This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft File: Igmk3BOlMEp6okvhwXi6QuF5L4U.mft (raw, json) Hash identifier: VklG/EimzTgMio9iBfgbFuNWGiSNsZ48a6c9tSt5jRY= Subject key identifier: F1:04:5D:4E:E8:51:3A:06:C2:ED:EE:D1:A3:CF:50:72:67:74:EF:8C Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85 Certificate issuer: /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85 Certificate serial: 019AF2401C5E877AF9621E23127964A2E6AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft Manifest number: 0346 Signing time: Sat 06 Dec 2025 06:01:19 +0000 Manifest this update: Sat 06 Dec 2025 06:01:19 +0000 Manifest next update: Sun 07 Dec 2025 06:01:19 +0000 Files and hashes: 1: Igmk3BOlMEp6okvhwXi6QuF5L4U.crl (hash: 4OzQp+OQUJpwYQ/lYwHMeEOXUUlB0VZP0VyqlAMLSoU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:1c:5e:87:7a:f9:62:1e:23:12:79:64:a2:e6:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85 Validity Not Before: Dec 6 06:01:19 2025 GMT Not After : Dec 7 06:01:19 2025 GMT Subject: CN=f1045d4ee8513a06c2edeed1a3cf50726774ef8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:9e:ee:5a:a7:0d:b3:46:0b:3e:48:00:b2:f1: 42:cb:21:a3:97:1c:e8:0e:31:a3:5e:23:cb:56:ed: fa:43:26:10:12:aa:2c:66:21:f1:85:6e:a0:51:3e: 9b:31:8e:de:11:ad:a4:a7:56:d8:54:7a:2b:43:b8: 04:43:ad:58:ce:aa:c5:89:b9:0b:e6:ee:86:a2:ad: bc:71:36:34:9e:af:9c:f5:33:fd:75:c8:ea:46:b0: 5f:48:46:69:a2:ed:39:13:1e:72:0f:ba:09:fc:3f: aa:6f:c0:ca:27:cf:47:d7:2c:f3:9c:da:f8:ef:cc: 96:35:c0:00:20:db:92:e7:19:a5:96:46:8d:b1:f7: 6e:66:35:28:54:1f:9f:68:1f:18:17:82:40:4d:4c: 5a:e2:6f:b0:ef:62:95:7e:39:19:33:96:6f:ad:17: 6f:c9:82:b2:d0:e4:72:38:21:4e:09:04:b7:61:87: 27:8c:97:11:59:1b:17:aa:fa:65:8d:9b:59:5b:9c: 61:e9:d7:ca:ff:8f:ec:36:fd:e2:a5:34:fa:75:ff: c8:a6:bb:0b:fa:26:94:53:19:7a:76:5e:6c:45:7e: bc:a9:3a:b5:9d:5b:ae:21:37:0d:2e:5a:45:55:d1: dc:e2:9c:31:7e:b5:fd:0c:89:d6:a8:c5:6e:8a:4c: a8:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:04:5D:4E:E8:51:3A:06:C2:ED:EE:D1:A3:CF:50:72:67:74:EF:8C X509v3 Authority Key Identifier: keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:c6:b2:04:f5:d4:a1:71:3b:b3:cf:d3:bb:09:67:27:16:03: 3a:03:59:64:95:49:80:e2:31:a5:ff:66:4c:8f:b4:7c:bc:0e: 37:ce:75:bc:29:0b:3f:e3:a4:28:42:82:78:cf:a5:38:76:58: e2:9b:35:d3:be:03:50:8f:04:bb:f0:3e:08:71:48:8a:29:6a: d5:f6:60:7b:22:26:52:53:71:f7:d1:62:13:35:17:f8:32:64: 2c:38:25:09:bb:c3:38:73:8a:67:2f:a1:d8:61:81:d6:92:53: 9f:d3:6e:7d:5d:b4:1c:23:10:44:32:fe:af:6d:f2:0a:27:ef: 1b:8d:6f:73:3c:7d:00:1c:71:bb:fe:66:6a:c6:76:bd:d9:67: 72:2c:e7:2d:59:f6:ea:d8:f7:3f:c6:d8:61:8f:ed:ea:0b:31: 9a:5f:15:27:79:c0:7a:f6:e3:99:d2:0d:bd:41:99:83:18:4e: 18:b1:4f:b0:5d:d5:a2:b8:f1:18:30:1a:9e:c1:a6:dd:0f:bc: 3c:b7:8f:d4:bb:21:c6:00:c0:f4:5c:05:61:4c:b4:37:e7:d7: 84:32:a0:d8:a8:40:41:7d:d9:e2:32:bd:fc:b4:c5:2c:38:ab: c3:5a:7c:f0:8f:bd:e8:6e:10:ad:a1:c8:e6:de:48:13:ac:73: 2b:93:1f:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQBxeh3r5Yh4jEnlkouatMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3 OTJmODUwHhcNMjUxMjA2MDYwMTE5WhcNMjUxMjA3MDYwMTE5WjAzMTEwLwYDVQQD EyhmMTA0NWQ0ZWU4NTEzYTA2YzJlZGVlZDFhM2NmNTA3MjY3NzRlZjhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4p7uWqcNs0YLPkgAsvFCyyGjlxzo DjGjXiPLVu36QyYQEqosZiHxhW6gUT6bMY7eEa2kp1bYVHorQ7gEQ61YzqrFibkL 5u6Goq28cTY0nq+c9TP9dcjqRrBfSEZpou05Ex5yD7oJ/D+qb8DKJ89H1yzznNr4 78yWNcAAINuS5xmllkaNsfduZjUoVB+faB8YF4JATUxa4m+w72KVfjkZM5ZvrRdv yYKy0ORyOCFOCQS3YYcnjJcRWRsXqvpljZtZW5xh6dfK/4/sNv3ipTT6df/IprsL +iaUUxl6dl5sRX68qTq1nVuuITcNLlpFVdHc4pwxfrX9DInWqMVuikyoswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPEEXU7oUToGwu3u0aPPUHJndO+MMB8GA1UdIwQY MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt NjhhZmQ0NzQ1MTQ5LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5 LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQMayBPXU oXE7s8/TuwlnJxYDOgNZZJVJgOIxpf9mTI+0fLwON851vCkLP+OkKEKCeM+lOHZY 4ps1074DUI8Eu/A+CHFIiilq1fZgeyImUlNx99FiEzUX+DJkLDglCbvDOHOKZy+h 2GGB1pJTn9NufV20HCMQRDL+r23yCifvG41vczx9ABxxu/5masZ2vdlnciznLVn2 6tj3P8bYYY/t6gsxml8VJ3nAevbjmdINvUGZgxhOGLFPsF3VorjxGDAansGm3Q+8 PLeP1LshxgDA9FwFYUy0N+fXhDKg2KhAQX3Z4jK9/LTFLDirw1p88I+96G4QraHI 5t5IE6xzK5Mfxg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:50 2025 by rpki-client