This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.mft File: iyH_rekwvR_S4XiM_0B9nTQTThc.mft (raw, json) Hash identifier: M7tdNExfquOw8rlgWDgBGGxzUFkyUMIFfjvIjnj00KE= Subject key identifier: 18:15:5F:12:B6:F3:58:E1:C5:54:52:E2:26:A3:7C:60:D1:85:13:8F Authority key identifier: 8B:21:FF:AD:E9:30:BD:1F:D2:E1:78:8C:FF:40:7D:9D:34:13:4E:17 Certificate issuer: /CN=8b21ffade930bd1fd2e1788cff407d9d34134e17 Certificate serial: 019AF12E0D93C353444C66C0643383F9C68A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.mft Manifest number: 1395 Signing time: Sat 06 Dec 2025 01:01:58 +0000 Manifest this update: Sat 06 Dec 2025 01:01:58 +0000 Manifest next update: Sun 07 Dec 2025 01:01:58 +0000 Files and hashes: 1: YR9oUfcPn7hi-EfIp0zPWNgdoLI.roa (hash: gZUlOd3rhYgj7y7iYiifqKrTqOs4vDy8o9fKugEnj2M=) 2: iyH_rekwvR_S4XiM_0B9nTQTThc.crl (hash: dd9QbaEr4Ptw98FmF43cL8VpHQ5B7HoL6fObw5gfdTs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.mft rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:0d:93:c3:53:44:4c:66:c0:64:33:83:f9:c6:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b21ffade930bd1fd2e1788cff407d9d34134e17 Validity Not Before: Dec 6 01:01:58 2025 GMT Not After : Dec 7 01:01:58 2025 GMT Subject: CN=18155f12b6f358e1c55452e226a37c60d185138f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:76:14:18:f3:98:b0:48:44:3b:b0:87:10:99: 68:88:52:33:7d:b5:b9:d7:2d:06:a1:24:cb:78:57: 38:7c:9f:26:15:7b:3a:00:e4:30:82:c4:70:67:63: 32:40:77:f8:43:58:fd:16:91:a5:a0:12:4e:23:f9: 0a:9f:41:63:4e:9e:16:c8:e4:1c:59:c4:91:ec:51: 7b:c4:35:73:13:b5:2c:c7:30:d4:e6:da:c1:12:0d: c1:85:25:95:a9:c5:d2:19:9e:5f:8b:15:8f:26:8c: 5a:0f:27:70:25:b3:50:42:4e:71:92:5b:d7:2d:07: cc:8e:eb:0b:6c:65:28:d5:08:57:f0:7f:3d:3c:6b: 3e:a8:31:85:0a:60:72:37:25:41:4c:f1:e0:34:75: 92:1b:a5:45:80:3a:11:05:65:80:0f:f9:c5:58:7a: 1f:d1:e4:50:86:f3:4f:a6:33:d2:be:3a:06:d7:84: 2e:7c:41:02:5e:65:b8:30:cc:4f:b5:3f:7f:96:88: 37:a1:93:ab:56:37:a3:6f:c8:f5:8d:b2:a1:c9:78: 5a:ee:d2:82:e5:b6:9e:4d:93:d1:ca:fb:39:0a:1c: 2a:fa:a5:c0:97:99:ec:cc:d4:02:49:76:d2:84:ba: 6f:0d:33:8e:33:8d:64:48:8c:53:70:29:85:59:39: 47:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:15:5F:12:B6:F3:58:E1:C5:54:52:E2:26:A3:7C:60:D1:85:13:8F X509v3 Authority Key Identifier: keyid:8B:21:FF:AD:E9:30:BD:1F:D2:E1:78:8C:FF:40:7D:9D:34:13:4E:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:84:8f:5a:2b:77:4b:92:97:bf:f0:ee:70:2b:ab:2d:46:86: 31:a3:46:3a:ca:e4:78:2c:6e:55:c2:e9:51:40:84:6c:ed:65: f1:40:4a:02:46:30:ab:cd:5a:c9:44:0e:4a:2e:bb:e9:3e:4b: a3:9c:40:47:0c:61:89:85:d3:de:f4:2d:98:38:0d:e3:fe:6b: 46:1a:c2:59:d9:1d:7d:3c:2f:29:da:6b:5e:c2:ef:84:fe:52: cf:12:bf:1c:6c:fa:0a:42:dc:52:7c:da:11:b8:a9:d1:60:d0: 3e:29:77:c5:bb:03:ce:fe:1b:b8:e1:95:61:2a:01:61:90:6c: 06:1a:7a:cd:6e:c2:d1:b3:6f:33:78:54:78:e1:f7:10:1e:b6: 98:16:16:df:fa:35:46:58:4c:f3:0f:c6:2e:2b:1a:a3:a7:b1: a8:93:a4:2e:37:1e:4f:9f:72:13:40:cf:a8:ac:f5:ea:d4:87: 4f:f6:d1:9f:96:d9:49:25:b4:1f:86:3c:d6:ff:55:81:34:5d: 70:28:7e:f5:27:84:17:d3:35:cc:77:49:a7:ca:6e:74:18:ee: 68:23:19:7a:1b:be:59:53:66:88:f7:00:4f:3e:9f:63:f8:56: a3:38:ff:a8:a0:63:e2:1b:8e:f3:bd:1f:16:8d:5c:dc:27:3d: 12:d1:94:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLg2Tw1NETGbAZDOD+caKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiMjFmZmFkZTkzMGJkMWZkMmUxNzg4Y2ZmNDA3ZDlkMzQx MzRlMTcwHhcNMjUxMjA2MDEwMTU4WhcNMjUxMjA3MDEwMTU4WjAzMTEwLwYDVQQD EygxODE1NWYxMmI2ZjM1OGUxYzU1NDUyZTIyNmEzN2M2MGQxODUxMzhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3YUGPOYsEhEO7CHEJloiFIzfbW5 1y0GoSTLeFc4fJ8mFXs6AOQwgsRwZ2MyQHf4Q1j9FpGloBJOI/kKn0FjTp4WyOQc WcSR7FF7xDVzE7UsxzDU5trBEg3BhSWVqcXSGZ5fixWPJoxaDydwJbNQQk5xklvX LQfMjusLbGUo1QhX8H89PGs+qDGFCmByNyVBTPHgNHWSG6VFgDoRBWWAD/nFWHof 0eRQhvNPpjPSvjoG14QufEECXmW4MMxPtT9/log3oZOrVjejb8j1jbKhyXha7tKC 5baeTZPRyvs5Chwq+qXAl5nszNQCSXbShLpvDTOOM41kSIxTcCmFWTlHNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBgVXxK281jhxVRS4iajfGDRhROPMB8GA1UdIwQY MBaAFIsh/63pML0f0uF4jP9AfZ00E04XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXlIX3Jla3d2Ul9TNFhpTV8wQjluVFFUVGhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85Y2UwZWItM2FiYS00YjM2LWI3YzQt NDI1YzUxZDc4ODhiLzEvaXlIX3Jla3d2Ul9TNFhpTV8wQjluVFFUVGhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi85Y2UwZWItM2FiYS00YjM2LWI3YzQtNDI1YzUxZDc4ODhi LzEvaXlIX3Jla3d2Ul9TNFhpTV8wQjluVFFUVGhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYSPWit3 S5KXv/DucCurLUaGMaNGOsrkeCxuVcLpUUCEbO1l8UBKAkYwq81ayUQOSi676T5L o5xARwxhiYXT3vQtmDgN4/5rRhrCWdkdfTwvKdprXsLvhP5SzxK/HGz6CkLcUnza Ebip0WDQPil3xbsDzv4buOGVYSoBYZBsBhp6zW7C0bNvM3hUeOH3EB62mBYW3/o1 RlhM8w/GLisao6exqJOkLjceT59yE0DPqKz16tSHT/bRn5bZSSW0H4Y81v9VgTRd cCh+9SeEF9M1zHdJp8pudBjuaCMZehu+WVNmiPcATz6fY/hWozj/qKBj4huO870f Fo1c3Cc9EtGUYA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:09:05 2025 by rpki-client