This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft File: iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json) Hash identifier: QyW1V/8SGaL7s3qfCXE3kTdtzraa+Dfnn0cmcJ3RBEw= Subject key identifier: 1B:C5:46:C3:C7:C6:AD:94:BD:77:AF:4E:39:84:57:BC:0D:E5:BA:4E Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE Certificate issuer: /CN=88f75722db25b3723decda5d870df69bf0d865ae Certificate serial: 019AF12D4554051DA526147AB26181D7EA08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft Manifest number: 1159 Signing time: Sat 06 Dec 2025 01:01:07 +0000 Manifest this update: Sat 06 Dec 2025 01:01:07 +0000 Manifest next update: Sun 07 Dec 2025 01:01:07 +0000 Files and hashes: 1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: kdET1orf91Tom9Hel9DDLxfJCtvDG175U+9u6jJRoWY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:45:54:05:1d:a5:26:14:7a:b2:61:81:d7:ea:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae Validity Not Before: Dec 6 01:01:07 2025 GMT Not After : Dec 7 01:01:07 2025 GMT Subject: CN=1bc546c3c7c6ad94bd77af4e398457bc0de5ba4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:88:f5:11:e3:26:a3:6b:e1:cf:c9:34:35:a2: f9:fd:6f:28:42:f6:16:18:3b:f3:88:02:91:cc:4f: c2:3a:ec:9b:b6:c2:61:e4:ea:6c:36:c3:c2:cd:3e: 0d:27:c9:b1:62:23:cc:76:5c:f6:ce:7e:b8:1a:e4: b2:b1:fd:d1:c4:4e:3f:9a:39:2e:bb:2e:36:6f:c0: 8b:42:fb:95:63:dd:83:e5:b6:6a:6c:3a:2a:f0:46: 6d:76:09:c8:18:97:4e:a6:80:67:a5:c9:1f:3b:7f: 46:7d:92:d1:c0:d4:22:9f:d5:0d:fc:63:71:70:1c: 14:83:ac:40:dd:a5:9e:02:51:6b:2b:ba:32:cd:54: dc:59:f9:b7:c4:89:a6:a3:df:bb:a8:17:1d:83:94: 20:7d:73:fa:89:ee:75:ae:d7:53:af:64:d0:00:9a: ea:56:cb:83:d5:49:b7:15:84:23:28:92:8c:7c:06: 12:07:48:9b:00:13:a1:72:b8:cb:a8:1c:06:47:98: 85:00:5f:24:eb:75:da:fc:5c:43:b6:4d:3a:81:74: 19:9e:d8:7d:f4:cf:8f:b0:a4:86:99:ae:ed:28:7e: b5:95:f2:3c:be:bf:ab:a0:cc:e5:07:a0:7d:2e:63: f5:0f:ac:a1:b3:54:e9:40:e3:c9:6e:eb:87:1a:12: ee:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:C5:46:C3:C7:C6:AD:94:BD:77:AF:4E:39:84:57:BC:0D:E5:BA:4E X509v3 Authority Key Identifier: keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:47:4b:df:47:b6:1b:7e:41:15:82:7d:34:62:73:2c:2e:4e: 0a:4d:fa:eb:9d:eb:df:28:7f:59:b0:0f:02:ea:12:48:6e:2d: 83:10:77:70:3d:83:7d:bb:95:a5:48:32:73:85:f0:2e:41:c4: 25:5b:e5:33:4c:b0:dd:f2:ff:e2:d0:a2:a3:e9:78:28:c3:cf: 82:78:d1:85:c6:d6:00:58:6e:db:e4:d6:56:19:31:ee:a5:63: b9:9c:d5:27:e4:94:5d:cb:e9:0a:b6:0c:9f:6f:f5:58:4e:66: 53:15:ee:fe:56:da:d6:18:b5:e0:04:5c:09:e3:98:c7:a3:ed: 67:f5:b2:10:a0:5b:f0:b9:99:ef:f4:e4:63:8c:42:9a:46:85: 59:1d:97:a3:de:9b:6a:f7:55:0d:82:3f:13:0c:6d:fd:89:41: 31:12:43:a5:5d:9b:13:85:93:00:60:c6:e0:12:3c:f9:9b:5e: f3:e9:ca:11:3b:08:1e:aa:34:d4:57:2e:f8:fd:bf:af:02:51: f0:a3:94:e3:44:53:12:69:1a:d5:9a:c4:cc:7d:6d:d3:90:4b: ee:e6:f2:19:27:b8:db:00:4e:62:c0:b1:cd:1f:a3:da:99:7e: ab:70:52:b1:61:0d:04:b2:1d:eb:ca:79:79:56:59:5b:c6:22: 71:18:f1:bd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLUVUBR2lJhR6smGB1+oIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk ODY1YWUwHhcNMjUxMjA2MDEwMTA3WhcNMjUxMjA3MDEwMTA3WjAzMTEwLwYDVQQD EygxYmM1NDZjM2M3YzZhZDk0YmQ3N2FmNGUzOTg0NTdiYzBkZTViYTRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4j1EeMmo2vhz8k0NaL5/W8oQvYW GDvziAKRzE/COuybtsJh5OpsNsPCzT4NJ8mxYiPMdlz2zn64GuSysf3RxE4/mjku uy42b8CLQvuVY92D5bZqbDoq8EZtdgnIGJdOpoBnpckfO39GfZLRwNQin9UN/GNx cBwUg6xA3aWeAlFrK7oyzVTcWfm3xImmo9+7qBcdg5QgfXP6ie51rtdTr2TQAJrq VsuD1Um3FYQjKJKMfAYSB0ibABOhcrjLqBwGR5iFAF8k63Xa/FxDtk06gXQZnth9 9M+PsKSGma7tKH61lfI8vr+roMzlB6B9LmP1D6yhs1TpQOPJbuuHGhLumQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBvFRsPHxq2UvXevTjmEV7wN5bpOMB8GA1UdIwQY MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP0dL30e2 G35BFYJ9NGJzLC5OCk36653r3yh/WbAPAuoSSG4tgxB3cD2DfbuVpUgyc4XwLkHE JVvlM0yw3fL/4tCio+l4KMPPgnjRhcbWAFhu2+TWVhkx7qVjuZzVJ+SUXcvpCrYM n2/1WE5mUxXu/lba1hi14ARcCeOYx6PtZ/WyEKBb8LmZ7/TkY4xCmkaFWR2Xo96b avdVDYI/Ewxt/YlBMRJDpV2bE4WTAGDG4BI8+Zte8+nKETsIHqo01Fcu+P2/rwJR 8KOU40RTEmka1ZrEzH1t05BL7ubyGSe42wBOYsCxzR+j2pl+q3BSsWENBLId68p5 eVZZW8YicRjxvQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:19:37 2025 by rpki-client