This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft File: iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft (raw, json) Hash identifier: PbtdArk+gKYJXwtg62KmxkwTo6mPtRJLYTVFjCDI1r8= Subject key identifier: CD:72:CA:7A:C2:7F:0C:3B:BB:66:C9:32:FE:13:C8:3F:D3:72:C1:DF Authority key identifier: 89:93:9F:F1:29:3B:7E:22:77:9F:C5:5B:4C:83:F1:3E:52:E9:44:28 Certificate issuer: /CN=89939ff1293b7e22779fc55b4c83f13e52e94428 Certificate serial: 019AF2ADD8EDDBBE80D3B405234B0BD3B6A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft Manifest number: 1738 Signing time: Sat 06 Dec 2025 08:01:10 +0000 Manifest this update: Sat 06 Dec 2025 08:01:10 +0000 Manifest next update: Sun 07 Dec 2025 08:01:10 +0000 Files and hashes: 1: QdF_t5GM6hFZDI7Ycz1kPbhRE0s.roa (hash: gZA+5nFU0e3J+dZOb0p/gBtvIfB/51rVDEOTe4nlfP8=) 2: iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.crl (hash: Tq7thRVwSfYlMipLKV3WL/75/qXVYe12hdpv+aYWcWQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.crl rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft rsync://rpki.ripe.net/repository/DEFAULT/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:d8:ed:db:be:80:d3:b4:05:23:4b:0b:d3:b6:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89939ff1293b7e22779fc55b4c83f13e52e94428 Validity Not Before: Dec 6 08:01:10 2025 GMT Not After : Dec 7 08:01:10 2025 GMT Subject: CN=cd72ca7ac27f0c3bbb66c932fe13c83fd372c1df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:5c:52:76:1d:35:10:27:59:b7:ae:8a:e9:ba: 8c:9c:3d:dc:27:28:4e:f7:50:a3:d6:0b:4e:6f:a3: f3:a2:77:61:32:5a:c1:3e:ac:2d:bb:56:49:d6:b8: 9d:36:bd:29:58:c6:9d:02:16:8c:e9:82:d2:a2:c2: 24:0d:e8:94:82:ea:c4:80:36:15:f1:67:76:bc:62: 3c:4d:56:9e:96:75:cd:76:73:e0:c1:ad:ec:33:7c: ea:4d:fc:3a:0e:85:60:35:91:9b:29:36:83:20:f1: 4e:86:02:8f:24:ad:b6:b7:cf:e3:92:2e:82:bb:98: 3d:b3:1b:cc:dc:73:dc:19:b3:eb:d0:cf:5a:4f:8d: 28:79:20:0a:b9:bd:bc:e7:b5:28:67:25:7d:1f:68: 31:4b:f9:ac:79:2e:60:be:f3:be:3a:92:f5:ec:9b: 58:0d:dd:35:e5:9e:45:9a:d4:7b:48:d4:c9:df:ac: a1:b2:8d:2a:14:ca:3c:e6:19:c0:f9:e3:a0:89:53: de:6c:64:2c:ac:15:6a:4d:4d:72:a5:74:cf:87:0f: a1:eb:05:a9:fe:2e:5b:28:24:e2:68:fd:80:26:23: 7a:82:f8:66:13:bf:96:72:76:cf:65:92:ea:f4:ce: 19:08:96:62:85:5a:c0:c9:7d:27:17:bf:f3:fc:da: 8a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:72:CA:7A:C2:7F:0C:3B:BB:66:C9:32:FE:13:C8:3F:D3:72:C1:DF X509v3 Authority Key Identifier: keyid:89:93:9F:F1:29:3B:7E:22:77:9F:C5:5B:4C:83:F1:3E:52:E9:44:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a10ddf-bb6e-4bb0-beff-0e68000b3537/1/iZOf8Sk7fiJ3n8VbTIPxPlLpRCg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:ca:0e:e3:62:a5:27:fe:7b:d3:aa:54:eb:8b:ee:76:92:f1: 2b:9e:93:8f:65:ae:3f:b7:7d:d8:2c:0e:1e:2c:6f:f9:80:b5: 4f:50:e6:e2:04:10:87:75:4e:13:ee:1f:97:73:ea:b2:af:bb: a9:49:09:97:0b:e8:ab:16:94:e7:8d:d8:a4:44:a2:9b:3b:3c: 8f:df:0d:a4:f0:26:9b:83:b8:6e:d6:9e:55:fa:46:a8:36:50: 25:a2:53:7d:0b:84:ce:c6:e3:0a:70:22:dd:dd:77:0e:32:c7: 7f:3c:da:14:09:3f:90:75:4b:cf:3a:a4:1f:e9:32:00:76:a4: 7a:f6:e9:28:e3:45:08:30:d4:c1:1a:c9:b0:80:1f:75:ae:9f: ca:9c:19:85:9b:17:02:df:93:45:c5:c8:e2:70:7b:3c:02:82: 45:5d:01:5e:58:c5:16:bc:9b:11:c0:5d:3b:95:5a:62:d9:04: 77:e5:df:bd:40:17:ea:e3:31:1c:2f:30:39:da:52:b7:c6:5d: 37:b4:43:fa:db:f2:71:ae:4c:ff:5d:02:af:4b:63:5d:4d:81: 00:8b:c8:6e:74:71:a5:fa:24:b1:61:4a:a7:4c:d8:c8:3c:84: 9d:d9:e8:0a:d9:0e:8e:ec:d2:a7:8b:d3:ee:06:c4:4a:79:10: 3b:aa:c3:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrdjt276A07QFI0sL07ahMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5OTM5ZmYxMjkzYjdlMjI3NzlmYzU1YjRjODNmMTNlNTJl OTQ0MjgwHhcNMjUxMjA2MDgwMTEwWhcNMjUxMjA3MDgwMTEwWjAzMTEwLwYDVQQD EyhjZDcyY2E3YWMyN2YwYzNiYmI2NmM5MzJmZTEzYzgzZmQzNzJjMWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FxSdh01ECdZt66K6bqMnD3cJyhO 91Cj1gtOb6PzondhMlrBPqwtu1ZJ1ridNr0pWMadAhaM6YLSosIkDeiUgurEgDYV 8Wd2vGI8TVaelnXNdnPgwa3sM3zqTfw6DoVgNZGbKTaDIPFOhgKPJK22t8/jki6C u5g9sxvM3HPcGbPr0M9aT40oeSAKub2857UoZyV9H2gxS/mseS5gvvO+OpL17JtY Dd015Z5FmtR7SNTJ36yhso0qFMo85hnA+eOgiVPebGQsrBVqTU1ypXTPhw+h6wWp /i5bKCTiaP2AJiN6gvhmE7+WcnbPZZLq9M4ZCJZihVrAyX0nF7/z/NqKuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM1yynrCfww7u2bJMv4TyD/TcsHfMB8GA1UdIwQY MBaAFImTn/EpO34id5/FW0yD8T5S6UQoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVpPZjhTazdmaUozbjhWYlRJUHhQbExwUkNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMTBkZGYtYmI2ZS00YmIwLWJlZmYt MGU2ODAwMGIzNTM3LzEvaVpPZjhTazdmaUozbjhWYlRJUHhQbExwUkNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9hMTBkZGYtYmI2ZS00YmIwLWJlZmYtMGU2ODAwMGIzNTM3 LzEvaVpPZjhTazdmaUozbjhWYlRJUHhQbExwUkNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATcoO42Kl J/5706pU64vudpLxK56Tj2WuP7d92CwOHixv+YC1T1Dm4gQQh3VOE+4fl3Pqsq+7 qUkJlwvoqxaU543YpESimzs8j98NpPAmm4O4btaeVfpGqDZQJaJTfQuEzsbjCnAi 3d13DjLHfzzaFAk/kHVLzzqkH+kyAHakevbpKONFCDDUwRrJsIAfda6fypwZhZsX At+TRcXI4nB7PAKCRV0BXljFFrybEcBdO5VaYtkEd+XfvUAX6uMxHC8wOdpSt8Zd N7RD+tvyca5M/10Cr0tjXU2BAIvIbnRxpfoksWFKp0zYyDyEndnoCtkOjuzSp4vT 7gbESnkQO6rDxw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:07:00 2025 by rpki-client