This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft File: iKlKQUDhmzIGP8bnefWTFKdKDFE.mft (raw, json) Hash identifier: lVBjz/shvSQENmAspFiiwYF2E5id1GoaGb9SWKL4Elw= Subject key identifier: A2:D7:93:9F:3F:DF:04:56:8B:FC:84:7F:E5:34:99:7D:78:07:1D:C7 Authority key identifier: 88:A9:4A:41:40:E1:9B:32:06:3F:C6:E7:79:F5:93:14:A7:4A:0C:51 Certificate issuer: /CN=88a94a4140e19b32063fc6e779f59314a74a0c51 Certificate serial: 019AF19AAFBC19D546FE7BE1A02D897BEA38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 03:00:37 +0000 Manifest this update: Sat 06 Dec 2025 03:00:37 +0000 Manifest next update: Sun 07 Dec 2025 03:00:37 +0000 Files and hashes: 1: S1kW1dWYYAUdp34Ffvr3hqq6tx4.roa (hash: HPlJ0x+8hEc9+twnaORN/j75RT2RjTnSkW49RshA3cE=) 2: iKlKQUDhmzIGP8bnefWTFKdKDFE.crl (hash: XIlfySP14Hawbjn1gUXV/vELckPNGGl6NREzNlOAhvE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.crl rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:af:bc:19:d5:46:fe:7b:e1:a0:2d:89:7b:ea:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88a94a4140e19b32063fc6e779f59314a74a0c51 Validity Not Before: Dec 6 03:00:37 2025 GMT Not After : Dec 7 03:00:37 2025 GMT Subject: CN=a2d7939f3fdf04568bfc847fe534997d78071dc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:14:d6:81:36:70:15:89:da:f5:93:d0:2e:e9: fe:0f:f3:8b:ea:b8:f7:ba:ae:f0:6c:1b:6d:c9:1e: 33:e7:1e:c3:2f:85:12:a2:8c:03:68:2a:d0:a8:c9: 64:93:89:d2:fe:73:5f:1d:ab:31:d6:09:a7:0e:7d: 08:4c:ac:18:28:55:80:d0:fe:ff:c0:84:1a:2d:51: 02:bf:c6:83:61:64:3d:4a:b9:6a:8b:78:b9:9b:10: 12:42:1f:01:91:fb:5d:83:ee:80:99:a6:09:77:9d: 05:49:52:3e:ab:26:be:e3:dc:eb:99:a5:8d:e4:65: 71:20:d7:b6:3f:1e:da:1a:fc:8a:2f:95:a1:ab:87: 71:55:37:ab:2c:b5:ed:55:98:df:d5:9e:2b:71:42: 5c:1d:44:14:5d:87:5b:ba:46:2e:67:c6:13:ca:1b: 79:13:ae:8c:53:26:ed:a0:64:e2:5c:ba:4b:8e:c6: ef:a4:65:8c:c4:ba:a6:da:10:67:4f:ef:58:7d:31: 41:77:46:01:e9:97:f3:57:0c:7b:92:40:28:14:bd: 25:80:c3:f6:64:84:92:53:41:e7:68:1e:1f:7e:9c: 15:11:ed:f3:de:fe:2a:dd:27:84:b1:33:92:f4:e1: 3f:cb:97:05:59:8e:0c:98:6a:6b:de:7f:2c:a8:4d: dd:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:D7:93:9F:3F:DF:04:56:8B:FC:84:7F:E5:34:99:7D:78:07:1D:C7 X509v3 Authority Key Identifier: keyid:88:A9:4A:41:40:E1:9B:32:06:3F:C6:E7:79:F5:93:14:A7:4A:0C:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:bc:c8:99:c7:41:34:37:20:f6:98:f5:27:d8:40:5b:88:68: 9d:b6:75:1f:1a:af:29:c8:00:92:3e:b0:a7:b8:f1:da:ef:4b: 4c:09:32:b0:07:7d:3d:13:c2:2e:88:7e:48:f9:cc:15:60:cc: a1:40:1b:d3:e0:34:12:70:c1:fc:13:a0:16:3f:49:45:d2:bf: a5:92:b4:9f:0c:5a:80:88:c8:06:fb:f1:a9:ec:bd:c0:08:a0: b4:83:b0:cc:ad:ab:3d:67:0d:57:eb:f1:48:f9:ae:29:5d:32: cc:c0:fc:34:84:0e:14:ca:63:69:13:8a:ef:e1:fa:ee:e1:6c: cd:8d:85:0f:93:03:ca:10:7b:bf:2a:31:d6:6e:09:c5:0c:95: 24:c2:3a:60:7e:58:27:d6:a8:c5:e0:77:e2:1f:c1:61:bb:9b: 0c:25:60:4d:4c:d1:c2:9d:da:19:4d:01:4f:3a:c1:79:4d:58: 44:8a:1a:33:94:ba:ee:40:b6:22:e9:7a:b6:34:93:22:dc:f8: 85:c8:dc:40:9b:6e:70:49:0e:cb:84:f9:a6:4e:16:93:a1:8e: f9:d1:53:03:b2:73:61:15:ed:cf:6e:71:d4:d2:01:13:9d:8e: 15:e1:37:e1:2c:6c:02:9b:c5:43:82:b9:f5:a5:44:04:cf:5b: c2:96:23:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmq+8GdVG/nvhoC2Je+o4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4YTk0YTQxNDBlMTliMzIwNjNmYzZlNzc5ZjU5MzE0YTc0 YTBjNTEwHhcNMjUxMjA2MDMwMDM3WhcNMjUxMjA3MDMwMDM3WjAzMTEwLwYDVQQD EyhhMmQ3OTM5ZjNmZGYwNDU2OGJmYzg0N2ZlNTM0OTk3ZDc4MDcxZGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBTWgTZwFYna9ZPQLun+D/OL6rj3 uq7wbBttyR4z5x7DL4USoowDaCrQqMlkk4nS/nNfHasx1gmnDn0ITKwYKFWA0P7/ wIQaLVECv8aDYWQ9Srlqi3i5mxASQh8Bkftdg+6AmaYJd50FSVI+qya+49zrmaWN 5GVxINe2Px7aGvyKL5Whq4dxVTerLLXtVZjf1Z4rcUJcHUQUXYdbukYuZ8YTyht5 E66MUybtoGTiXLpLjsbvpGWMxLqm2hBnT+9YfTFBd0YB6ZfzVwx7kkAoFL0lgMP2 ZISSU0HnaB4ffpwVEe3z3v4q3SeEsTOS9OE/y5cFWY4MmGpr3n8sqE3dhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKLXk58/3wRWi/yEf+U0mX14Bx3HMB8GA1UdIwQY MBaAFIipSkFA4ZsyBj/G53n1kxSnSgxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82MWNjZDQtZTA1My00NWUwLWI2MzUt N2ZlYTA2NmYwYjk2LzEvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS82MWNjZDQtZTA1My00NWUwLWI2MzUtN2ZlYTA2NmYwYjk2 LzEvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADbzImcdB NDcg9pj1J9hAW4honbZ1HxqvKcgAkj6wp7jx2u9LTAkysAd9PRPCLoh+SPnMFWDM oUAb0+A0EnDB/BOgFj9JRdK/pZK0nwxagIjIBvvxqey9wAigtIOwzK2rPWcNV+vx SPmuKV0yzMD8NIQOFMpjaROK7+H67uFszY2FD5MDyhB7vyox1m4JxQyVJMI6YH5Y J9aoxeB34h/BYbubDCVgTUzRwp3aGU0BTzrBeU1YRIoaM5S67kC2Iul6tjSTItz4 hcjcQJtucEkOy4T5pk4Wk6GO+dFTA7JzYRXtz25x1NIBE52OFeE34SxsApvFQ4K5 9aVEBM9bwpYjLA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:37:59 2025 by rpki-client