This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft File: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json) Hash identifier: dEm38+SZsLksOVsWHuMQfclgQXKuWATICzL45ylTQRc= Subject key identifier: 5D:C4:20:AB:51:77:82:4B:32:26:1A:99:99:FA:06:BF:9C:71:E8:75 Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D Certificate issuer: /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d Certificate serial: 019AF2093774DC3596A9DCAD45612A3E4274 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft Manifest number: 0D32 Signing time: Sat 06 Dec 2025 05:01:21 +0000 Manifest this update: Sat 06 Dec 2025 05:01:21 +0000 Manifest next update: Sun 07 Dec 2025 05:01:21 +0000 Files and hashes: 1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: u84WDQBr+m+6uLeviuo37CafixRMpm4ocUXeHV4pTf8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:37:74:dc:35:96:a9:dc:ad:45:61:2a:3e:42:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d Validity Not Before: Dec 6 05:01:21 2025 GMT Not After : Dec 7 05:01:21 2025 GMT Subject: CN=5dc420ab5177824b32261a9999fa06bf9c71e875 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:f1:16:f4:f1:99:8a:a9:77:33:1d:b1:8b:02: 01:c6:f1:c8:b8:f0:c5:57:a5:2d:e8:e7:85:3d:e2: dc:1b:d2:58:44:d8:93:22:67:07:bc:01:0b:50:88: 86:e4:fe:0c:e0:0c:b0:ff:91:3a:03:a3:3d:ab:03: 29:64:d1:99:95:5e:bd:43:93:33:6f:b3:af:84:1e: e4:28:47:cb:d2:09:ed:c8:ac:7a:96:a3:c5:c3:b6: 46:4c:52:bd:98:c1:be:07:cb:87:6a:f7:8a:84:01: b0:86:a0:ab:08:75:46:2b:83:99:45:f0:2c:c1:27: 20:ce:85:2c:96:a2:a3:a4:0a:d4:fe:5c:c8:54:74: f8:35:8c:2c:fc:ed:0f:be:96:f1:40:45:d2:c7:ef: 21:dc:32:8a:c0:e4:04:77:60:c5:55:36:d7:d9:2a: b5:c3:cc:83:ae:ba:df:67:03:04:10:bb:25:cf:8d: 22:39:6a:1c:e3:30:7a:95:03:43:69:e1:12:59:72: e7:0d:cf:be:16:b7:73:09:ca:a7:f0:c9:77:bd:c6: 6a:97:68:0d:a3:63:38:d9:90:ae:ed:dd:5c:40:43: dd:ac:22:f6:08:ef:f1:d8:03:84:bc:df:c0:8a:db: f4:8b:0a:69:ba:42:a4:3f:37:7b:ee:5d:a8:bc:f3: e8:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:C4:20:AB:51:77:82:4B:32:26:1A:99:99:FA:06:BF:9C:71:E8:75 X509v3 Authority Key Identifier: keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:07:e0:ff:12:2f:ad:74:0d:8a:04:64:5e:c0:5d:4e:b6:94: ae:7a:40:4b:83:d0:0b:f7:ef:77:48:ff:65:eb:91:34:0d:c5: fa:47:f6:0e:83:2c:ff:05:a2:29:c2:6c:b8:af:5e:c4:c6:41: 1e:48:54:89:9d:d2:ea:30:33:f0:b2:a8:0e:fb:97:2d:ae:d8: 0d:76:e8:11:38:e5:93:9b:5c:29:0a:ca:c7:a5:17:eb:ab:1b: 08:31:4f:37:a4:36:75:6a:17:07:eb:07:45:fb:95:48:23:26: ea:1a:d9:c7:d3:71:11:d8:48:d2:18:b9:b1:ad:d6:df:48:6f: fb:1b:30:42:92:ca:c2:3a:6d:22:99:bb:a0:0f:e7:d6:2f:f2: b3:0b:0b:d4:db:1f:6c:46:18:0f:21:38:ab:ac:76:a6:a6:db: 51:3c:8f:e5:51:ff:b9:62:a0:5b:39:7a:0e:c5:c7:47:46:3a: c3:75:4d:20:16:ce:38:0d:e2:c5:55:71:e6:97:16:16:a3:65: 1a:2a:b2:48:ec:9c:5b:ad:a5:7a:83:5b:50:80:b6:06:46:60: 98:86:bb:a5:e9:eb:ea:2d:e4:bd:0a:07:86:68:84:33:31:52: 40:2a:45:9f:9b:85:ce:e0:ec:7e:b9:c0:35:8a:80:62:8e:67: 5c:5f:e3:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCTd03DWWqdytRWEqPkJ0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0 MDI2N2QwHhcNMjUxMjA2MDUwMTIxWhcNMjUxMjA3MDUwMTIxWjAzMTEwLwYDVQQD Eyg1ZGM0MjBhYjUxNzc4MjRiMzIyNjFhOTk5OWZhMDZiZjljNzFlODc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PEW9PGZiql3Mx2xiwIBxvHIuPDF V6Ut6OeFPeLcG9JYRNiTImcHvAELUIiG5P4M4Ayw/5E6A6M9qwMpZNGZlV69Q5Mz b7OvhB7kKEfL0gntyKx6lqPFw7ZGTFK9mMG+B8uHaveKhAGwhqCrCHVGK4OZRfAs wScgzoUslqKjpArU/lzIVHT4NYws/O0PvpbxQEXSx+8h3DKKwOQEd2DFVTbX2Sq1 w8yDrrrfZwMEELslz40iOWoc4zB6lQNDaeESWXLnDc++FrdzCcqn8Ml3vcZql2gN o2M42ZCu7d1cQEPdrCL2CO/x2AOEvN/Aitv0iwppukKkPzd77l2ovPPopwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF3EIKtRd4JLMiYamZn6Br+cceh1MB8GA1UdIwQY MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkwfg/xIv rXQNigRkXsBdTraUrnpAS4PQC/fvd0j/ZeuRNA3F+kf2DoMs/wWiKcJsuK9exMZB HkhUiZ3S6jAz8LKoDvuXLa7YDXboETjlk5tcKQrKx6UX66sbCDFPN6Q2dWoXB+sH RfuVSCMm6hrZx9NxEdhI0hi5sa3W30hv+xswQpLKwjptIpm7oA/n1i/yswsL1Nsf bEYYDyE4q6x2pqbbUTyP5VH/uWKgWzl6DsXHR0Y6w3VNIBbOOA3ixVVx5pcWFqNl GiqySOycW62leoNbUIC2BkZgmIa7penr6i3kvQoHhmiEMzFSQCpFn5uFzuDsfrnA NYqAYo5nXF/jsA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:07:48 2025 by rpki-client