This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft File: I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft (raw, json) Hash identifier: siTna09H8Rs/d38LTHh1+VPujTs2TARbrI2aZPc+jnw= Subject key identifier: 6B:1F:E6:D6:D7:EE:BD:D4:D2:F1:FE:07:CA:BA:19:23:54:3F:A1:1D Authority key identifier: 23:F5:C2:58:53:82:08:47:92:F1:3A:D1:97:20:5E:FD:D2:75:2D:F2 Certificate issuer: /CN=23f5c2585382084792f13ad197205efdd2752df2 Certificate serial: 019AF1D19B5BA02DFC96B85E7804A465A17E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft Manifest number: 010F Signing time: Sat 06 Dec 2025 04:00:37 +0000 Manifest this update: Sat 06 Dec 2025 04:00:37 +0000 Manifest next update: Sun 07 Dec 2025 04:00:37 +0000 Files and hashes: 1: I_XCWFOCCEeS8TrRlyBe_dJ1LfI.crl (hash: p8iUkmZqmU8soSEg7cAKNSDU8hMF1Higoh2cf0Zf5M8=) 2: PwxQMG9ujj6pfZhzC7G_kz3NsYA.roa (hash: 09V39ykqveB1AyZv1j7X/quqHqzhf0uH/toO7YLzAy0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.crl rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft rsync://rpki.ripe.net/repository/DEFAULT/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:9b:5b:a0:2d:fc:96:b8:5e:78:04:a4:65:a1:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23f5c2585382084792f13ad197205efdd2752df2 Validity Not Before: Dec 6 04:00:37 2025 GMT Not After : Dec 7 04:00:37 2025 GMT Subject: CN=6b1fe6d6d7eebdd4d2f1fe07caba1923543fa11d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:4e:00:cf:d8:84:9e:97:04:68:67:e2:d6:9a: e3:56:98:93:e6:2d:69:b6:75:45:ca:f8:a7:83:84: ba:9c:e0:8d:e2:47:1a:ad:e0:e5:81:31:43:5f:30: 96:42:d9:76:44:e1:fe:1e:b8:dd:b5:6a:ef:35:59: b1:34:07:0a:2c:8f:1f:23:f3:b0:fd:68:da:b2:d0: 38:d1:2a:9f:81:9e:b3:c0:90:62:49:70:7c:3c:66: d1:71:6e:ad:bb:fa:6d:e1:a2:47:df:b2:94:ae:9b: 7f:a2:f0:c6:5a:32:16:ac:6f:8e:21:24:0c:35:ac: 93:d2:00:71:86:a6:20:fc:db:b9:bd:32:78:5c:05: 5f:d0:19:0e:d6:ea:36:d7:06:cc:9e:c2:69:cb:6b: 48:70:25:c3:a3:39:d6:27:0f:ec:f5:46:69:94:c9: 8b:b6:db:d1:26:7a:04:a7:1b:88:f7:c3:bc:fe:aa: 46:84:a0:b6:1b:d1:39:39:1b:b8:94:61:3b:2d:81: d9:c4:c3:19:7e:ad:f0:b4:f1:3c:e3:37:09:2c:ae: a5:e0:1c:b7:95:84:9e:83:9e:4d:a0:15:bc:43:fd: 0e:5e:ba:1c:ef:dd:71:e1:c4:53:42:26:c6:3f:9e: e2:b1:6c:fb:49:91:71:eb:c1:a2:18:c1:15:2a:b3: 38:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:1F:E6:D6:D7:EE:BD:D4:D2:F1:FE:07:CA:BA:19:23:54:3F:A1:1D X509v3 Authority Key Identifier: keyid:23:F5:C2:58:53:82:08:47:92:F1:3A:D1:97:20:5E:FD:D2:75:2D:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f83d09-3413-4651-96ce-8fb5244bc256/1/I_XCWFOCCEeS8TrRlyBe_dJ1LfI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:2a:68:56:fe:32:73:f7:36:36:60:05:10:62:29:37:fd:59: 62:34:cc:ea:71:c2:d4:21:69:90:78:b2:66:82:30:cc:e5:b5: e4:a9:fb:e1:ab:d1:bb:80:bc:80:e3:c2:d8:17:68:50:5a:08: 51:1d:30:52:c4:c7:0d:c2:01:c1:d4:f2:3d:19:35:f7:9b:f7: 6e:5f:ea:c5:20:c1:d3:c5:a1:26:93:45:0a:0b:4a:4b:42:39: 94:cf:84:81:84:df:84:2e:4e:c2:23:b2:f6:24:7c:d1:b4:26: 7e:bd:17:40:b8:06:95:bd:7a:8e:5d:d2:f9:18:e0:f3:4f:64: 99:32:41:35:59:ad:4c:0a:40:49:d4:86:0e:ee:58:62:0a:c9: d6:05:ca:6d:cf:77:ee:e4:76:cb:03:0f:41:16:3c:e0:a5:01: ed:4d:1f:ad:71:14:98:2e:1f:af:a1:63:bb:38:42:f7:bf:5a: ee:f3:5f:7d:fd:a8:e3:fc:e0:9c:e2:47:20:8b:42:53:b8:54: e9:d6:a2:47:ba:72:69:3f:e6:7e:d1:14:76:37:0e:63:e2:9b: f0:fc:88:c2:04:0f:68:d3:a0:c8:78:5d:2b:88:75:29:b4:a6: 63:9a:09:de:3c:7d:81:ad:54:ad:17:ff:80:73:1c:df:83:ee: b1:ab:87:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0ZtboC38lrheeASkZaF+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZjVjMjU4NTM4MjA4NDc5MmYxM2FkMTk3MjA1ZWZkZDI3 NTJkZjIwHhcNMjUxMjA2MDQwMDM3WhcNMjUxMjA3MDQwMDM3WjAzMTEwLwYDVQQD Eyg2YjFmZTZkNmQ3ZWViZGQ0ZDJmMWZlMDdjYWJhMTkyMzU0M2ZhMTFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k4Az9iEnpcEaGfi1prjVpiT5i1p tnVFyving4S6nOCN4kcareDlgTFDXzCWQtl2ROH+HrjdtWrvNVmxNAcKLI8fI/Ow /WjastA40SqfgZ6zwJBiSXB8PGbRcW6tu/pt4aJH37KUrpt/ovDGWjIWrG+OISQM NayT0gBxhqYg/Nu5vTJ4XAVf0BkO1uo21wbMnsJpy2tIcCXDoznWJw/s9UZplMmL ttvRJnoEpxuI98O8/qpGhKC2G9E5ORu4lGE7LYHZxMMZfq3wtPE84zcJLK6l4By3 lYSeg55NoBW8Q/0OXroc791x4cRTQibGP57isWz7SZFx68GiGMEVKrM4JQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGsf5tbX7r3U0vH+B8q6GSNUP6EdMB8GA1UdIwQY MBaAFCP1wlhTgghHkvE60ZcgXv3SdS3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSV9YQ1dGT0NDRWVTOFRyUmx5QmVfZEoxTGZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mODNkMDktMzQxMy00NjUxLTk2Y2Ut OGZiNTI0NGJjMjU2LzEvSV9YQ1dGT0NDRWVTOFRyUmx5QmVfZEoxTGZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC9mODNkMDktMzQxMy00NjUxLTk2Y2UtOGZiNTI0NGJjMjU2 LzEvSV9YQ1dGT0NDRWVTOFRyUmx5QmVfZEoxTGZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHypoVv4y c/c2NmAFEGIpN/1ZYjTM6nHC1CFpkHiyZoIwzOW15Kn74avRu4C8gOPC2BdoUFoI UR0wUsTHDcIBwdTyPRk195v3bl/qxSDB08WhJpNFCgtKS0I5lM+EgYTfhC5OwiOy 9iR80bQmfr0XQLgGlb16jl3S+Rjg809kmTJBNVmtTApASdSGDu5YYgrJ1gXKbc93 7uR2ywMPQRY84KUB7U0frXEUmC4fr6FjuzhC979a7vNfff2o4/zgnOJHIItCU7hU 6daiR7pyaT/mftEUdjcOY+Kb8PyIwgQPaNOgyHhdK4h1KbSmY5oJ3jx9ga1UrRf/ gHMc34PusauHUA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:47:43 2025 by rpki-client