This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft File: IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft (raw, json) Hash identifier: FLccLEsjOfjDJcN+BOh1/d5j7TXjqhM1Gj+LVEFXGLM= Subject key identifier: CF:DD:F8:A7:AC:F1:57:35:AA:93:FD:1D:A8:C9:41:C0:E1:54:32:FA Authority key identifier: 21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35 Certificate issuer: /CN=214a0f42190944ac6b45e00a24ae41a345fdcb35 Certificate serial: 019AF509F30B67177AC8F40E92BF74BED5B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 19:01:00 +0000 Manifest this update: Sat 06 Dec 2025 19:01:00 +0000 Manifest next update: Sun 07 Dec 2025 19:01:00 +0000 Files and hashes: 1: BIaGV9Zs8uGBriNQ8U7uQ0gnNfA.roa (hash: 7T5AV/yHdfgZicPaqkaiWb9Osz7vZVkyB1rTGAClRcg=) 2: IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl (hash: s5XWmirczyV7YgZXxxsQHRrSV5aNdS1elJaBHXS9lc0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:f3:0b:67:17:7a:c8:f4:0e:92:bf:74:be:d5:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=214a0f42190944ac6b45e00a24ae41a345fdcb35 Validity Not Before: Dec 6 19:01:00 2025 GMT Not After : Dec 7 19:01:00 2025 GMT Subject: CN=cfddf8a7acf15735aa93fd1da8c941c0e15432fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:06:36:d1:f0:4f:97:41:1f:4e:30:72:e2:3a: 8c:05:9f:c9:30:f6:fc:46:82:f7:6d:2d:63:46:39: 05:fc:10:fa:4a:a7:73:98:5a:09:91:08:d1:ec:c8: bb:9a:70:98:87:45:79:4c:2f:a8:34:90:50:bf:c6: d5:13:0a:9b:41:d4:b9:fa:dc:0e:f6:97:0c:e9:1d: a1:b2:85:94:66:e4:ee:7c:38:e7:4c:f0:2c:46:2e: 04:41:38:60:9a:ca:0e:fe:7b:9b:7e:ba:10:7b:d7: 33:4c:ef:44:05:a6:94:64:31:d1:e8:4a:10:64:10: 1d:05:04:98:d0:0e:50:b3:b1:f2:5e:9e:a2:2f:1f: 5d:28:c7:f4:d1:93:c8:18:d6:87:85:66:c0:3b:b0: 9a:3d:fa:66:75:93:4b:e6:a1:6c:88:06:52:42:73: 21:52:ad:9f:0d:c0:27:0f:c9:d7:4f:5e:a0:41:ba: 2d:eb:94:02:8e:08:52:fa:6b:8b:49:93:9b:02:c8: 17:af:0b:f3:78:81:26:03:fa:26:54:1e:98:5f:94: c3:94:8f:3a:17:ac:50:a4:d7:87:de:5f:7a:fa:06: 4b:2c:9f:57:a9:95:0a:4f:18:3a:ac:bb:9d:ce:1b: 55:ab:93:95:7c:33:58:d1:17:7e:4b:33:a8:5b:74: 24:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:DD:F8:A7:AC:F1:57:35:AA:93:FD:1D:A8:C9:41:C0:E1:54:32:FA X509v3 Authority Key Identifier: keyid:21:4A:0F:42:19:09:44:AC:6B:45:E0:0A:24:AE:41:A3:45:FD:CB:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUoPQhkJRKxrReAKJK5Bo0X9yzU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0d57ff-5530-460d-8b53-b6656cc1bd59/1/IUoPQhkJRKxrReAKJK5Bo0X9yzU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:90:70:aa:00:d5:88:59:ea:a9:f1:80:58:24:f9:11:4c:62: 40:71:7e:30:de:e5:ea:17:c6:f3:cb:8a:1b:f5:36:6a:65:e0: 08:2b:11:3d:d4:20:ef:6f:23:d0:45:e1:2e:22:b1:2a:bc:19: 5a:e0:06:f2:3a:45:2a:20:ce:02:c9:07:01:c9:7c:43:15:ed: 7d:81:4d:60:1a:23:a1:97:b3:36:fa:5e:7c:50:d3:1a:ad:8c: 79:05:f6:7c:18:e6:22:55:5e:04:a0:c1:55:3f:db:d8:4f:1a: d0:6c:42:1b:f0:70:6b:54:78:8b:99:ab:d9:22:16:a7:85:d1: 76:c8:53:d4:00:ee:c7:90:29:63:d9:86:c0:c0:7c:a9:f1:eb: d1:26:c7:b9:38:6d:da:a6:73:71:ce:87:1e:0a:49:c9:66:0a: 46:24:d2:4e:d4:27:c2:99:dc:ce:06:24:e5:8d:a8:5b:30:45: d0:65:c5:f7:5a:e0:c6:b2:9a:ef:18:b4:bb:1e:fd:9c:79:7a: 1c:21:1f:3f:20:a8:6d:cc:4e:86:7f:d2:e2:05:ae:58:d4:3b: 78:eb:72:51:93:62:69:9a:4a:4c:49:b7:ee:f1:8b:74:ea:e2: 53:a5:ef:bc:4c:73:3f:da:1f:d5:bd:5b:d4:ad:c6:60:79:fb: 04:4b:16:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CfMLZxd6yPQOkr90vtWyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxNGEwZjQyMTkwOTQ0YWM2YjQ1ZTAwYTI0YWU0MWEzNDVm ZGNiMzUwHhcNMjUxMjA2MTkwMTAwWhcNMjUxMjA3MTkwMTAwWjAzMTEwLwYDVQQD EyhjZmRkZjhhN2FjZjE1NzM1YWE5M2ZkMWRhOGM5NDFjMGUxNTQzMmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwY20fBPl0EfTjBy4jqMBZ/JMPb8 RoL3bS1jRjkF/BD6SqdzmFoJkQjR7Mi7mnCYh0V5TC+oNJBQv8bVEwqbQdS5+twO 9pcM6R2hsoWUZuTufDjnTPAsRi4EQThgmsoO/nubfroQe9czTO9EBaaUZDHR6EoQ ZBAdBQSY0A5Qs7HyXp6iLx9dKMf00ZPIGNaHhWbAO7CaPfpmdZNL5qFsiAZSQnMh Uq2fDcAnD8nXT16gQbot65QCjghS+muLSZObAsgXrwvzeIEmA/omVB6YX5TDlI86 F6xQpNeH3l96+gZLLJ9XqZUKTxg6rLudzhtVq5OVfDNY0Rd+SzOoW3Qk4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM/d+Kes8Vc1qpP9HajJQcDhVDL6MB8GA1UdIwQY MBaAFCFKD0IZCUSsa0XgCiSuQaNF/cs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMt YjY2NTZjYzFiZDU5LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8wZDU3ZmYtNTUzMC00NjBkLThiNTMtYjY2NTZjYzFiZDU5 LzEvSVVvUFFoa0pSS3hyUmVBS0pLNUJvMFg5eXpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkpBwqgDV iFnqqfGAWCT5EUxiQHF+MN7l6hfG88uKG/U2amXgCCsRPdQg728j0EXhLiKxKrwZ WuAG8jpFKiDOAskHAcl8QxXtfYFNYBojoZezNvpefFDTGq2MeQX2fBjmIlVeBKDB VT/b2E8a0GxCG/Bwa1R4i5mr2SIWp4XRdshT1ADux5ApY9mGwMB8qfHr0SbHuTht 2qZzcc6HHgpJyWYKRiTSTtQnwpnczgYk5Y2oWzBF0GXF91rgxrKa7xi0ux79nHl6 HCEfPyCobcxOhn/S4gWuWNQ7eOtyUZNiaZpKTEm37vGLdOriU6XvvExzP9of1b1b 1K3GYHn7BEsWOg== -----END CERTIFICATE-----Generated at Sun Dec 7 02:33:50 2025 by rpki-client