This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft File: iZJ3h0cqfL3Zff209Tt077O7vFs.mft (raw, json) Hash identifier: oc/bCUPjzVRgmvYej6F3RGLxo10fQa4rphmzxhCrQyg= Subject key identifier: 00:A8:5B:10:08:00:4A:25:58:00:CE:87:D0:AC:2A:52:9F:2C:64:EE Authority key identifier: 89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B Certificate issuer: /CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b Certificate serial: 019B3DC77325ADF792B78BC7CEE5D425ADFC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft Manifest number: 12B9 Signing time: Sat 20 Dec 2025 22:00:39 +0000 Manifest this update: Sat 20 Dec 2025 22:00:39 +0000 Manifest next update: Sun 21 Dec 2025 22:00:39 +0000 Files and hashes: 1: iZJ3h0cqfL3Zff209Tt077O7vFs.crl (hash: rkW3Ol67hT3rbA+Q/NVKV/RBYuLPMFVLS7lSOOpPV94=) 2: k_0z9yImMkkx7Q7hZaLKVoTRO74.roa (hash: bY1XGYbefYoSOVyj59OiTxL9N9Rlyyr/sbaOhEye3EE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:73:25:ad:f7:92:b7:8b:c7:ce:e5:d4:25:ad:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b Validity Not Before: Dec 20 22:00:39 2025 GMT Not After : Dec 21 22:00:39 2025 GMT Subject: CN=00a85b1008004a255800ce87d0ac2a529f2c64ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:be:11:9c:17:51:b8:ba:83:9f:38:84:2a:a7: d0:d3:ee:35:8f:aa:5a:88:7a:55:a5:ed:f1:ec:2d: 05:d5:e5:1c:2c:d2:0f:dd:34:b2:ae:d9:2e:e0:1e: a6:cd:94:cc:2a:1e:3f:ad:3f:ac:ff:b2:f6:b3:6b: 45:67:4a:7c:0d:95:4a:ba:23:fa:ed:8e:0f:9e:fb: 93:3a:d9:a0:48:ec:d6:03:a4:7a:e6:9b:a0:db:5e: 4f:15:b5:92:55:f1:b3:ab:ba:85:79:76:4c:48:1f: 10:68:5e:55:43:d0:63:ae:73:7e:fb:46:cd:1c:69: 37:7b:6c:d3:eb:50:7a:94:e2:37:8d:3e:63:a5:cf: 50:d9:5e:bf:b6:7f:64:6e:bd:44:13:af:a5:17:15: b0:42:9a:ef:49:13:f0:78:c3:aa:e3:b7:e7:d0:c7: 4a:e9:0a:98:ba:94:20:38:1c:ff:13:21:93:b5:80: e6:b4:22:aa:42:61:c4:ae:e0:71:3c:84:4e:42:71: 05:7c:52:32:ba:f6:b5:ff:cf:dc:eb:80:4c:3f:70: b6:21:d6:c5:10:9f:6e:64:ba:dd:38:c8:8e:23:d3: 36:06:ec:53:59:ef:30:87:b3:35:ba:e6:f1:31:26: d2:19:bd:50:ae:39:1b:28:8f:4e:df:96:0c:e8:d6: bc:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:A8:5B:10:08:00:4A:25:58:00:CE:87:D0:AC:2A:52:9F:2C:64:EE X509v3 Authority Key Identifier: keyid:89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:bd:2d:e4:cd:6f:34:85:37:06:18:b7:80:f6:02:bf:76:52: c4:23:e0:66:52:99:5b:92:43:20:d9:ec:ee:5f:cd:36:59:6f: 7d:32:97:27:74:7a:a2:4f:b2:b2:65:82:7a:17:64:df:76:d5: d9:40:ea:c5:b2:e7:c7:0e:21:30:b1:ba:39:45:0b:c3:b3:5e: ea:d5:65:02:40:37:cb:2a:c7:5a:77:b8:60:90:28:50:8e:7b: a9:67:49:03:f1:ce:93:cf:3c:f5:d4:45:b4:19:05:da:ab:bf: 79:c9:fe:6d:47:5b:7d:a9:70:b3:e7:19:67:6b:a4:25:40:c3: 8b:4d:0a:74:e5:a0:29:93:54:f8:1c:98:63:c6:e2:07:3c:f9: 18:2a:16:dd:58:7b:23:63:7f:c0:f6:56:9f:b0:28:ef:59:f7: ca:fd:b0:c9:52:c8:c5:42:8c:9f:8b:f4:67:18:e8:a5:15:ab: ca:24:62:7c:d9:b0:bc:2c:17:33:d1:37:aa:a1:1c:6a:e3:55: 76:4a:2d:92:3f:62:79:96:af:d5:48:a0:30:d4:93:6a:62:9f: c1:0b:4f:d3:2b:58:1e:64:c2:ad:58:c0:98:37:99:93:63:35: ef:e5:3c:7d:23:fd:73:01:07:da:f4:52:2e:e1:59:b3:fd:c9: 99:d2:20:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x3MlrfeSt4vHzuXUJa38MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5OTI3Nzg3NDcyYTdjYmRkOTdkZmRiNGY1M2I3NGVmYjNi YmJjNWIwHhcNMjUxMjIwMjIwMDM5WhcNMjUxMjIxMjIwMDM5WjAzMTEwLwYDVQQD EygwMGE4NWIxMDA4MDA0YTI1NTgwMGNlODdkMGFjMmE1MjlmMmM2NGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz74RnBdRuLqDnziEKqfQ0+41j6pa iHpVpe3x7C0F1eUcLNIP3TSyrtku4B6mzZTMKh4/rT+s/7L2s2tFZ0p8DZVKuiP6 7Y4PnvuTOtmgSOzWA6R65pug215PFbWSVfGzq7qFeXZMSB8QaF5VQ9BjrnN++0bN HGk3e2zT61B6lOI3jT5jpc9Q2V6/tn9kbr1EE6+lFxWwQprvSRPweMOq47fn0MdK 6QqYupQgOBz/EyGTtYDmtCKqQmHEruBxPIROQnEFfFIyuva1/8/c64BMP3C2IdbF EJ9uZLrdOMiOI9M2BuxTWe8wh7M1uubxMSbSGb1QrjkbKI9O35YM6Na8uwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFACoWxAIAEolWADOh9CsKlKfLGTuMB8GA1UdIwQY MBaAFImSd4dHKny92X39tPU7dO+zu7xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzkt YzQxMDA2MmQ0ZDUyLzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzktYzQxMDA2MmQ0ZDUy LzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHb0t5M1v NIU3Bhi3gPYCv3ZSxCPgZlKZW5JDINns7l/NNllvfTKXJ3R6ok+ysmWCehdk33bV 2UDqxbLnxw4hMLG6OUULw7Ne6tVlAkA3yyrHWne4YJAoUI57qWdJA/HOk8889dRF tBkF2qu/ecn+bUdbfalws+cZZ2ukJUDDi00KdOWgKZNU+ByYY8biBzz5GCoW3Vh7 I2N/wPZWn7Ao71n3yv2wyVLIxUKMn4v0ZxjopRWryiRifNmwvCwXM9E3qqEcauNV dkotkj9ieZav1UigMNSTamKfwQtP0ytYHmTCrVjAmDeZk2M17+U8fSP9cwEH2vRS LuFZs/3JmdIgLA== -----END CERTIFICATE-----Generated at Sun Dec 21 02:01:46 2025 by rpki-client