This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft File: immKFPthpoevCmP3xlXAAfZwEoI.mft (raw, json) Hash identifier: i+lmBNudle05Wu5S85W/05UwKbyuqoiCxu4KamaoVnk= Subject key identifier: A3:25:FF:F6:3A:C4:C0:22:83:D4:E9:66:2A:66:63:21:5D:C2:DD:C9 Authority key identifier: 8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82 Certificate issuer: /CN=8a698a14fb61a687af0a63f7c655c001f6701282 Certificate serial: 019AF23FBFCFC673A0A9F465C3D817707C64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft Manifest number: 04FB Signing time: Sat 06 Dec 2025 06:00:55 +0000 Manifest this update: Sat 06 Dec 2025 06:00:55 +0000 Manifest next update: Sun 07 Dec 2025 06:00:55 +0000 Files and hashes: 1: P1m93kQnbl9hCPZ7gjvBSz2QduY.roa (hash: Vw3jwkUFPb+4FTO/pTKFTwQSjK1reP+BMicWKiuZXfs=) 2: immKFPthpoevCmP3xlXAAfZwEoI.crl (hash: ErGDocasYS+lJJWBhFPhFyjBEqp7MhaXiFqrL7lEEjI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:bf:cf:c6:73:a0:a9:f4:65:c3:d8:17:70:7c:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8a698a14fb61a687af0a63f7c655c001f6701282 Validity Not Before: Dec 6 06:00:55 2025 GMT Not After : Dec 7 06:00:55 2025 GMT Subject: CN=a325fff63ac4c02283d4e9662a6663215dc2ddc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7f:ea:8c:11:f1:ca:8f:06:8a:00:57:eb:1d: 8e:4b:ed:e6:05:ae:e9:dc:e9:b9:a2:e7:e9:98:7d: e4:b8:55:05:fa:8d:2d:6b:c4:b9:9d:75:f2:e6:80: a2:fd:85:77:70:f8:82:6b:5c:52:2f:f8:73:d9:39: a3:af:fa:99:d9:6d:06:b4:6f:23:ef:03:76:d5:1a: cd:8f:a4:4a:d8:26:6f:19:e1:b5:b3:43:f8:00:7e: 93:03:30:d9:8f:d1:70:e1:6a:2b:5e:7b:40:d3:4f: e6:fd:e8:ae:9c:90:a1:34:4b:fb:df:bf:85:8a:db: d7:69:21:fa:cb:11:95:e0:be:50:98:99:6e:72:a4: ef:ed:13:35:4b:e2:7c:d0:8c:c2:41:6a:aa:e9:67: 48:0e:f9:8e:a0:1a:34:dc:64:f1:5a:22:52:d4:bd: d0:59:a5:bc:ba:5c:d2:7b:b4:0f:97:dc:27:59:f7: ef:57:32:98:1b:81:73:6f:3f:93:51:11:7c:12:e5: b7:f6:9d:5e:2c:1d:21:28:7d:b1:92:9c:a0:b0:3b: 39:7e:96:08:30:32:d4:44:66:f3:b4:25:95:52:9b: 48:a1:e1:52:8e:46:26:fe:dc:5a:b5:be:00:01:95: fc:8d:c7:4d:99:27:5c:88:fc:29:6c:87:53:69:b3: d1:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:25:FF:F6:3A:C4:C0:22:83:D4:E9:66:2A:66:63:21:5D:C2:DD:C9 X509v3 Authority Key Identifier: keyid:8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:17:d6:f1:43:d0:f4:a7:c9:ef:70:12:24:e7:78:6d:a5:e7: cc:cb:ee:e5:1d:77:8d:ce:da:b4:79:4f:ca:fc:47:9d:ae:0f: 3d:0c:4a:95:5e:29:f8:bc:32:00:e0:37:1c:d6:88:82:22:d5: a2:07:cb:99:de:42:2b:95:03:88:8d:69:12:30:f2:33:d2:fc: af:df:cd:2d:e7:b8:d9:f4:cb:6b:31:3f:a3:83:6a:77:af:78: 77:82:9d:4e:8f:ba:c0:af:0a:8c:a6:48:f8:37:82:fb:c5:08: 06:e7:3d:a1:31:cc:b4:fd:52:b3:1d:dd:82:a8:a6:e8:02:20: da:c1:5f:38:5d:3b:43:29:4b:51:94:60:d1:b6:2f:eb:06:37: 65:84:07:f7:5e:7a:ad:32:68:78:2c:44:c0:f6:96:e3:72:f6: d2:68:9d:96:6d:6b:c8:62:86:41:02:5d:ac:20:01:dc:01:36: 64:e2:81:f7:00:ca:bc:3e:a4:46:ac:df:fc:a2:57:f2:b9:3d: 2b:6d:81:66:de:3e:6c:5b:da:21:ee:89:8d:48:4f:e5:dd:b5: 6d:6d:77:dd:79:26:92:96:e2:c0:64:85:57:ee:5f:54:f4:97: fc:0e:96:97:d4:b2:f9:3f:9a:68:54:f9:fa:25:2d:05:34:31: 3e:dc:73:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP7/PxnOgqfRlw9gXcHxkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhNjk4YTE0ZmI2MWE2ODdhZjBhNjNmN2M2NTVjMDAxZjY3 MDEyODIwHhcNMjUxMjA2MDYwMDU1WhcNMjUxMjA3MDYwMDU1WjAzMTEwLwYDVQQD EyhhMzI1ZmZmNjNhYzRjMDIyODNkNGU5NjYyYTY2NjMyMTVkYzJkZGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3/qjBHxyo8GigBX6x2OS+3mBa7p 3Om5oufpmH3kuFUF+o0ta8S5nXXy5oCi/YV3cPiCa1xSL/hz2Tmjr/qZ2W0GtG8j 7wN21RrNj6RK2CZvGeG1s0P4AH6TAzDZj9Fw4WorXntA00/m/eiunJChNEv737+F itvXaSH6yxGV4L5QmJlucqTv7RM1S+J80IzCQWqq6WdIDvmOoBo03GTxWiJS1L3Q WaW8ulzSe7QPl9wnWffvVzKYG4Fzbz+TURF8EuW39p1eLB0hKH2xkpygsDs5fpYI MDLURGbztCWVUptIoeFSjkYm/txatb4AAZX8jcdNmSdciPwpbIdTabPRcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKMl//Y6xMAig9TpZipmYyFdwt3JMB8GA1UdIwQY MBaAFIppihT7YaaHrwpj98ZVwAH2cBKCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQt MjE4Mjg5ZDgxYzUzLzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQtMjE4Mjg5ZDgxYzUz LzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATxfW8UPQ 9KfJ73ASJOd4baXnzMvu5R13jc7atHlPyvxHna4PPQxKlV4p+LwyAOA3HNaIgiLV ogfLmd5CK5UDiI1pEjDyM9L8r9/NLee42fTLazE/o4Nqd694d4KdTo+6wK8KjKZI +DeC+8UIBuc9oTHMtP1Ssx3dgqim6AIg2sFfOF07QylLUZRg0bYv6wY3ZYQH9156 rTJoeCxEwPaW43L20midlm1ryGKGQQJdrCAB3AE2ZOKB9wDKvD6kRqzf/KJX8rk9 K22BZt4+bFvaIe6JjUhP5d21bW133XkmkpbiwGSFV+5fVPSX/A6Wl9Sy+T+aaFT5 +iUtBTQxPtxz8w== -----END CERTIFICATE-----Generated at Sat Dec 6 15:07:32 2025 by rpki-client