This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft File: i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json) Hash identifier: SaxiGKK1wyalyaFS7ddxGgTC3W9CC4Uu48DjDGQfUmA= Subject key identifier: 96:02:72:D9:07:1E:70:25:28:78:D6:27:F5:7D:2C:E0:6C:8C:CD:B3 Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71 Certificate issuer: /CN=8b8801543812040477d4744229466c8537d45171 Certificate serial: 019B3B347457FF7BC2DC10A2EBB00F93AD5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft Manifest number: 0ED0 Signing time: Sat 20 Dec 2025 10:00:51 +0000 Manifest this update: Sat 20 Dec 2025 10:00:51 +0000 Manifest next update: Sun 21 Dec 2025 10:00:51 +0000 Files and hashes: 1: CDrnNbtJLaCL50xwnqrzUWhQ_9k.roa (hash: xkyChTjHPfmap3pEfIzmPahUIANDsQxEAOedvER2SvU=) 2: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: 6BBSulMgFX8vKSqDc28g59MxPvYVVkDvO2YUR6m/geQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:74:57:ff:7b:c2:dc:10:a2:eb:b0:0f:93:ad:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b8801543812040477d4744229466c8537d45171 Validity Not Before: Dec 20 10:00:51 2025 GMT Not After : Dec 21 10:00:51 2025 GMT Subject: CN=960272d9071e70252878d627f57d2ce06c8ccdb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a3:d8:d1:6e:93:6b:47:83:3c:61:24:02:6e: e9:d0:2c:7c:28:94:d2:43:77:96:4d:09:12:ab:65: 5e:05:b1:af:50:55:67:ff:07:68:75:62:76:2f:f0: e6:e5:90:fb:8f:a8:8b:19:96:40:8a:83:93:a7:24: ac:c3:14:0c:7b:5f:d5:fd:6c:15:d7:0a:89:21:3d: ff:33:73:ee:02:00:9a:76:b8:6f:e4:34:8d:43:a5: 1f:e4:65:49:1d:98:7b:7d:97:2f:05:92:6e:f6:af: d7:40:09:b1:7c:7d:56:3c:b5:de:b9:2d:d9:df:7f: 1b:87:8a:c2:8d:f7:22:6f:63:67:18:ce:3f:ed:03: 33:5a:dc:2a:e4:06:be:70:1f:94:a3:16:57:71:83: d3:a8:65:79:93:d3:26:d1:0d:83:3d:86:67:1d:1a: 8a:38:48:72:2d:c7:e4:66:ea:8d:f1:d1:0c:94:fb: a4:1e:09:36:41:5a:59:75:10:82:b2:95:c4:f7:10: 26:4b:9d:1a:96:17:51:c6:e1:6c:12:cd:51:4b:38: 3d:cd:f1:49:1a:81:7c:c6:5e:d2:58:73:47:00:6e: 76:48:fd:88:2d:31:24:11:97:f0:21:32:52:d5:0d: 47:f2:d1:d7:24:b5:fc:25:e0:38:ac:46:ad:40:e4: 0c:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:02:72:D9:07:1E:70:25:28:78:D6:27:F5:7D:2C:E0:6C:8C:CD:B3 X509v3 Authority Key Identifier: keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:eb:14:17:ad:23:b2:e0:9a:cc:22:3d:42:e9:d7:7f:fa:dd: 91:47:76:02:f0:f4:10:15:85:91:28:5e:31:93:e1:26:f0:d7: fe:9a:01:07:9d:f4:2d:61:30:ce:23:29:90:38:e0:d7:4a:d7: ba:49:7e:97:fa:4a:e0:ce:49:e4:39:c4:11:b2:d5:36:5c:a8: c1:da:37:3c:47:5d:c8:7f:1b:e2:79:94:96:13:b3:83:31:89: d7:30:44:3e:8c:61:06:c1:a2:b1:43:68:b0:6e:22:f5:e2:b2: 11:3c:61:cb:26:00:98:85:32:40:ca:35:36:69:09:21:26:82: c0:07:7a:39:45:e4:f5:a3:c3:f1:f2:07:1c:8e:0d:bf:89:3e: 19:ed:66:51:bd:7d:d0:12:42:f6:4c:14:6e:47:aa:cb:99:50: a9:a6:1a:b8:8d:ce:76:7b:28:7f:70:1b:ce:a3:43:02:3b:f1: 17:ae:b3:9c:d3:b5:1e:1a:90:9f:d5:be:5f:08:33:57:a3:86: 32:51:ab:90:05:14:c7:52:7f:a9:84:38:f0:90:b2:42:a1:1c: a2:56:80:3f:74:1f:a4:50:84:af:c8:c5:e3:0a:07:c3:08:54: 35:c9:40:11:c1:4b:54:5b:cf:f2:38:e9:47:ab:d0:52:99:c0: d5:ad:3b:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NHRX/3vC3BCi67APk61dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk NDUxNzEwHhcNMjUxMjIwMTAwMDUxWhcNMjUxMjIxMTAwMDUxWjAzMTEwLwYDVQQD Eyg5NjAyNzJkOTA3MWU3MDI1Mjg3OGQ2MjdmNTdkMmNlMDZjOGNjZGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqPY0W6Ta0eDPGEkAm7p0Cx8KJTS Q3eWTQkSq2VeBbGvUFVn/wdodWJ2L/Dm5ZD7j6iLGZZAioOTpySswxQMe1/V/WwV 1wqJIT3/M3PuAgCadrhv5DSNQ6Uf5GVJHZh7fZcvBZJu9q/XQAmxfH1WPLXeuS3Z 338bh4rCjfcib2NnGM4/7QMzWtwq5Aa+cB+UoxZXcYPTqGV5k9Mm0Q2DPYZnHRqK OEhyLcfkZuqN8dEMlPukHgk2QVpZdRCCspXE9xAmS50alhdRxuFsEs1RSzg9zfFJ GoF8xl7SWHNHAG52SP2ILTEkEZfwITJS1Q1H8tHXJLX8JeA4rEatQOQMRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJYCctkHHnAlKHjWJ/V9LOBsjM2zMB8GA1UdIwQY MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtesUF60j suCazCI9QunXf/rdkUd2AvD0EBWFkSheMZPhJvDX/poBB530LWEwziMpkDjg10rX ukl+l/pK4M5J5DnEEbLVNlyowdo3PEddyH8b4nmUlhOzgzGJ1zBEPoxhBsGisUNo sG4i9eKyETxhyyYAmIUyQMo1NmkJISaCwAd6OUXk9aPD8fIHHI4Nv4k+Ge1mUb19 0BJC9kwUbkeqy5lQqaYauI3Odnsof3AbzqNDAjvxF66znNO1HhqQn9W+XwgzV6OG MlGrkAUUx1J/qYQ48JCyQqEcolaAP3QfpFCEr8jF4woHwwhUNclAEcFLVFvP8jjp R6vQUpnA1a07zQ== -----END CERTIFICATE-----Generated at Sat Dec 20 11:27:00 2025 by rpki-client