This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft File: IhQgnik48W3KWTVwH6aG2Q_De54.mft (raw, json) Hash identifier: Vq/uq+lDOv46pnpItDfWL4URH8zw3vW/gCgdkXsWyBk= Subject key identifier: B1:FA:65:96:12:34:21:AD:74:16:77:3F:89:E3:83:E0:D1:EB:E8:91 Authority key identifier: 22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E Certificate issuer: /CN=2214209e2938f16dca5935701fa686d90fc37b9e Certificate serial: 019AF31CC134C96660162C52C61882BEB5D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft Manifest number: 05EE Signing time: Sat 06 Dec 2025 10:02:19 +0000 Manifest this update: Sat 06 Dec 2025 10:02:19 +0000 Manifest next update: Sun 07 Dec 2025 10:02:19 +0000 Files and hashes: 1: IhQgnik48W3KWTVwH6aG2Q_De54.crl (hash: Qz4bGAsIvV+9sTkRft8hVDHER8sEsKrk5D1DzK4dSUA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:c1:34:c9:66:60:16:2c:52:c6:18:82:be:b5:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2214209e2938f16dca5935701fa686d90fc37b9e Validity Not Before: Dec 6 10:02:19 2025 GMT Not After : Dec 7 10:02:19 2025 GMT Subject: CN=b1fa6596123421ad7416773f89e383e0d1ebe891 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:77:a5:1b:91:52:f0:ee:02:ef:47:b2:1c:cf: 0f:5f:44:0f:95:f5:6f:e5:f1:b3:34:4d:6b:0a:62: f7:e7:e1:bd:17:28:56:79:50:1e:1a:b6:b6:3c:e2: 60:37:e4:cc:5e:f5:c8:60:31:31:f4:42:97:87:54: 1e:0d:be:5c:1d:bc:c0:fb:96:d2:d3:85:79:66:e5: 12:03:85:83:9a:c7:47:17:53:62:67:fc:58:1d:47: 19:19:41:12:b9:82:de:3c:5e:50:69:42:5c:31:f4: 80:76:e4:2a:1f:e2:bf:20:6b:b5:14:4d:4a:7b:36: c4:58:0c:3a:b3:e6:b4:0b:0f:c6:bc:48:c4:c3:2f: 7d:8d:d7:28:f9:33:c6:8a:30:d5:39:e4:cb:de:dc: 66:c4:30:bf:c9:4a:cc:08:1c:d6:7d:c3:50:bc:c9: 7d:ee:b1:5a:96:14:0b:c6:54:0a:19:e3:7f:2a:1f: bb:be:bb:c2:11:e7:0d:d4:f0:81:dc:bc:d4:83:26: 60:9b:46:dd:6d:d0:18:20:00:b2:6a:52:ce:e7:8b: 23:00:63:84:f5:eb:0d:ef:d0:7d:2e:03:fe:f7:97: 54:1f:b9:47:7a:ee:5a:99:15:2c:28:99:55:4c:71: 92:aa:3f:b2:24:4f:4c:d8:13:10:9b:d8:04:48:0f: 1b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:FA:65:96:12:34:21:AD:74:16:77:3F:89:E3:83:E0:D1:EB:E8:91 X509v3 Authority Key Identifier: keyid:22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:a5:ae:03:2a:91:2a:dc:99:9f:9d:be:24:63:75:0a:02:16: d0:2c:c9:73:a4:f3:00:e6:09:50:5c:ab:ad:f3:61:fe:e3:0c: 37:69:10:18:24:13:df:94:bd:7d:33:8d:1b:61:96:5f:bc:37: 14:31:72:e4:6c:73:c2:25:2e:3f:14:0a:63:99:7f:3d:80:1e: 63:57:13:e9:6e:cd:1e:90:f3:42:17:29:e5:6d:d7:b4:9d:61: f0:e0:84:75:30:92:a9:f2:57:60:e8:43:e4:2e:3f:8d:1f:40: bf:e2:00:f0:d4:cc:1f:2a:dd:ba:0a:12:66:a5:38:22:d5:38: 9c:64:cd:84:f2:91:82:31:69:3c:d8:86:80:0e:34:46:8a:4e: c4:b5:9f:30:22:3f:dd:aa:f9:b7:2a:89:17:51:36:c0:ab:76: d3:13:5d:4d:e1:d5:de:7c:43:24:ae:38:23:35:c5:c7:c6:c9: 88:0b:21:58:e7:b6:36:c1:ef:56:2e:1c:05:65:7c:08:db:81: c2:fb:0e:a8:28:f0:ae:36:84:c1:a4:b4:fd:78:db:34:ef:fc: 4c:08:d4:56:88:52:05:ff:6a:f4:c9:f1:52:e3:55:b1:9b:c1: 05:b5:22:5c:9f:9a:b7:b7:3d:58:7a:35:4f:14:67:5b:63:c4: f5:5a:4b:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHME0yWZgFixSxhiCvrXZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMTQyMDllMjkzOGYxNmRjYTU5MzU3MDFmYTY4NmQ5MGZj MzdiOWUwHhcNMjUxMjA2MTAwMjE5WhcNMjUxMjA3MTAwMjE5WjAzMTEwLwYDVQQD EyhiMWZhNjU5NjEyMzQyMWFkNzQxNjc3M2Y4OWUzODNlMGQxZWJlODkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XelG5FS8O4C70eyHM8PX0QPlfVv 5fGzNE1rCmL35+G9FyhWeVAeGra2POJgN+TMXvXIYDEx9EKXh1QeDb5cHbzA+5bS 04V5ZuUSA4WDmsdHF1NiZ/xYHUcZGUESuYLePF5QaUJcMfSAduQqH+K/IGu1FE1K ezbEWAw6s+a0Cw/GvEjEwy99jdco+TPGijDVOeTL3txmxDC/yUrMCBzWfcNQvMl9 7rFalhQLxlQKGeN/Kh+7vrvCEecN1PCB3LzUgyZgm0bdbdAYIACyalLO54sjAGOE 9esN79B9LgP+95dUH7lHeu5amRUsKJlVTHGSqj+yJE9M2BMQm9gESA8baQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLH6ZZYSNCGtdBZ3P4njg+DR6+iRMB8GA1UdIwQY MBaAFCIUIJ4pOPFtylk1cB+mhtkPw3ueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQt NGFkZDM5M2E3MjNlLzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQtNGFkZDM5M2E3MjNl LzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaqWuAyqR KtyZn52+JGN1CgIW0CzJc6TzAOYJUFyrrfNh/uMMN2kQGCQT35S9fTONG2GWX7w3 FDFy5GxzwiUuPxQKY5l/PYAeY1cT6W7NHpDzQhcp5W3XtJ1h8OCEdTCSqfJXYOhD 5C4/jR9Av+IA8NTMHyrdugoSZqU4ItU4nGTNhPKRgjFpPNiGgA40RopOxLWfMCI/ 3ar5tyqJF1E2wKt20xNdTeHV3nxDJK44IzXFx8bJiAshWOe2NsHvVi4cBWV8CNuB wvsOqCjwrjaEwaS0/XjbNO/8TAjUVohSBf9q9MnxUuNVsZvBBbUiXJ+at7c9WHo1 TxRnW2PE9VpL4g== -----END CERTIFICATE-----Generated at Sat Dec 6 18:51:59 2025 by rpki-client