This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json) Hash identifier: QGDP3BCrGUZbsZjWNq+srrjG2hvYZk7o1oIxewV6xR0= Subject key identifier: BF:7F:4B:B3:96:BA:68:E5:A4:72:81:0A:1C:A5:2C:35:F9:21:D1:B0 Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Certificate serial: 019AF12EA46285BEA4311DAA81E0B2CAF084 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft Manifest number: 079D Signing time: Sat 06 Dec 2025 01:02:37 +0000 Manifest this update: Sat 06 Dec 2025 01:02:37 +0000 Manifest next update: Sun 07 Dec 2025 01:02:37 +0000 Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: 6LNd0liT5WncTZEPg6d2dCPOfgUQxDNBqqH7t+MYd+A=) 2: v5LwLHwuCUZrT_0G6r3v0bfLSQs.roa (hash: +ztaiH2S/aHDtgvKfj/YkXPsW58SyJ9uS27Ej7psyFg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:a4:62:85:be:a4:31:1d:aa:81:e0:b2:ca:f0:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938 Validity Not Before: Dec 6 01:02:37 2025 GMT Not After : Dec 7 01:02:37 2025 GMT Subject: CN=bf7f4bb396ba68e5a472810a1ca52c35f921d1b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:7c:95:50:55:ab:f6:f1:3c:09:0d:46:51:ea: 74:40:e1:a1:8f:0d:7b:1f:41:95:3e:d3:e5:86:19: bb:d6:be:31:3f:fb:48:3d:f8:68:38:93:fd:78:53: 8c:ae:4c:64:22:34:14:2a:e7:03:7f:fa:a0:c5:1e: ef:9c:e6:80:58:bd:dd:d2:eb:73:47:61:8f:74:fe: 83:9b:b4:62:ea:68:15:c8:8f:57:62:86:11:c1:5e: df:b1:90:f8:37:72:5d:aa:c8:e0:04:c2:75:32:10: 58:d6:3d:f9:44:70:a4:19:7e:f5:38:02:dc:b9:81: 6c:97:d9:13:f6:73:fd:2c:06:95:73:d1:0a:b9:83: 17:f1:84:27:3c:7c:e6:00:be:da:4d:53:d6:ea:ab: 6e:6a:d1:80:86:11:54:9c:68:69:74:aa:ed:32:20: c7:ea:ed:c7:d1:0a:7a:05:3a:3f:6b:1f:8b:31:1e: 52:41:56:e5:72:2a:63:cf:31:ae:62:c9:aa:62:b8: e5:b9:17:59:92:77:9b:e6:a1:d2:a8:6f:e3:55:99: 83:06:1f:c8:76:b4:9e:3f:9e:a7:92:06:e9:12:70: 29:32:68:6b:ad:f0:e9:04:66:9c:8c:a7:be:8c:e2: a9:c4:3e:76:43:f2:d2:8b:6e:d9:45:1c:c7:59:31: 58:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:7F:4B:B3:96:BA:68:E5:A4:72:81:0A:1C:A5:2C:35:F9:21:D1:B0 X509v3 Authority Key Identifier: keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:53:f0:90:ed:3b:3d:05:4b:c2:49:36:fe:0a:00:b1:13:5d: 05:ac:2d:51:e5:08:d6:00:04:42:c1:f9:17:cc:0f:de:6d:5c: aa:ae:86:b5:6d:05:2c:75:9e:be:cc:a9:46:b3:87:8e:2c:14: 86:13:c4:7f:17:02:5a:31:ae:f7:5f:54:bf:6a:3f:bd:26:65: c0:95:77:57:4f:d9:59:b1:0c:c8:cc:e8:3b:a6:1e:09:5f:09: c4:e8:ae:ac:1a:08:f1:f6:1a:46:64:e3:04:d8:08:44:da:07: a8:4c:49:b4:d0:63:fb:a6:14:11:cc:a7:5c:70:31:e4:89:af: 08:05:59:01:84:cb:66:59:5f:22:99:2b:a2:c1:9a:fb:ba:61: 76:ec:e7:e2:bc:8d:f6:1b:65:db:98:70:ac:d6:2b:9e:b1:57: 5c:48:78:6d:a5:4a:5b:f7:12:7d:b6:65:c1:ad:17:c1:6f:54: c3:f0:59:42:bf:a2:02:56:14:c6:47:78:e7:66:1d:7b:70:80: 3a:8f:ee:4f:98:d3:d2:9f:1e:8b:0b:24:e7:cf:70:48:7f:36: e6:ea:16:70:42:b6:1b:39:95:56:d3:4d:06:9d:ee:a8:47:55: eb:59:cd:7a:ab:a1:c8:62:15:6e:77:d5:87:c6:07:78:c0:56: b3:45:1d:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLqRihb6kMR2qgeCyyvCEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4 YTc5MzgwHhcNMjUxMjA2MDEwMjM3WhcNMjUxMjA3MDEwMjM3WjAzMTEwLwYDVQQD EyhiZjdmNGJiMzk2YmE2OGU1YTQ3MjgxMGExY2E1MmMzNWY5MjFkMWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HyVUFWr9vE8CQ1GUep0QOGhjw17 H0GVPtPlhhm71r4xP/tIPfhoOJP9eFOMrkxkIjQUKucDf/qgxR7vnOaAWL3d0utz R2GPdP6Dm7Ri6mgVyI9XYoYRwV7fsZD4N3JdqsjgBMJ1MhBY1j35RHCkGX71OALc uYFsl9kT9nP9LAaVc9EKuYMX8YQnPHzmAL7aTVPW6qtuatGAhhFUnGhpdKrtMiDH 6u3H0Qp6BTo/ax+LMR5SQVblcipjzzGuYsmqYrjluRdZkneb5qHSqG/jVZmDBh/I drSeP56nkgbpEnApMmhrrfDpBGacjKe+jOKpxD52Q/LSi27ZRRzHWTFYUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL9/S7OWumjlpHKBChylLDX5IdGwMB8GA1UdIwQY MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABVPwkO07 PQVLwkk2/goAsRNdBawtUeUI1gAEQsH5F8wP3m1cqq6GtW0FLHWevsypRrOHjiwU hhPEfxcCWjGu919Uv2o/vSZlwJV3V0/ZWbEMyMzoO6YeCV8JxOiurBoI8fYaRmTj BNgIRNoHqExJtNBj+6YUEcynXHAx5ImvCAVZAYTLZllfIpkrosGa+7phduzn4ryN 9htl25hwrNYrnrFXXEh4baVKW/cSfbZlwa0XwW9Uw/BZQr+iAlYUxkd452Yde3CA Oo/uT5jT0p8eiwsk589wSH825uoWcEK2GzmVVtNNBp3uqEdV61nNequhyGIVbnfV h8YHeMBWs0UddQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:22:32 2025 by rpki-client