This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft File: ICNzDgbEv7_6ypBeUxJldCwXirQ.mft (raw, json) Hash identifier: 3colWXkVzdrmIMlc2Eq1rkVpVkBUw1SoCfefSREQQSE= Subject key identifier: 4C:5D:99:1C:18:E4:1C:25:4A:DB:CC:62:71:D1:78:B0:52:62:2B:33 Authority key identifier: 20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4 Certificate issuer: /CN=2023730e06c4bfbffaca905e531265742c178ab4 Certificate serial: 019AF31BCC252B0180C6EA4B4172AC8754A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft Manifest number: 1136 Signing time: Sat 06 Dec 2025 10:01:16 +0000 Manifest this update: Sat 06 Dec 2025 10:01:16 +0000 Manifest next update: Sun 07 Dec 2025 10:01:16 +0000 Files and hashes: 1: ICNzDgbEv7_6ypBeUxJldCwXirQ.crl (hash: wghH7P/3WvrrEs2x09RfEvbWzBs64ZItap9lLD7naFE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:cc:25:2b:01:80:c6:ea:4b:41:72:ac:87:54:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2023730e06c4bfbffaca905e531265742c178ab4 Validity Not Before: Dec 6 10:01:16 2025 GMT Not After : Dec 7 10:01:16 2025 GMT Subject: CN=4c5d991c18e41c254adbcc6271d178b052622b33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b0:96:ea:ef:a9:4c:c7:37:77:10:b9:e5:d2: 81:79:f8:63:e8:d7:9d:4b:4b:9d:e8:ff:d3:ff:62: f8:57:1b:01:4f:b0:28:9c:7a:cb:74:66:61:0d:e9: 89:5d:50:33:d6:e2:a4:7c:f7:a4:56:11:bc:c6:91: 60:68:5a:5b:1a:2a:f8:56:c9:da:da:65:fe:c3:70: 4a:c5:19:b1:5b:0d:fd:71:0c:1f:7c:8c:18:b9:30: 76:04:71:a1:e6:7b:22:67:46:0d:9e:ab:b9:ca:c9: 09:07:de:2f:7e:cf:b4:85:d2:b7:1f:4c:14:b3:9f: 0b:bf:dd:53:40:9d:36:54:b2:99:c3:ca:a7:ce:7e: 33:d2:32:4d:ca:32:92:a0:50:b9:35:29:79:a2:1a: b2:40:1f:c2:a0:8c:c2:d0:d1:38:d7:50:a6:c4:8e: 71:51:1a:44:a7:a8:78:91:61:a9:ed:76:74:07:cc: 1a:32:87:7a:54:ab:21:23:48:bc:8c:1d:23:21:c5: fa:ef:9d:e3:2c:0f:02:52:7d:91:14:88:d7:4e:9a: fe:f7:ef:32:cb:ee:de:75:0a:7b:3e:5d:6f:92:33: 4f:f3:fd:54:62:83:ca:36:ac:d2:12:6b:0d:be:0e: 93:d2:53:d6:f8:9e:9c:09:4c:1e:bc:01:9d:d3:d7: 2f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:5D:99:1C:18:E4:1C:25:4A:DB:CC:62:71:D1:78:B0:52:62:2B:33 X509v3 Authority Key Identifier: keyid:20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:b4:5e:28:15:f4:13:e4:27:87:cf:26:56:79:ae:ec:f2:93: ba:3f:23:a1:63:e0:f5:3a:7b:e9:7d:af:7f:ab:7c:24:eb:f8: cd:bb:b7:ad:c7:6d:b4:97:7f:f5:ca:c0:28:e6:18:76:51:b7: ac:c8:24:46:b4:76:8f:c7:15:dc:c9:55:46:c3:1f:70:27:1b: da:07:da:c0:e7:a7:e2:03:a0:c2:17:74:80:cc:7c:fa:ea:6f: d8:18:74:cc:0e:03:14:62:86:db:2d:be:96:20:62:44:81:a7: 3e:8f:00:ec:44:2d:6f:fe:76:87:5e:ca:fd:13:72:ea:6b:53: b7:e8:55:c2:1d:75:1e:8e:47:e8:89:c1:1f:aa:d7:21:a3:d1: 3f:29:2f:5e:b8:5d:a2:85:c0:c4:7c:44:6f:e2:dd:5a:1d:0b: ba:47:f9:f5:2c:e7:a5:72:50:e5:40:14:8d:f7:32:e9:2d:94: ac:b2:fa:57:e5:85:9c:d0:27:b4:b9:0b:99:51:49:6b:94:18: 8c:9f:ed:84:32:ee:9a:8f:bd:d1:35:18:5d:84:f1:fd:9d:b3: 45:0b:5b:f3:3a:c0:6a:3c:07:bc:87:22:a0:c1:88:be:a0:1f: 4f:90:b5:34:59:40:14:52:1c:85:f7:3a:26:1e:03:2d:6c:68: 18:4d:18:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG8wlKwGAxupLQXKsh1SmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMjM3MzBlMDZjNGJmYmZmYWNhOTA1ZTUzMTI2NTc0MmMx NzhhYjQwHhcNMjUxMjA2MTAwMTE2WhcNMjUxMjA3MTAwMTE2WjAzMTEwLwYDVQQD Eyg0YzVkOTkxYzE4ZTQxYzI1NGFkYmNjNjI3MWQxNzhiMDUyNjIyYjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrCW6u+pTMc3dxC55dKBefhj6Ned S0ud6P/T/2L4VxsBT7AonHrLdGZhDemJXVAz1uKkfPekVhG8xpFgaFpbGir4Vsna 2mX+w3BKxRmxWw39cQwffIwYuTB2BHGh5nsiZ0YNnqu5yskJB94vfs+0hdK3H0wU s58Lv91TQJ02VLKZw8qnzn4z0jJNyjKSoFC5NSl5ohqyQB/CoIzC0NE411CmxI5x URpEp6h4kWGp7XZ0B8waMod6VKshI0i8jB0jIcX6753jLA8CUn2RFIjXTpr+9+8y y+7edQp7Pl1vkjNP8/1UYoPKNqzSEmsNvg6T0lPW+J6cCUwevAGd09cv9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFExdmRwY5BwlStvMYnHReLBSYiszMB8GA1UdIwQY MBaAFCAjcw4GxL+/+sqQXlMSZXQsF4q0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYt YjAzMzViYTNlMGMyLzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYtYjAzMzViYTNlMGMy LzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLReKBX0 E+Qnh88mVnmu7PKTuj8joWPg9Tp76X2vf6t8JOv4zbu3rcdttJd/9crAKOYYdlG3 rMgkRrR2j8cV3MlVRsMfcCcb2gfawOen4gOgwhd0gMx8+upv2Bh0zA4DFGKG2y2+ liBiRIGnPo8A7EQtb/52h17K/RNy6mtTt+hVwh11Ho5H6InBH6rXIaPRPykvXrhd ooXAxHxEb+LdWh0Lukf59SznpXJQ5UAUjfcy6S2UrLL6V+WFnNAntLkLmVFJa5QY jJ/thDLumo+90TUYXYTx/Z2zRQtb8zrAajwHvIcioMGIvqAfT5C1NFlAFFIchfc6 Jh4DLWxoGE0YLA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:40:10 2025 by rpki-client