This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft File: iBKgqAncPNH72JUaj4D2mSXhGQg.mft (raw, json) Hash identifier: LiLBM2f3ncMKtcoIVC5mPemRMdZgbMdYmFKG6tscwec= Subject key identifier: 5F:33:5F:E4:A6:24:AF:6C:25:EB:DE:12:85:AB:2A:70:69:CE:79:03 Authority key identifier: 88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08 Certificate issuer: /CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908 Certificate serial: 019AF49BCED4330718AB9F3F5229087FA3EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft Manifest number: 1247 Signing time: Sat 06 Dec 2025 17:00:42 +0000 Manifest this update: Sat 06 Dec 2025 17:00:42 +0000 Manifest next update: Sun 07 Dec 2025 17:00:42 +0000 Files and hashes: 1: gc6g1C2J1IjiC6a4YzgHVoMBVvE.roa (hash: l0wZmz1eeJH0pgzgb/M7lMO1lTKuzQbmbwUCcga2Ghs=) 2: iBKgqAncPNH72JUaj4D2mSXhGQg.crl (hash: Hdib/7f2Ew2WSWqi7MWJrSV0E8TTLQfZRT/BpX0gJxQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:ce:d4:33:07:18:ab:9f:3f:52:29:08:7f:a3:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908 Validity Not Before: Dec 6 17:00:42 2025 GMT Not After : Dec 7 17:00:42 2025 GMT Subject: CN=5f335fe4a624af6c25ebde1285ab2a7069ce7903 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:a3:c9:fe:3b:f4:df:02:c0:d4:a7:e1:6e:7a: 0d:c7:da:32:ca:91:92:47:18:3a:1f:f0:ef:d8:7b: 66:44:ca:0f:af:c3:91:10:f6:18:2d:50:82:80:43: 4b:71:d2:bf:77:ad:42:d9:7d:8a:c2:17:38:fa:b9: a2:56:41:04:88:eb:3b:bd:37:46:0a:66:ae:32:42: 4e:f0:c9:69:e5:74:11:84:bc:07:af:df:24:39:51: aa:8a:06:ca:f3:a6:ce:fe:b1:cb:3d:e2:f9:8c:5f: 2a:3d:be:6f:ff:b1:05:ac:e3:de:58:23:e6:c7:01: e3:b2:5f:39:7c:02:54:36:51:fe:91:41:5c:87:88: ff:1a:70:42:1a:ae:19:5f:07:8a:28:e7:5c:00:cc: 6f:f2:50:15:97:9c:98:81:01:df:bb:e9:9f:c8:c5: 17:d2:a8:e6:f7:7c:d3:47:69:dd:35:a6:a6:3d:a6: b0:ba:ac:0f:fb:27:51:1a:17:92:b8:df:10:c1:fa: 41:5c:e0:a6:59:24:64:de:d4:9f:25:04:20:f2:b8: a5:e0:bd:46:1e:96:8e:8b:7a:47:15:11:6f:15:1d: de:3f:95:b4:95:e3:d8:c2:56:75:2f:fd:92:fd:ad: f2:a2:49:63:99:79:6e:b7:ee:64:a2:e2:37:a7:3d: c2:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:33:5F:E4:A6:24:AF:6C:25:EB:DE:12:85:AB:2A:70:69:CE:79:03 X509v3 Authority Key Identifier: keyid:88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:b3:36:48:c2:ab:61:77:27:48:6c:e0:f1:da:d2:65:a7:4e: 11:32:3a:cb:f3:76:04:25:92:fc:17:45:1f:30:78:36:77:23: 80:b0:e9:e5:41:3f:9a:fc:5f:0b:f7:b3:2e:ed:d4:f3:65:ca: 25:1e:d4:f2:f3:cc:fc:3f:b9:ae:eb:53:7f:25:14:46:35:05: 30:f6:d7:e8:65:03:42:67:11:5a:b9:16:3a:50:69:2c:d2:70: 11:6b:db:4d:aa:b3:67:2e:68:15:b1:88:84:12:3d:f4:80:40: ff:2d:63:e3:fd:c2:fb:97:ec:3b:f4:d7:40:71:36:42:59:ec: ab:bf:63:25:36:6b:f6:f6:d2:6a:04:35:75:27:3d:fc:a5:13: 97:bb:cd:0b:30:8a:cb:06:28:0d:38:a4:ec:02:b2:ed:f8:5b: 2b:7e:d7:0e:56:aa:95:f4:e4:6f:09:75:91:21:a1:ae:0f:ed: 53:a6:b7:22:dd:7d:fa:5b:a4:e5:de:bc:95:91:79:31:b3:40: d7:e9:ca:79:42:c9:b5:50:66:80:8f:7c:9f:43:50:09:49:a5: dc:50:62:73:27:4f:40:96:8a:17:08:fa:1c:0d:6a:12:0f:03: dd:83:c1:16:a4:ea:46:c5:72:1f:fb:15:31:c8:3c:0f:0f:40: a1:d0:09:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m87UMwcYq58/UikIf6PvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MTJhMGE4MDlkYzNjZDFmYmQ4OTUxYThmODBmNjk5MjVl MTE5MDgwHhcNMjUxMjA2MTcwMDQyWhcNMjUxMjA3MTcwMDQyWjAzMTEwLwYDVQQD Eyg1ZjMzNWZlNGE2MjRhZjZjMjVlYmRlMTI4NWFiMmE3MDY5Y2U3OTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36PJ/jv03wLA1KfhbnoNx9oyypGS Rxg6H/Dv2HtmRMoPr8OREPYYLVCCgENLcdK/d61C2X2Kwhc4+rmiVkEEiOs7vTdG CmauMkJO8Mlp5XQRhLwHr98kOVGqigbK86bO/rHLPeL5jF8qPb5v/7EFrOPeWCPm xwHjsl85fAJUNlH+kUFch4j/GnBCGq4ZXweKKOdcAMxv8lAVl5yYgQHfu+mfyMUX 0qjm93zTR2ndNaamPaawuqwP+ydRGheSuN8QwfpBXOCmWSRk3tSfJQQg8ril4L1G HpaOi3pHFRFvFR3eP5W0lePYwlZ1L/2S/a3yokljmXlut+5kouI3pz3CFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF8zX+SmJK9sJeveEoWrKnBpznkDMB8GA1UdIwQY MBaAFIgSoKgJ3DzR+9iVGo+A9pkl4RkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjIt ZmE3NWNiZTliZWFkLzEvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjItZmE3NWNiZTliZWFk LzEvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABbM2SMKr YXcnSGzg8drSZadOETI6y/N2BCWS/BdFHzB4NncjgLDp5UE/mvxfC/ezLu3U82XK JR7U8vPM/D+5rutTfyUURjUFMPbX6GUDQmcRWrkWOlBpLNJwEWvbTaqzZy5oFbGI hBI99IBA/y1j4/3C+5fsO/TXQHE2Qlnsq79jJTZr9vbSagQ1dSc9/KUTl7vNCzCK ywYoDTik7AKy7fhbK37XDlaqlfTkbwl1kSGhrg/tU6a3It19+luk5d68lZF5MbNA 1+nKeULJtVBmgI98n0NQCUml3FBicydPQJaKFwj6HA1qEg8D3YPBFqTqRsVyH/sV Mcg8Dw9AodAJKQ== -----END CERTIFICATE-----Generated at Sun Dec 7 00:34:07 2025 by rpki-client