This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/4e5d08-4267-4c78-862b-0cb562f98a52/1/IZah91DmPqz2d_fz533CxKLGyAk.mft File: IZah91DmPqz2d_fz533CxKLGyAk.mft (raw, json) Hash identifier: /F58OpB6ow+OaMLrZqGze7izmWTt14tPB1jtUGlPIQA= Subject key identifier: 02:52:BF:37:DC:2E:9D:43:9A:61:9A:0A:C8:BF:A9:93:CB:73:56:60 Authority key identifier: 21:96:A1:F7:50:E6:3E:AC:F6:77:F7:F3:E7:7D:C2:C4:A2:C6:C8:09 Certificate issuer: /CN=2196a1f750e63eacf677f7f3e77dc2c4a2c6c809 Certificate serial: 019AF19B903D1995D88A75F1AC5D3A6D2ADE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZah91DmPqz2d_fz533CxKLGyAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/4e5d08-4267-4c78-862b-0cb562f98a52/1/IZah91DmPqz2d_fz533CxKLGyAk.mft Manifest number: 4E Signing time: Sat 06 Dec 2025 03:01:35 +0000 Manifest this update: Sat 06 Dec 2025 03:01:35 +0000 Manifest next update: Sun 07 Dec 2025 03:01:35 +0000 Files and hashes: 1: IZah91DmPqz2d_fz533CxKLGyAk.crl (hash: 7a+2tEDtOCYvWfMoiE2K5Lfcls5Tk/GakuNBWg+x4R0=) 2: knngGI39I0NVgBPG_Lf0q4HKJ1c.roa (hash: /q0F4K5neo5vF0JOJMy5NS7gJ83gwtGXNrG1p1CvIqQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/4e5d08-4267-4c78-862b-0cb562f98a52/1/IZah91DmPqz2d_fz533CxKLGyAk.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/4e5d08-4267-4c78-862b-0cb562f98a52/1/IZah91DmPqz2d_fz533CxKLGyAk.mft rsync://rpki.ripe.net/repository/DEFAULT/IZah91DmPqz2d_fz533CxKLGyAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:90:3d:19:95:d8:8a:75:f1:ac:5d:3a:6d:2a:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2196a1f750e63eacf677f7f3e77dc2c4a2c6c809 Validity Not Before: Dec 6 03:01:35 2025 GMT Not After : Dec 7 03:01:35 2025 GMT Subject: CN=0252bf37dc2e9d439a619a0ac8bfa993cb735660 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b9:37:b8:f6:b6:43:08:c1:0c:87:f1:1f:6a: 5e:6f:97:9f:80:9d:99:85:ec:5b:34:ed:5d:13:c2: ff:b9:a2:7c:a3:f7:30:e0:7a:b7:44:0d:24:97:59: 38:6b:53:d9:9a:91:40:cd:3f:7d:3d:8c:2d:a0:c9: ae:7d:41:f9:a3:7f:dc:b9:73:9e:78:10:48:85:c9: 42:1f:94:e5:9b:fd:12:7a:e4:d2:f8:a3:00:63:81: df:0c:a9:40:2e:0b:01:1b:c6:4f:f6:08:98:1b:53: 61:1d:d0:60:34:76:72:09:9d:ff:75:f3:ba:f7:de: 72:96:df:fa:48:dd:da:d7:7d:5c:fb:d4:69:7a:22: 24:43:a6:ff:35:ca:bd:21:54:53:9b:df:96:3f:26: fd:26:8c:5a:34:af:79:68:39:2e:34:f9:26:59:39: ff:49:e5:8a:0a:bc:41:c4:1a:3f:c2:92:87:32:2f: e9:b8:f3:09:49:e2:8b:e7:1d:b1:d9:3e:b0:7c:3f: 68:93:48:12:7d:5c:15:6f:39:d9:a1:22:9e:75:16: f0:d5:bf:3c:8d:ba:a7:23:cd:e2:b6:95:c4:0d:55: cf:f8:a8:76:dc:4b:9a:89:45:bb:1a:7a:c9:f8:cc: 16:cd:ad:ae:71:46:79:ab:56:f6:01:c6:d1:3a:e5: 54:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:52:BF:37:DC:2E:9D:43:9A:61:9A:0A:C8:BF:A9:93:CB:73:56:60 X509v3 Authority Key Identifier: keyid:21:96:A1:F7:50:E6:3E:AC:F6:77:F7:F3:E7:7D:C2:C4:A2:C6:C8:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZah91DmPqz2d_fz533CxKLGyAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4e5d08-4267-4c78-862b-0cb562f98a52/1/IZah91DmPqz2d_fz533CxKLGyAk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4e5d08-4267-4c78-862b-0cb562f98a52/1/IZah91DmPqz2d_fz533CxKLGyAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:d9:a8:ca:f9:79:8a:df:86:e4:ff:d3:28:6e:68:33:a9:9d: 36:b8:07:9a:b0:45:31:af:dc:38:c7:1e:2c:c1:e9:a4:e9:f5: d2:d8:c6:18:bf:b9:7a:37:e7:29:97:e7:da:35:7e:13:8e:b4: 9e:5c:22:94:8f:09:11:79:f8:ae:7d:41:f5:fc:c9:6c:00:53: ed:a0:f2:53:d4:f1:dd:33:b1:6c:e2:86:d7:e6:56:0c:f2:92: 2b:0e:c3:cb:44:42:08:72:04:54:dc:2b:f2:73:84:cd:dc:2c: 25:03:4e:89:9d:0e:02:82:08:f7:8d:f6:4d:a0:f2:16:ef:a0: 23:2e:a7:3c:d9:50:95:62:29:b9:99:88:d6:54:4a:80:83:ed: b5:34:8e:b1:87:eb:c5:bb:02:3f:34:ee:d7:83:e8:e3:45:1c: f7:09:36:09:6c:48:42:ff:ca:0b:62:b3:e5:37:bd:7f:19:56: e7:9b:6e:64:68:17:b3:3e:de:8e:cf:c7:05:7f:c2:7e:67:81: 1d:52:25:b3:0a:56:20:f9:5a:c2:6c:da:77:d1:27:be:4e:3d: 88:35:84:53:a7:af:2d:13:0c:0d:77:9c:78:40:d0:50:6d:97: cc:d6:73:50:ad:ac:58:ad:36:10:bd:b4:37:57:87:df:a9:c9: 9f:69:ba:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm5A9GZXYinXxrF06bSreMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxOTZhMWY3NTBlNjNlYWNmNjc3ZjdmM2U3N2RjMmM0YTJj NmM4MDkwHhcNMjUxMjA2MDMwMTM1WhcNMjUxMjA3MDMwMTM1WjAzMTEwLwYDVQQD EygwMjUyYmYzN2RjMmU5ZDQzOWE2MTlhMGFjOGJmYTk5M2NiNzM1NjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27k3uPa2QwjBDIfxH2peb5efgJ2Z hexbNO1dE8L/uaJ8o/cw4Hq3RA0kl1k4a1PZmpFAzT99PYwtoMmufUH5o3/cuXOe eBBIhclCH5Tlm/0SeuTS+KMAY4HfDKlALgsBG8ZP9giYG1NhHdBgNHZyCZ3/dfO6 995ylt/6SN3a131c+9RpeiIkQ6b/Ncq9IVRTm9+WPyb9JoxaNK95aDkuNPkmWTn/ SeWKCrxBxBo/wpKHMi/puPMJSeKL5x2x2T6wfD9ok0gSfVwVbznZoSKedRbw1b88 jbqnI83itpXEDVXP+Kh23EuaiUW7GnrJ+MwWza2ucUZ5q1b2AcbROuVUHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAJSvzfcLp1DmmGaCsi/qZPLc1ZgMB8GA1UdIwQY MBaAFCGWofdQ5j6s9nf38+d9wsSixsgJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVphaDkxRG1QcXoyZF9mejUzM0N4S0xHeUFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80ZTVkMDgtNDI2Ny00Yzc4LTg2MmIt MGNiNTYyZjk4YTUyLzEvSVphaDkxRG1QcXoyZF9mejUzM0N4S0xHeUFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC80ZTVkMDgtNDI2Ny00Yzc4LTg2MmItMGNiNTYyZjk4YTUy LzEvSVphaDkxRG1QcXoyZF9mejUzM0N4S0xHeUFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAatmoyvl5 it+G5P/TKG5oM6mdNrgHmrBFMa/cOMceLMHppOn10tjGGL+5ejfnKZfn2jV+E460 nlwilI8JEXn4rn1B9fzJbABT7aDyU9Tx3TOxbOKG1+ZWDPKSKw7Dy0RCCHIEVNwr 8nOEzdwsJQNOiZ0OAoII9432TaDyFu+gIy6nPNlQlWIpuZmI1lRKgIPttTSOsYfr xbsCPzTu14Po40Uc9wk2CWxIQv/KC2Kz5Te9fxlW55tuZGgXsz7ejs/HBX/CfmeB HVIlswpWIPlawmzad9Envk49iDWEU6evLRMMDXeceEDQUG2XzNZzUK2sWK02EL20 N1eH36nJn2m6Mw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:50:32 2025 by rpki-client