This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft File: iGbk-cPITtuUl18HHNhwfDgzqIY.mft (raw, json) Hash identifier: XtuXZlochC5LxSYvn3c82n7XyZDO+PdxFxiCTe/h6P0= Subject key identifier: 1B:1B:EC:E3:DB:07:9B:31:D5:E6:41:D4:96:BE:37:DF:83:B5:AC:41 Authority key identifier: 88:66:E4:F9:C3:C8:4E:DB:94:97:5F:07:1C:D8:70:7C:38:33:A8:86 Certificate issuer: /CN=8866e4f9c3c84edb94975f071cd8707c3833a886 Certificate serial: 019AF209889C77F198EAE17B47F09AA39C61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGbk-cPITtuUl18HHNhwfDgzqIY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft Manifest number: 2B Signing time: Sat 06 Dec 2025 05:01:42 +0000 Manifest this update: Sat 06 Dec 2025 05:01:42 +0000 Manifest next update: Sun 07 Dec 2025 05:01:42 +0000 Files and hashes: 1: iGbk-cPITtuUl18HHNhwfDgzqIY.crl (hash: VYsEKul6gd1A1nDJJ9k5TZ1kL7/dMVBRLtBiuag1Shk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft rsync://rpki.ripe.net/repository/DEFAULT/iGbk-cPITtuUl18HHNhwfDgzqIY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:88:9c:77:f1:98:ea:e1:7b:47:f0:9a:a3:9c:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8866e4f9c3c84edb94975f071cd8707c3833a886 Validity Not Before: Dec 6 05:01:42 2025 GMT Not After : Dec 7 05:01:42 2025 GMT Subject: CN=1b1bece3db079b31d5e641d496be37df83b5ac41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:0a:62:8e:d2:e5:9a:b9:e0:57:f4:ed:51:d7: 45:26:78:ab:d4:be:7d:c1:c9:28:e1:54:05:27:f0: 73:f6:a9:70:5e:6c:30:0a:33:2f:3b:24:2a:fe:80: 4a:ad:93:78:f8:b5:2d:cf:ab:b1:1c:b8:32:a3:b9: 22:40:5d:2e:34:60:06:92:0e:b5:97:21:44:f6:f4: aa:2c:d5:93:d9:c4:fc:57:fa:91:11:91:c6:a2:8f: 8a:fa:d5:4f:78:88:bb:dc:fb:47:c5:ec:42:71:95: 2d:dc:39:bf:76:a2:3f:a6:eb:96:f6:ae:1b:68:ec: 0c:27:11:21:25:dc:d0:05:eb:d1:fe:e3:ad:a5:d7: 7b:63:62:71:4f:30:3c:94:09:a1:e9:7f:fc:ec:6a: 97:b2:98:8b:c2:07:3f:e1:75:55:90:71:b8:f7:be: 19:e5:e0:76:c2:e4:ea:9c:58:8f:c6:d3:83:dc:a7: cb:54:37:6d:bc:c3:d4:4b:e5:ee:07:07:4b:15:3a: 32:d5:e8:16:cc:86:60:72:5c:25:7e:7d:ce:c0:f0: 93:cb:4d:5b:3a:e2:f7:34:a1:ec:f5:b6:28:67:96: f3:d3:cd:27:d4:7d:90:a0:06:34:e3:fd:9a:d4:89: 17:6c:e1:05:5e:c4:d1:ac:d9:45:33:c2:be:b9:92: 10:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:1B:EC:E3:DB:07:9B:31:D5:E6:41:D4:96:BE:37:DF:83:B5:AC:41 X509v3 Authority Key Identifier: keyid:88:66:E4:F9:C3:C8:4E:DB:94:97:5F:07:1C:D8:70:7C:38:33:A8:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGbk-cPITtuUl18HHNhwfDgzqIY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0b71c-6f38-4588-b4ea-3dff55deebb9/1/iGbk-cPITtuUl18HHNhwfDgzqIY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:81:f5:19:17:14:62:b7:77:c3:c4:8f:28:4a:8e:1c:24:d5: 07:de:7b:67:2e:e5:e1:05:c6:1a:ed:3a:d7:c2:b6:e3:10:bf: 7b:fb:1d:7b:e6:2e:5f:ea:e6:64:a5:19:28:ac:18:b9:1a:a9: bd:d5:e6:cb:3a:ae:d5:53:70:ab:b8:32:8b:b7:3e:dd:98:53: b0:0c:a6:b5:5e:b6:a2:9c:ac:ea:1e:8b:0e:04:86:bf:22:3b: 07:f0:60:05:5d:fd:23:4f:49:3d:91:52:99:8e:1e:fd:b8:f6: 69:fb:58:83:5a:27:bd:ce:09:43:e2:88:78:fd:49:ec:f4:41: 57:a2:5f:58:e5:4e:92:c9:62:ea:b7:bf:5a:57:a7:a4:7b:32: 52:1e:29:04:fa:81:cb:22:a8:2d:98:0b:f1:5e:0a:50:4a:ec: f0:93:0d:24:3b:47:73:4a:84:09:82:b6:e7:2c:cd:b8:85:34: 1c:6e:2a:23:85:a6:02:4b:d2:ee:c3:ba:2b:03:53:5d:f6:d1: 0a:3b:d4:41:3c:1d:25:f8:a5:74:9f:89:f8:39:af:bf:58:d5: 5b:df:4e:d3:70:3a:2b:a7:7c:79:c8:5e:3a:89:32:86:44:3e: b6:d6:a1:1f:e5:81:18:6f:22:37:33:9d:98:31:9b:15:3f:11: 8c:4c:ed:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCYicd/GY6uF7R/Cao5xhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NjZlNGY5YzNjODRlZGI5NDk3NWYwNzFjZDg3MDdjMzgz M2E4ODYwHhcNMjUxMjA2MDUwMTQyWhcNMjUxMjA3MDUwMTQyWjAzMTEwLwYDVQQD EygxYjFiZWNlM2RiMDc5YjMxZDVlNjQxZDQ5NmJlMzdkZjgzYjVhYzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlApijtLlmrngV/TtUddFJnir1L59 wcko4VQFJ/Bz9qlwXmwwCjMvOyQq/oBKrZN4+LUtz6uxHLgyo7kiQF0uNGAGkg61 lyFE9vSqLNWT2cT8V/qREZHGoo+K+tVPeIi73PtHxexCcZUt3Dm/dqI/puuW9q4b aOwMJxEhJdzQBevR/uOtpdd7Y2JxTzA8lAmh6X/87GqXspiLwgc/4XVVkHG4974Z 5eB2wuTqnFiPxtOD3KfLVDdtvMPUS+XuBwdLFToy1egWzIZgclwlfn3OwPCTy01b OuL3NKHs9bYoZ5bz080n1H2QoAY04/2a1IkXbOEFXsTRrNlFM8K+uZIQnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBsb7OPbB5sx1eZB1Ja+N9+DtaxBMB8GA1UdIwQY MBaAFIhm5PnDyE7blJdfBxzYcHw4M6iGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUdiay1jUElUdHVVbDE4SEhOaHdmRGd6cUlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMGI3MWMtNmYzOC00NTg4LWI0ZWEt M2RmZjU1ZGVlYmI5LzEvaUdiay1jUElUdHVVbDE4SEhOaHdmRGd6cUlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9iMGI3MWMtNmYzOC00NTg4LWI0ZWEtM2RmZjU1ZGVlYmI5 LzEvaUdiay1jUElUdHVVbDE4SEhOaHdmRGd6cUlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoIH1GRcU Yrd3w8SPKEqOHCTVB957Zy7l4QXGGu0618K24xC/e/sde+YuX+rmZKUZKKwYuRqp vdXmyzqu1VNwq7gyi7c+3ZhTsAymtV62opys6h6LDgSGvyI7B/BgBV39I09JPZFS mY4e/bj2aftYg1onvc4JQ+KIeP1J7PRBV6JfWOVOksli6re/WlenpHsyUh4pBPqB yyKoLZgL8V4KUErs8JMNJDtHc0qECYK25yzNuIU0HG4qI4WmAkvS7sO6KwNTXfbR CjvUQTwdJfildJ+J+Dmvv1jVW99O03A6K6d8echeOokyhkQ+ttahH+WBGG8iNzOd mDGbFT8RjEzt/Q== -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:45 2025 by rpki-client