This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft File: IT2HNcFEzxJWWEO2nrQKTRowGqU.mft (raw, json) Hash identifier: IweUR45UVPfxRJ3frNZSjCn/h9PUvBpXFPx3CccC09Y= Subject key identifier: 00:9C:18:C7:C6:B9:68:C4:E2:52:46:B2:92:70:BC:C4:14:63:5E:A5 Authority key identifier: 21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5 Certificate issuer: /CN=213d8735c144cf12565843b69eb40a4d1a301aa5 Certificate serial: 019AF98BE381A14A887E6C3C45871ECA8483 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft Manifest number: 10D6 Signing time: Sun 07 Dec 2025 16:01:25 +0000 Manifest this update: Sun 07 Dec 2025 16:01:25 +0000 Manifest next update: Mon 08 Dec 2025 16:01:25 +0000 Files and hashes: 1: IT2HNcFEzxJWWEO2nrQKTRowGqU.crl (hash: CzBeiqYnSDn0mQ0jYWb1Mi3LK19MLNjE6MYE/dOUg64=) 2: oYl1-NMXXzEXtTi3L5l80mvOKew.roa (hash: HGKJcqJks4x1KvA9MPs1IeJtaKWdWbE52yFjhD/1Aak=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 16:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f9:8b:e3:81:a1:4a:88:7e:6c:3c:45:87:1e:ca:84:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=213d8735c144cf12565843b69eb40a4d1a301aa5 Validity Not Before: Dec 7 16:01:25 2025 GMT Not After : Dec 8 16:01:25 2025 GMT Subject: CN=009c18c7c6b968c4e25246b29270bcc414635ea5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d2:46:e9:3d:6c:d6:db:a9:ba:91:40:32:c1: 7e:03:5c:fa:a9:6d:f0:06:69:a8:d2:a4:5b:e3:f0: 2f:02:07:da:e6:bc:23:7a:8c:55:b3:ca:ed:91:58: 4c:72:41:95:c5:e9:60:3e:6a:cb:52:8f:59:6e:56: 8a:5c:3f:bb:d6:e6:1f:92:c0:65:e0:e3:2c:b3:59: 61:b8:fc:40:80:30:47:1b:cc:da:c6:2f:e8:0f:8e: 89:fa:ea:3f:7c:03:a4:19:36:eb:6b:e4:62:96:c4: cd:66:92:6e:c3:23:23:b4:4f:48:c0:b4:8c:0b:5b: 47:b5:62:f7:0a:52:23:27:92:56:e7:11:87:74:db: 85:57:dd:0d:16:d6:73:1e:95:42:02:76:1c:53:5f: 3d:df:9e:7f:f9:79:da:c6:0f:af:d8:67:2f:c0:89: 17:e3:f9:75:b8:a2:af:f3:8c:0f:89:4b:86:6f:93: 23:f3:ac:69:c8:84:0b:b2:42:eb:06:4e:ea:49:7f: 65:1e:16:80:e6:63:04:46:5b:3b:93:8d:9f:84:8c: 81:09:c8:07:87:97:75:80:3a:01:6f:ef:3e:9b:30: d8:f6:30:8f:68:f4:8a:20:ce:c3:f7:59:51:da:78: 56:d7:e5:10:bf:33:0b:df:6b:a3:a2:3e:f9:52:b9: 3e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:9C:18:C7:C6:B9:68:C4:E2:52:46:B2:92:70:BC:C4:14:63:5E:A5 X509v3 Authority Key Identifier: keyid:21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:2e:59:1d:e0:77:36:d2:61:db:f7:83:a0:d1:80:59:cf:9e: db:1b:03:4e:c7:43:bb:ab:2f:14:df:cf:df:c1:fc:eb:78:36: a4:d9:3d:0b:64:64:0a:3f:7e:c8:55:27:8e:be:e6:d8:14:2f: 4a:02:47:0d:e4:0f:18:a3:64:40:fd:f9:28:15:1f:f8:e1:7a: 4b:58:55:49:00:24:c5:81:bd:40:84:f7:fc:95:f7:f6:b3:1b: c9:c3:f6:cd:40:4b:0e:38:b5:33:9e:4b:40:dc:9e:b3:7d:96: 12:28:a3:e6:69:5e:73:5a:24:9a:e2:9e:a4:95:e5:8f:e3:1f: 9c:86:18:c6:46:54:bc:7b:c8:a4:99:74:e6:bd:2b:2d:76:08: ce:aa:d8:6d:16:ee:02:11:6a:16:12:40:af:cf:43:38:a2:bb: 58:b2:24:8f:50:27:fc:b0:ff:ae:79:b2:db:22:76:7d:ee:7e: c1:fb:50:8c:51:df:69:1a:c4:22:62:f5:64:b6:69:50:8b:b8: b6:85:b5:e9:44:48:25:0f:81:b5:64:38:ef:8d:70:2f:cb:a2: 7d:b8:37:db:07:07:36:46:67:ec:60:8f:67:08:91:07:d5:b1: 93:9b:eb:7d:3f:1a:da:d0:12:ef:ea:c6:1e:be:13:9e:22:a3: a4:05:46:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr5i+OBoUqIfmw8RYceyoSDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxM2Q4NzM1YzE0NGNmMTI1NjU4NDNiNjllYjQwYTRkMWEz MDFhYTUwHhcNMjUxMjA3MTYwMTI1WhcNMjUxMjA4MTYwMTI1WjAzMTEwLwYDVQQD EygwMDljMThjN2M2Yjk2OGM0ZTI1MjQ2YjI5MjcwYmNjNDE0NjM1ZWE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9JG6T1s1tupupFAMsF+A1z6qW3w Bmmo0qRb4/AvAgfa5rwjeoxVs8rtkVhMckGVxelgPmrLUo9ZblaKXD+71uYfksBl 4OMss1lhuPxAgDBHG8zaxi/oD46J+uo/fAOkGTbra+RilsTNZpJuwyMjtE9IwLSM C1tHtWL3ClIjJ5JW5xGHdNuFV90NFtZzHpVCAnYcU189355/+Xnaxg+v2GcvwIkX 4/l1uKKv84wPiUuGb5Mj86xpyIQLskLrBk7qSX9lHhaA5mMERls7k42fhIyBCcgH h5d1gDoBb+8+mzDY9jCPaPSKIM7D91lR2nhW1+UQvzML32ujoj75Urk+cQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFACcGMfGuWjE4lJGspJwvMQUY16lMB8GA1UdIwQY MBaAFCE9hzXBRM8SVlhDtp60Ck0aMBqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAt MzAxNDMzZWJlNDM2LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAtMzAxNDMzZWJlNDM2 LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAC5ZHeB3 NtJh2/eDoNGAWc+e2xsDTsdDu6svFN/P38H863g2pNk9C2RkCj9+yFUnjr7m2BQv SgJHDeQPGKNkQP35KBUf+OF6S1hVSQAkxYG9QIT3/JX39rMbycP2zUBLDji1M55L QNyes32WEiij5mlec1okmuKepJXlj+MfnIYYxkZUvHvIpJl05r0rLXYIzqrYbRbu AhFqFhJAr89DOKK7WLIkj1An/LD/rnmy2yJ2fe5+wftQjFHfaRrEImL1ZLZpUIu4 toW16URIJQ+BtWQ4741wL8uifbg32wcHNkZn7GCPZwiRB9Wxk5vrfT8a2tAS7+rG Hr4TniKjpAVGfw== -----END CERTIFICATE-----Generated at Sun Dec 7 23:01:28 2025 by rpki-client