This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft File: IYssahphoXurfAMggKo78kR4tt0.mft (raw, json) Hash identifier: leV2zMo8128ay7kQtZWpPueIHmVxLmDkZibHCgpjMvg= Subject key identifier: 42:4C:13:86:4E:B9:E6:07:4B:B1:14:71:AC:0B:59:86:B1:28:88:43 Authority key identifier: 21:8B:2C:6A:1A:61:A1:7B:AB:7C:03:20:80:AA:3B:F2:44:78:B6:DD Certificate issuer: /CN=218b2c6a1a61a17bab7c032080aa3bf24478b6dd Certificate serial: 019AF50B3C9D1C29E7C91228C00188A207FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft Manifest number: 0E1D Signing time: Sat 06 Dec 2025 19:02:25 +0000 Manifest this update: Sat 06 Dec 2025 19:02:25 +0000 Manifest next update: Sun 07 Dec 2025 19:02:25 +0000 Files and hashes: 1: IYssahphoXurfAMggKo78kR4tt0.crl (hash: UeGz05vzlS5G7Afry9vMTdUcmgsE3UdJiBE0c9wXBRk=) 2: wnACGaMKOrsg5i1-6PAAx8VKQ0Y.roa (hash: kxRyBHTXArEsk0qrBdKwIl2FB5x6O/p6TWut1bU4JRM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:3c:9d:1c:29:e7:c9:12:28:c0:01:88:a2:07:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218b2c6a1a61a17bab7c032080aa3bf24478b6dd Validity Not Before: Dec 6 19:02:25 2025 GMT Not After : Dec 7 19:02:25 2025 GMT Subject: CN=424c13864eb9e6074bb11471ac0b5986b1288843 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:65:4a:f3:86:a7:70:cc:d0:35:99:d8:c6:55: bc:9e:6d:c0:af:44:3b:59:50:b9:b1:a8:93:0b:ed: c6:b3:e7:d0:59:86:58:f9:83:43:84:d7:83:84:0d: cf:f4:2e:28:cb:61:44:9b:1f:53:1e:8a:c1:c8:36: 07:d8:1c:5d:e7:9a:10:9c:04:8b:06:f9:d0:0c:6c: da:16:1b:82:2b:ea:68:fb:7f:00:1c:3b:ba:6a:36: f5:ed:75:25:04:d6:f3:0c:9d:50:ee:3e:d0:4d:6e: 06:7f:3a:d6:b6:c7:de:9a:c0:20:cf:32:da:4e:73: ce:6f:9e:79:43:b4:c1:fa:0d:75:1d:1d:94:05:bc: 10:95:7f:30:7e:15:52:3d:88:81:ec:81:f6:ea:44: 9d:b9:93:bd:dd:21:af:8c:f3:2f:13:62:22:d3:04: 4f:d1:33:3f:ee:c9:8e:2d:ce:14:c9:a3:b6:f9:91: d7:4b:59:46:a4:48:85:67:29:86:ae:86:ee:07:4e: e2:86:f2:fd:ed:43:3a:ec:38:55:31:ef:12:d8:60: 83:91:c6:6d:dd:8a:ab:86:d6:d2:e7:6b:d3:d6:d4: 9a:6b:97:81:56:81:17:f3:e9:40:cd:9a:7d:26:56: 5e:1f:74:51:42:90:99:5c:7f:48:16:f4:07:76:b5: ef:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:4C:13:86:4E:B9:E6:07:4B:B1:14:71:AC:0B:59:86:B1:28:88:43 X509v3 Authority Key Identifier: keyid:21:8B:2C:6A:1A:61:A1:7B:AB:7C:03:20:80:AA:3B:F2:44:78:B6:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:c7:d5:f5:03:87:79:7c:9e:40:ae:fd:e9:da:04:dd:4d:b7: bf:c0:93:ec:41:6c:06:c7:3a:64:df:3c:42:12:ba:0a:f6:d0: 5d:2a:65:3f:2b:67:b9:f7:01:35:d2:c0:17:ab:e8:3d:cd:d1: b9:cf:0d:54:de:02:2a:29:4b:0e:01:da:f0:f1:41:b8:54:9b: 05:06:93:20:37:90:c6:53:56:75:75:2d:1d:67:ea:a9:31:17: b4:79:aa:7a:9e:2d:d0:f5:8b:b8:49:82:14:81:58:86:6f:db: b1:c5:10:d6:41:3e:11:89:ff:84:fb:fb:3c:bc:a6:a3:39:73: 5a:ba:bb:fd:b6:07:e5:c2:63:59:4e:0b:d3:d0:59:d5:2d:2e: bc:22:5d:cf:4d:42:b3:a4:9e:cd:76:02:1f:38:58:6d:33:6b: ac:aa:d2:c2:ab:27:26:60:53:93:cd:fc:97:7e:cf:71:61:14: 11:9a:81:9c:a2:1a:04:c0:c0:03:d7:c9:f3:ee:49:f4:32:62: 0d:80:22:1a:e9:12:8a:43:03:1a:07:86:78:b2:93:bc:a1:7f: c5:d0:56:48:9f:29:f6:41:53:d4:55:80:8e:b9:96:b5:69:99: 2e:fd:b3:70:5c:40:0e:41:da:21:29:f7:65:38:c2:6e:66:95: be:31:a4:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CzydHCnnyRIowAGIogf8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxOGIyYzZhMWE2MWExN2JhYjdjMDMyMDgwYWEzYmYyNDQ3 OGI2ZGQwHhcNMjUxMjA2MTkwMjI1WhcNMjUxMjA3MTkwMjI1WjAzMTEwLwYDVQQD Eyg0MjRjMTM4NjRlYjllNjA3NGJiMTE0NzFhYzBiNTk4NmIxMjg4ODQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmVK84ancMzQNZnYxlW8nm3Ar0Q7 WVC5saiTC+3Gs+fQWYZY+YNDhNeDhA3P9C4oy2FEmx9THorByDYH2Bxd55oQnASL BvnQDGzaFhuCK+po+38AHDu6ajb17XUlBNbzDJ1Q7j7QTW4GfzrWtsfemsAgzzLa TnPOb555Q7TB+g11HR2UBbwQlX8wfhVSPYiB7IH26kSduZO93SGvjPMvE2Ii0wRP 0TM/7smOLc4UyaO2+ZHXS1lGpEiFZymGrobuB07ihvL97UM67DhVMe8S2GCDkcZt 3YqrhtbS52vT1tSaa5eBVoEX8+lAzZp9JlZeH3RRQpCZXH9IFvQHdrXvWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEJME4ZOueYHS7EUcawLWYaxKIhDMB8GA1UdIwQY MBaAFCGLLGoaYaF7q3wDIICqO/JEeLbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVlzc2FocGhvWHVyZkFNZ2dLbzc4a1I0dHQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84NDkxNDAtYzg1My00OGNkLTlhODQt Yjk5MzE2OGJjNTkzLzEvSVlzc2FocGhvWHVyZkFNZ2dLbzc4a1I0dHQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS84NDkxNDAtYzg1My00OGNkLTlhODQtYjk5MzE2OGJjNTkz LzEvSVlzc2FocGhvWHVyZkFNZ2dLbzc4a1I0dHQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf8fV9QOH eXyeQK796doE3U23v8CT7EFsBsc6ZN88QhK6CvbQXSplPytnufcBNdLAF6voPc3R uc8NVN4CKilLDgHa8PFBuFSbBQaTIDeQxlNWdXUtHWfqqTEXtHmqep4t0PWLuEmC FIFYhm/bscUQ1kE+EYn/hPv7PLymozlzWrq7/bYH5cJjWU4L09BZ1S0uvCJdz01C s6SezXYCHzhYbTNrrKrSwqsnJmBTk838l37PcWEUEZqBnKIaBMDAA9fJ8+5J9DJi DYAiGukSikMDGgeGeLKTvKF/xdBWSJ8p9kFT1FWAjrmWtWmZLv2zcFxADkHaISn3 ZTjCbmaVvjGkTA== -----END CERTIFICATE-----Generated at Sat Dec 6 21:01:03 2025 by rpki-client