This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft File: iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json) Hash identifier: r3T2KSAJv/ld8f0cLg1zqyQIBDYESeftqrkly7Y8YqY= Subject key identifier: 22:56:2E:64:08:5E:63:48:67:F3:AB:48:0B:43:75:87:B6:9A:A6:33 Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9 Certificate issuer: /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9 Certificate serial: 019AF31D44F48E592A665B0C4A8FA77B285D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 10:02:52 +0000 Manifest this update: Sat 06 Dec 2025 10:02:52 +0000 Manifest next update: Sun 07 Dec 2025 10:02:52 +0000 Files and hashes: 1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: xt3bJOWkij2wE8haPfQOZAwDnhkB4FhYRr/2wlIYhik=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:44:f4:8e:59:2a:66:5b:0c:4a:8f:a7:7b:28:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9 Validity Not Before: Dec 6 10:02:52 2025 GMT Not After : Dec 7 10:02:52 2025 GMT Subject: CN=22562e64085e634867f3ab480b437587b69aa633 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e5:c1:f7:25:a4:72:fd:fe:d6:ba:fb:b5:89: c6:3d:1b:54:fa:60:00:45:16:62:ff:68:73:d6:f5: 97:90:8b:45:71:5f:eb:d1:ef:29:f9:81:5b:4c:18: a5:fb:f3:aa:5d:b5:57:4a:1a:98:00:c3:69:f0:2c: 59:7c:6a:e4:09:bd:ab:8d:e2:78:ef:79:a3:d6:80: bf:cc:a5:94:06:f0:a9:e7:20:01:58:0d:7f:98:ee: 41:07:77:d7:d3:f9:e7:26:2e:2f:cf:5d:28:bb:d5: 95:00:98:2a:ce:aa:7d:0d:5a:8c:6c:7c:fd:5c:d1: f2:97:88:33:4b:bd:7c:fb:a6:42:e3:ab:ec:5f:a6: 14:30:83:b1:b5:e2:b3:87:a3:f9:38:c7:c7:c6:80: f3:21:66:1d:3c:f9:4c:97:de:9a:95:83:14:0f:8d: 17:58:33:06:df:76:75:20:c9:b6:ea:64:d0:1d:2a: 9c:93:d6:0c:57:ba:dd:8d:00:28:75:0c:fb:58:20: 99:9e:31:d2:fb:08:43:f8:2b:0e:2f:ce:32:e8:03: 03:74:62:d7:4c:20:f6:d6:5e:01:08:a4:af:54:2a: 6b:46:4d:34:6c:0c:a3:47:59:d1:80:bd:49:0d:29: d5:a0:16:5c:89:f5:e2:65:86:13:2f:25:52:55:1c: 5a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:56:2E:64:08:5E:63:48:67:F3:AB:48:0B:43:75:87:B6:9A:A6:33 X509v3 Authority Key Identifier: keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:f6:8e:fa:d0:5f:cd:a6:42:21:fb:46:18:d4:2f:51:e1:1c: 8c:02:a5:d2:95:ad:a0:9e:b0:47:ad:f8:f4:ed:e9:36:24:f5: 9c:23:ad:b2:22:59:09:55:5d:cc:36:d7:d0:08:38:27:4f:46: 16:57:82:ba:c1:0b:ec:5f:dc:0b:52:dd:71:53:81:84:18:d6: 94:a2:26:a2:f9:20:d5:e3:cf:9d:99:22:22:56:44:81:41:89: 46:81:82:49:70:f1:7d:3a:1d:80:4f:2a:7f:eb:ee:10:53:6c: dd:f2:1a:8c:de:d8:3c:f5:39:fb:08:f4:9e:9a:79:70:b8:0c: 67:8d:d7:b1:a1:8e:8a:cd:a8:85:d1:48:6e:71:e7:44:03:cd: 29:63:c1:dd:cc:1d:a2:05:15:90:fa:ab:2a:58:68:50:c2:64: fb:be:fe:5d:49:51:1b:9c:a0:6b:05:1f:40:d7:c5:d4:42:42: 5c:29:e6:ee:f1:66:38:56:60:08:4e:df:95:32:1a:71:38:77: 4d:f8:55:9e:a8:9c:3d:82:5b:a2:c4:b1:89:9d:1d:83:ac:44: 77:65:c0:ef:21:a9:b3:86:39:9d:75:3e:dd:c5:c4:6b:5b:20: 46:fc:3c:05:a1:e4:bb:cb:5a:25:13:6d:1d:ea:7a:9d:67:4a: d9:97:91:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHUT0jlkqZlsMSo+neyhdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz OTgwYjkwHhcNMjUxMjA2MTAwMjUyWhcNMjUxMjA3MTAwMjUyWjAzMTEwLwYDVQQD EygyMjU2MmU2NDA4NWU2MzQ4NjdmM2FiNDgwYjQzNzU4N2I2OWFhNjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOXB9yWkcv3+1rr7tYnGPRtU+mAA RRZi/2hz1vWXkItFcV/r0e8p+YFbTBil+/OqXbVXShqYAMNp8CxZfGrkCb2rjeJ4 73mj1oC/zKWUBvCp5yABWA1/mO5BB3fX0/nnJi4vz10ou9WVAJgqzqp9DVqMbHz9 XNHyl4gzS718+6ZC46vsX6YUMIOxteKzh6P5OMfHxoDzIWYdPPlMl96alYMUD40X WDMG33Z1IMm26mTQHSqck9YMV7rdjQAodQz7WCCZnjHS+whD+CsOL84y6AMDdGLX TCD21l4BCKSvVCprRk00bAyjR1nRgL1JDSnVoBZcifXiZYYTLyVSVRxa6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCJWLmQIXmNIZ/OrSAtDdYe2mqYzMB8GA1UdIwQY MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe/aO+tBf zaZCIftGGNQvUeEcjAKl0pWtoJ6wR6349O3pNiT1nCOtsiJZCVVdzDbX0Ag4J09G FleCusEL7F/cC1LdcVOBhBjWlKImovkg1ePPnZkiIlZEgUGJRoGCSXDxfTodgE8q f+vuEFNs3fIajN7YPPU5+wj0npp5cLgMZ43XsaGOis2ohdFIbnHnRAPNKWPB3cwd ogUVkPqrKlhoUMJk+77+XUlRG5ygawUfQNfF1EJCXCnm7vFmOFZgCE7flTIacTh3 TfhVnqicPYJbosSxiZ0dg6xEd2XA7yGps4Y5nXU+3cXEa1sgRvw8BaHku8taJRNt Hep6nWdK2ZeRBw== -----END CERTIFICATE-----Generated at Sat Dec 6 15:25:39 2025 by rpki-client