This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft File: iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft (raw, json) Hash identifier: pvCcp00oOpS1V9eptBZacQs2esQBmoMhKIfDPoCT99s= Subject key identifier: CD:78:DF:59:F1:2B:7E:88:D9:B0:A3:5A:CA:84:33:17:5E:55:AC:B9 Authority key identifier: 88:7F:A3:73:71:D7:D4:59:3B:A2:90:EF:45:66:9E:A0:DE:29:37:82 Certificate issuer: /CN=887fa37371d7d4593ba290ef45669ea0de293782 Certificate serial: 019AF31C70D071F3229BE1B7F9FD45A1AD03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft Manifest number: 0884 Signing time: Sat 06 Dec 2025 10:01:58 +0000 Manifest this update: Sat 06 Dec 2025 10:01:58 +0000 Manifest next update: Sun 07 Dec 2025 10:01:58 +0000 Files and hashes: 1: XWaEMNo4oCmJKw7xuT_lUqU1a9o.roa (hash: vlh1Ps1w/BBZ8U+fD5oVlO0yHpfRUnw+NHa2xAJ40qE=) 2: iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl (hash: ZcHslh5E0LuWMODO9y37AL62YJP1pdAkoxm3NTL45Ws=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:70:d0:71:f3:22:9b:e1:b7:f9:fd:45:a1:ad:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=887fa37371d7d4593ba290ef45669ea0de293782 Validity Not Before: Dec 6 10:01:58 2025 GMT Not After : Dec 7 10:01:58 2025 GMT Subject: CN=cd78df59f12b7e88d9b0a35aca8433175e55acb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:bd:f7:9a:39:f0:dc:8e:4a:43:12:01:1d:06: 4f:45:4d:b9:c6:6d:03:8d:8a:ae:ac:49:e4:e1:0c: 76:2a:cf:ef:bb:6f:38:d7:86:3e:4c:2d:72:5d:60: 06:70:71:86:4a:f7:6f:1b:bc:20:89:b9:48:36:1f: 47:0a:80:39:b4:f6:11:26:66:25:94:50:13:fe:9b: e3:5e:a5:0e:ac:fb:89:d2:32:dd:c7:21:aa:04:d5: 1f:d6:ab:30:e1:7e:aa:43:58:fe:20:7b:62:62:ce: 67:d1:b5:26:f7:30:be:1c:83:1e:00:a5:b1:f0:c3: 49:33:58:2a:02:86:81:34:42:1a:85:18:93:67:fa: b9:dd:bb:61:8d:5e:d9:9f:e3:8f:96:be:5b:21:2d: 18:9c:9f:77:77:56:a9:88:eb:32:ca:7f:09:00:a5: 7d:7a:e9:1f:9f:f6:ba:32:e4:ed:8a:57:da:32:6c: 0e:53:c0:56:21:82:4d:78:6e:2b:bb:57:60:aa:e4: 05:e8:75:6f:5e:79:39:7a:4d:6d:3c:bc:bd:26:20: 3b:cc:32:eb:75:2a:93:25:fa:9d:82:44:72:d0:bb: 5a:26:1e:d4:cb:97:be:f1:dd:59:2c:52:dc:04:e5: 9b:ee:90:a9:05:de:d1:be:20:65:b6:67:df:79:7d: a7:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:78:DF:59:F1:2B:7E:88:D9:B0:A3:5A:CA:84:33:17:5E:55:AC:B9 X509v3 Authority Key Identifier: keyid:88:7F:A3:73:71:D7:D4:59:3B:A2:90:EF:45:66:9E:A0:DE:29:37:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:47:49:50:51:67:3d:94:77:e9:47:9e:d2:8b:41:7e:66:c0: 35:6f:26:f9:88:df:85:b0:54:df:19:b1:76:89:c3:a5:18:9f: 99:fb:70:86:71:9b:c1:16:ac:b2:82:31:1b:93:93:fa:cf:5b: a0:82:7a:7d:b7:b5:94:62:14:99:a1:ec:7b:68:a3:da:f7:cd: f4:18:38:41:2e:06:39:9d:2b:a1:46:b1:86:d1:f7:b7:ab:58: fd:32:e2:09:8a:af:f4:aa:d0:a5:6c:59:e0:aa:42:a2:87:c5: 4c:5c:e9:6d:63:4c:17:c8:5d:30:85:1c:11:ab:ee:98:e3:f5: 82:4c:07:04:0e:74:14:c6:f6:0d:45:5c:39:23:31:49:a2:cc: fd:2a:7e:6b:7e:09:16:2a:a7:16:a3:59:18:46:2c:7c:85:91: 74:db:7e:94:b3:ba:b4:da:ee:15:27:6c:79:07:b5:29:75:20: 8c:4f:a3:c8:1f:a1:b9:b5:bf:c0:0e:64:8a:cc:28:56:a3:8d: d0:0f:8f:f4:8b:5f:bc:c1:16:be:92:ed:fc:8a:15:0c:ab:f3: a3:a3:c6:01:f2:56:b9:cc:0b:e0:5f:d5:aa:38:3b:e5:7f:15: 10:f2:d6:d9:01:71:c6:30:f1:2a:62:ec:b6:ca:1e:eb:cc:ee: c2:d4:0f:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHHDQcfMim+G3+f1Foa0DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4N2ZhMzczNzFkN2Q0NTkzYmEyOTBlZjQ1NjY5ZWEwZGUy OTM3ODIwHhcNMjUxMjA2MTAwMTU4WhcNMjUxMjA3MTAwMTU4WjAzMTEwLwYDVQQD EyhjZDc4ZGY1OWYxMmI3ZTg4ZDliMGEzNWFjYTg0MzMxNzVlNTVhY2I5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r33mjnw3I5KQxIBHQZPRU25xm0D jYqurEnk4Qx2Ks/vu28414Y+TC1yXWAGcHGGSvdvG7wgiblINh9HCoA5tPYRJmYl lFAT/pvjXqUOrPuJ0jLdxyGqBNUf1qsw4X6qQ1j+IHtiYs5n0bUm9zC+HIMeAKWx 8MNJM1gqAoaBNEIahRiTZ/q53bthjV7Zn+OPlr5bIS0YnJ93d1apiOsyyn8JAKV9 eukfn/a6MuTtilfaMmwOU8BWIYJNeG4ru1dgquQF6HVvXnk5ek1tPLy9JiA7zDLr dSqTJfqdgkRy0LtaJh7Uy5e+8d1ZLFLcBOWb7pCpBd7RviBltmffeX2nHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM1431nxK36I2bCjWsqEMxdeVay5MB8GA1UdIwQY MBaAFIh/o3Nx19RZO6KQ70VmnqDeKTeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wOWRiOGMtNmRmMC00Y2VlLWFlMDct YTFlMjRhYWY2MTBmLzEvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8wOWRiOGMtNmRmMC00Y2VlLWFlMDctYTFlMjRhYWY2MTBm LzEvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM0dJUFFn PZR36Uee0otBfmbANW8m+YjfhbBU3xmxdonDpRifmftwhnGbwRassoIxG5OT+s9b oIJ6fbe1lGIUmaHse2ij2vfN9Bg4QS4GOZ0roUaxhtH3t6tY/TLiCYqv9KrQpWxZ 4KpCoofFTFzpbWNMF8hdMIUcEavumOP1gkwHBA50FMb2DUVcOSMxSaLM/Sp+a34J FiqnFqNZGEYsfIWRdNt+lLO6tNruFSdseQe1KXUgjE+jyB+hubW/wA5kiswoVqON 0A+P9ItfvMEWvpLt/IoVDKvzo6PGAfJWucwL4F/Vqjg75X8VEPLW2QFxxjDxKmLs tsoe68zuwtQPeg== -----END CERTIFICATE-----Generated at Sat Dec 6 17:54:37 2025 by rpki-client