4aA== -----END CERTIFICATE-----Generated at Sun Dec 7 01:40:39 2025 by rpki-client