This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft File: I7KazNTA1fX4N36n9GNDt2Brq3w.mft (raw, json) Hash identifier: 2CScRllBPXROYEfDF8x5hV4qxVyV1cgfKv+moHv8uZ0= Subject key identifier: F1:32:D5:FF:08:1A:73:71:B0:A3:B5:52:04:80:9E:65:E9:F2:5C:58 Authority key identifier: 23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C Certificate issuer: /CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c Certificate serial: 019AF19B286F1A7C2D969BBBE598AE13DA4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft Manifest number: 0DDC Signing time: Sat 06 Dec 2025 03:01:08 +0000 Manifest this update: Sat 06 Dec 2025 03:01:08 +0000 Manifest next update: Sun 07 Dec 2025 03:01:08 +0000 Files and hashes: 1: BY3gmYE2jAUAzVYgNkSF1kzgx38.roa (hash: o+T/NGOLnxz7Wv8sLagAUwobjqcsqFCif9O5RgNrbi4=) 2: I7KazNTA1fX4N36n9GNDt2Brq3w.crl (hash: scnOKii789ocmCL/7Pxndv4N8crKVIfd4sPYx0iPxss=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:28:6f:1a:7c:2d:96:9b:bb:e5:98:ae:13:da:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c Validity Not Before: Dec 6 03:01:08 2025 GMT Not After : Dec 7 03:01:08 2025 GMT Subject: CN=f132d5ff081a7371b0a3b55204809e65e9f25c58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f0:50:e9:de:6a:07:e9:ec:3b:24:52:da:5e: e8:4d:20:fa:d0:ad:61:0c:58:7c:53:1d:f9:39:ba: ff:e2:88:a4:d1:ad:09:c5:c5:ee:ee:99:c1:07:45: 78:ff:20:f8:c8:d7:5e:91:2d:e1:e4:8f:31:84:54: fe:b1:cf:49:4d:b7:51:9b:76:58:83:ea:79:d0:9b: 19:ea:da:25:06:d8:95:de:f7:96:38:7f:da:a0:f6: de:df:55:1e:b9:93:cb:c9:28:4b:93:fe:bf:6b:dc: 6a:4e:96:15:b5:43:d3:8f:ca:1a:15:c0:29:36:d3: c4:a9:92:f0:76:f4:3d:04:93:0f:e1:b5:c0:5f:0f: 6a:42:63:90:d9:72:87:72:fb:b4:60:e1:80:bb:c9: 76:09:19:09:19:40:e4:5f:78:88:f0:8f:17:9a:ed: 7b:aa:a9:dd:b6:94:7b:95:60:49:81:17:92:4e:85: d1:5e:21:fb:09:af:56:e0:e6:7a:ad:dc:a0:48:d6: ee:c9:46:2e:a4:aa:b2:62:1b:c5:59:94:c5:1d:47: a3:42:4d:84:07:54:02:e1:41:ad:6c:4c:05:2f:5c: bb:64:c1:01:bf:e0:22:3f:62:2c:4c:5a:e9:38:e2: 8f:c5:dd:27:cd:80:45:4e:aa:0e:50:66:64:72:4c: d7:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:32:D5:FF:08:1A:73:71:B0:A3:B5:52:04:80:9E:65:E9:F2:5C:58 X509v3 Authority Key Identifier: keyid:23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:9f:e2:11:6e:e5:c9:ee:fd:93:85:74:ac:4d:fb:85:f4:7d: 1d:60:2f:f2:64:17:56:97:d3:b8:3f:38:48:33:ee:10:c7:af: 43:42:e5:97:11:09:14:79:69:80:48:b1:a7:47:7c:33:e0:1a: 27:30:88:f7:87:39:06:ab:a5:e3:bc:26:91:24:ce:9c:0b:62: 39:4f:ac:f0:a8:90:c6:32:16:a7:49:cd:9a:dd:95:dc:8f:5a: 7b:72:d0:52:e8:6f:bb:bd:57:79:ca:b2:1f:9e:08:24:76:ea: 9e:08:ac:0a:82:d9:09:29:e9:6a:6a:b5:af:83:9b:a0:7a:b7: d1:13:12:5e:b5:a3:b9:98:bc:32:7f:81:74:9f:9f:59:c8:75: 14:a0:30:87:30:47:31:dd:b8:d8:cf:25:60:20:2d:8b:74:50: e8:53:a8:84:0a:f2:eb:33:1b:2b:d4:9f:96:e5:dc:35:9b:bd: 26:05:d2:44:a0:f6:32:a5:f1:7d:42:84:85:fb:d0:97:95:d9: dd:98:83:eb:bc:22:8d:36:3b:f8:1a:52:de:d1:aa:0b:64:e4: a3:21:68:c3:84:3a:f3:fc:e8:0a:b4:d1:16:e2:33:44:c6:8c: 07:e6:20:96:53:fc:23:fe:64:dd:b9:17:94:2f:16:c5:38:47: e6:55:99:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmyhvGnwtlpu75ZiuE9pNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzYjI5YWNjZDRjMGQ1ZjVmODM3N2VhN2Y0NjM0M2I3NjA2 YmFiN2MwHhcNMjUxMjA2MDMwMTA4WhcNMjUxMjA3MDMwMTA4WjAzMTEwLwYDVQQD EyhmMTMyZDVmZjA4MWE3MzcxYjBhM2I1NTIwNDgwOWU2NWU5ZjI1YzU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/BQ6d5qB+nsOyRS2l7oTSD60K1h DFh8Ux35Obr/4oik0a0JxcXu7pnBB0V4/yD4yNdekS3h5I8xhFT+sc9JTbdRm3ZY g+p50JsZ6tolBtiV3veWOH/aoPbe31UeuZPLyShLk/6/a9xqTpYVtUPTj8oaFcAp NtPEqZLwdvQ9BJMP4bXAXw9qQmOQ2XKHcvu0YOGAu8l2CRkJGUDkX3iI8I8Xmu17 qqndtpR7lWBJgReSToXRXiH7Ca9W4OZ6rdygSNbuyUYupKqyYhvFWZTFHUejQk2E B1QC4UGtbEwFL1y7ZMEBv+AiP2IsTFrpOOKPxd0nzYBFTqoOUGZkckzXrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPEy1f8IGnNxsKO1UgSAnmXp8lxYMB8GA1UdIwQY MBaAFCOymszUwNX1+Dd+p/RjQ7dga6t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAt MTE3NGE0MjgwMzZiLzEvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAtMTE3NGE0MjgwMzZi LzEvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhp/iEW7l ye79k4V0rE37hfR9HWAv8mQXVpfTuD84SDPuEMevQ0LllxEJFHlpgEixp0d8M+Aa JzCI94c5Bqul47wmkSTOnAtiOU+s8KiQxjIWp0nNmt2V3I9ae3LQUuhvu71Xecqy H54IJHbqngisCoLZCSnpamq1r4OboHq30RMSXrWjuZi8Mn+BdJ+fWch1FKAwhzBH Md242M8lYCAti3RQ6FOohAry6zMbK9SfluXcNZu9JgXSRKD2MqXxfUKEhfvQl5XZ 3ZiD67wijTY7+BpS3tGqC2TkoyFow4Q68/zoCrTRFuIzRMaMB+YgllP8I/5k3bkX lC8WxThH5lWZcQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:26:14 2025 by rpki-client