This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft File: iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json) Hash identifier: WPUP/C+b1Amtj5/t2oFE240O+sm2rPg2kkUvNEhkweA= Subject key identifier: 2B:05:51:74:F2:70:11:6D:D6:E9:DC:E8:B1:DF:F1:04:93:53:7A:83 Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F Certificate issuer: /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f Certificate serial: 019AF578612DEC2CEFE29169B5C34C3013EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft Manifest number: 04CD Signing time: Sat 06 Dec 2025 21:01:38 +0000 Manifest this update: Sat 06 Dec 2025 21:01:38 +0000 Manifest next update: Sun 07 Dec 2025 21:01:38 +0000 Files and hashes: 1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: x8G1zkaRVAktpN9CgfaMBDNG6qzsDtz80yBl2NhGOZM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:61:2d:ec:2c:ef:e2:91:69:b5:c3:4c:30:13:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f Validity Not Before: Dec 6 21:01:38 2025 GMT Not After : Dec 7 21:01:38 2025 GMT Subject: CN=2b055174f270116dd6e9dce8b1dff10493537a83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:93:ce:f4:fe:86:a2:40:77:56:2d:0a:73:27: b0:be:76:d2:ba:c1:7c:b6:fe:62:a8:cd:7d:a9:d3: 61:a2:ab:1c:00:c4:10:ae:4a:b4:ff:50:f3:db:ea: c8:a4:15:95:14:d2:08:3e:8a:e2:ce:29:01:5c:37: c9:4e:2d:42:dd:28:e5:4a:e9:d8:3b:f0:48:a5:bb: 36:1f:80:74:41:88:36:b8:0d:ff:f0:49:75:ff:28: 42:f9:8c:fd:e3:e8:e1:04:51:4a:87:b5:81:25:6f: 9f:99:c8:3a:47:bd:2a:64:d6:89:e0:40:7b:f4:f7: ab:ca:4b:9d:e0:7e:19:02:b1:7a:e8:c1:61:8d:3f: 41:df:f0:ae:61:0f:df:b4:c0:b8:8d:89:04:88:c4: 1a:c2:33:f5:c0:9d:6d:d0:6a:cc:07:3f:e8:55:6a: 4a:0e:d5:58:52:45:68:99:0f:86:18:92:d2:d0:6a: a7:fc:19:5c:08:99:ee:81:9c:83:18:4a:d8:be:69: 09:54:fb:f7:59:2f:42:06:7d:41:4f:12:af:a6:fa: 74:8b:7c:77:33:32:f9:90:27:f2:54:4c:d5:fa:83: ea:4d:7e:ab:67:b4:42:81:15:fe:48:97:1b:2c:d2: 8e:ad:ba:ad:82:04:99:b2:37:3a:d8:6c:de:e8:f3: 80:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:05:51:74:F2:70:11:6D:D6:E9:DC:E8:B1:DF:F1:04:93:53:7A:83 X509v3 Authority Key Identifier: keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:59:e1:64:a1:98:19:c2:f0:5e:15:c9:17:7a:29:ec:d2:b5: 89:da:20:bf:03:88:18:f8:84:82:24:cc:ed:5f:f7:81:5b:bc: 00:af:da:27:3c:68:3b:f9:36:41:1a:cc:c0:98:07:f9:9f:25: 02:55:ea:4f:02:b4:01:57:b4:18:53:38:7f:a8:a4:b5:ab:55: bd:e5:aa:1b:80:d8:2f:0c:9a:c1:4e:ca:66:c0:02:2f:19:8a: bb:6e:a9:23:10:01:00:5f:d1:42:36:7d:ab:bc:cf:ab:18:bc: 4a:47:fa:4a:e3:a1:bd:b0:6d:71:32:a9:0a:cb:24:7b:67:3b: b4:c8:67:a6:ea:53:f1:fc:66:b0:b0:39:6a:de:4f:9b:e0:47: 15:11:48:bc:e3:56:c7:ef:9c:77:15:b4:ad:fe:57:0a:3b:12: 51:05:60:f2:26:75:c8:37:17:ee:c1:a2:2f:80:d5:42:04:9d: 81:18:96:cc:6c:91:f5:ed:5a:b4:23:41:3e:ff:1d:56:17:3d: 7c:5d:6f:c2:68:06:2a:ea:34:17:4b:57:7d:a5:32:d9:44:6f: 4a:77:7b:ae:e9:72:04:5c:1a:2f:de:44:1a:f5:3b:63:0a:94: c2:31:6f:0d:0f:11:a6:e7:02:20:51:30:b1:07:7e:f9:ce:23: 59:c3:77:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eGEt7Czv4pFptcNMMBPqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj NWEzNmYwHhcNMjUxMjA2MjEwMTM4WhcNMjUxMjA3MjEwMTM4WjAzMTEwLwYDVQQD EygyYjA1NTE3NGYyNzAxMTZkZDZlOWRjZThiMWRmZjEwNDkzNTM3YTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5PO9P6GokB3Vi0KcyewvnbSusF8 tv5iqM19qdNhoqscAMQQrkq0/1Dz2+rIpBWVFNIIPorizikBXDfJTi1C3SjlSunY O/BIpbs2H4B0QYg2uA3/8El1/yhC+Yz94+jhBFFKh7WBJW+fmcg6R70qZNaJ4EB7 9Perykud4H4ZArF66MFhjT9B3/CuYQ/ftMC4jYkEiMQawjP1wJ1t0GrMBz/oVWpK DtVYUkVomQ+GGJLS0Gqn/BlcCJnugZyDGErYvmkJVPv3WS9CBn1BTxKvpvp0i3x3 MzL5kCfyVEzV+oPqTX6rZ7RCgRX+SJcbLNKOrbqtggSZsjc62Gze6POAqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCsFUXTycBFt1unc6LHf8QSTU3qDMB8GA1UdIwQY MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1 LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd1nhZKGY GcLwXhXJF3op7NK1idogvwOIGPiEgiTM7V/3gVu8AK/aJzxoO/k2QRrMwJgH+Z8l AlXqTwK0AVe0GFM4f6iktatVveWqG4DYLwyawU7KZsACLxmKu26pIxABAF/RQjZ9 q7zPqxi8Skf6SuOhvbBtcTKpCsske2c7tMhnpupT8fxmsLA5at5Pm+BHFRFIvONW x++cdxW0rf5XCjsSUQVg8iZ1yDcX7sGiL4DVQgSdgRiWzGyR9e1atCNBPv8dVhc9 fF1vwmgGKuo0F0tXfaUy2URvSnd7rulyBFwaL95EGvU7YwqUwjFvDQ8RpucCIFEw sQd++c4jWcN38A== -----END CERTIFICATE-----Generated at Sun Dec 7 02:03:44 2025 by rpki-client