This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft File: I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json) Hash identifier: mgB7/jPK7BkU8OG+6+ZF7GGc87HyUR69nMidOKE3IYg= Subject key identifier: 9E:4E:A2:42:D0:36:91:9D:DB:03:8E:FA:E6:B3:76:CE:21:A7:5D:80 Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0 Certificate issuer: /CN=23f91084058819889a4a8f32ea347759543134f0 Certificate serial: 019AF19AE628CBC87C31DEE43EF1D131619D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 03:00:51 +0000 Manifest this update: Sat 06 Dec 2025 03:00:51 +0000 Manifest next update: Sun 07 Dec 2025 03:00:51 +0000 Files and hashes: 1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: NZyZwmHzeW1C4LMIKnPKxSRgvtIgOoBoHxx4g5DYIFM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:e6:28:cb:c8:7c:31:de:e4:3e:f1:d1:31:61:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23f91084058819889a4a8f32ea347759543134f0 Validity Not Before: Dec 6 03:00:51 2025 GMT Not After : Dec 7 03:00:51 2025 GMT Subject: CN=9e4ea242d036919ddb038efae6b376ce21a75d80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:b0:b9:62:75:ad:b2:3e:59:2b:3a:ef:06:73: 1d:32:4c:32:0f:40:52:c7:f0:43:1a:4b:21:53:e6: 99:b3:da:2a:73:06:a9:aa:21:d8:de:fc:51:fa:34: 9e:24:cc:6c:c0:85:3e:01:29:17:79:0d:3d:38:83: 52:63:90:ee:f8:6d:b7:84:b3:7b:d1:3a:d3:18:da: bd:a8:5b:06:ed:3e:56:20:d5:9f:e5:68:25:be:52: ea:23:fa:d3:f7:1c:cf:dc:5e:1f:71:13:ce:cb:79: e0:2f:02:4d:e2:3e:9d:a6:ed:a8:ec:51:8a:73:d7: 99:3d:b2:c5:89:d7:2e:65:4d:bc:cd:49:58:8c:1d: 80:63:8d:54:37:91:30:83:86:e0:a4:a6:59:8e:af: 8c:e9:f1:02:5b:4b:01:22:d4:92:27:a0:3e:f4:1c: 54:70:1b:34:f0:d4:34:50:be:58:ef:89:16:1d:b7: cc:39:7d:3f:b4:5f:e6:e2:1d:ca:10:81:93:76:fa: 62:e5:eb:77:51:63:62:ad:89:0b:4c:72:63:64:62: 99:74:74:20:a6:de:a8:c0:b6:f6:8b:ce:d9:c4:df: 35:19:9c:43:f4:ee:f6:73:8d:48:b8:0a:1c:0a:a4: 4b:02:32:51:51:fd:ce:c8:ae:00:aa:5f:88:f2:93: f8:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:4E:A2:42:D0:36:91:9D:DB:03:8E:FA:E6:B3:76:CE:21:A7:5D:80 X509v3 Authority Key Identifier: keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:36:93:de:50:cc:c2:41:9b:48:43:21:74:fa:a2:72:91:3d: 5d:f1:b1:96:b7:db:35:00:cb:75:2c:b3:bc:06:e7:bd:25:93: e3:bf:21:02:4d:2b:70:89:4d:9d:2a:1e:dc:e1:c5:7e:db:fe: 1d:5f:af:0b:b3:bc:26:ba:95:d9:71:67:80:27:fe:4e:4e:f2: d2:d5:f0:87:0b:b0:2e:9a:e8:c0:65:b9:e6:b9:b9:1b:b2:72: e7:ca:2b:e7:a4:ed:c2:78:03:32:92:0b:1c:64:88:8d:09:51: fa:ac:ae:46:96:bf:52:f6:36:aa:28:08:4b:a6:97:15:7d:de: c4:2a:07:83:7e:7d:b5:57:fd:09:15:9e:09:df:6d:50:77:98: 42:88:af:08:e9:ff:e2:1d:88:aa:1f:ab:4c:12:ca:2e:94:64: 42:61:b3:56:09:63:b6:40:07:70:58:fa:73:29:9e:b6:98:91: 64:f9:b6:58:ac:e9:8e:16:19:5d:d1:62:8f:14:29:65:66:c2: f8:f8:ad:de:4e:34:92:35:c9:cc:53:d0:34:37:d3:e1:1b:34: 28:a2:b2:02:b9:62:5d:12:8d:23:03:18:76:0a:97:7e:1b:7a: 36:35:24:7e:56:30:67:dc:f4:d3:35:f7:f1:ce:34:2d:54:f8: d0:bf:0b:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmuYoy8h8Md7kPvHRMWGdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz MTM0ZjAwHhcNMjUxMjA2MDMwMDUxWhcNMjUxMjA3MDMwMDUxWjAzMTEwLwYDVQQD Eyg5ZTRlYTI0MmQwMzY5MTlkZGIwMzhlZmFlNmIzNzZjZTIxYTc1ZDgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLC5YnWtsj5ZKzrvBnMdMkwyD0BS x/BDGkshU+aZs9oqcwapqiHY3vxR+jSeJMxswIU+ASkXeQ09OINSY5Du+G23hLN7 0TrTGNq9qFsG7T5WINWf5WglvlLqI/rT9xzP3F4fcRPOy3ngLwJN4j6dpu2o7FGK c9eZPbLFidcuZU28zUlYjB2AY41UN5Ewg4bgpKZZjq+M6fECW0sBItSSJ6A+9BxU cBs08NQ0UL5Y74kWHbfMOX0/tF/m4h3KEIGTdvpi5et3UWNirYkLTHJjZGKZdHQg pt6owLb2i87ZxN81GZxD9O72c41IuAocCqRLAjJRUf3OyK4Aql+I8pP4vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ5OokLQNpGd2wOO+uazds4hp12AMB8GA1UdIwQY MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkjaT3lDM wkGbSEMhdPqicpE9XfGxlrfbNQDLdSyzvAbnvSWT478hAk0rcIlNnSoe3OHFftv+ HV+vC7O8JrqV2XFngCf+Tk7y0tXwhwuwLprowGW55rm5G7Jy58or56TtwngDMpIL HGSIjQlR+qyuRpa/UvY2qigIS6aXFX3exCoHg359tVf9CRWeCd9tUHeYQoivCOn/ 4h2Iqh+rTBLKLpRkQmGzVgljtkAHcFj6cymetpiRZPm2WKzpjhYZXdFijxQpZWbC +Pit3k40kjXJzFPQNDfT4Rs0KKKyArliXRKNIwMYdgqXfht6NjUkflYwZ9z00zX3 8c40LVT40L8LiQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:08:46 2025 by rpki-client