This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft File: IkI4OfIQchYnZBrmtszqzujZBns.mft (raw, json) Hash identifier: 44jkn8ZlE21XeyjQlRAkPFzHlbhgYtXv48UWPZYH6bc= Subject key identifier: 81:18:FE:A1:3D:89:CF:0C:BE:A2:F9:7D:1A:3E:58:7E:F3:3D:99:FE Authority key identifier: 22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B Certificate issuer: /CN=22423839f210721627641ae6b6cceacee8d9067b Certificate serial: 019AF5AED900B48E9F420376C0F48541454E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft Manifest number: 0CA6 Signing time: Sat 06 Dec 2025 22:01:07 +0000 Manifest this update: Sat 06 Dec 2025 22:01:07 +0000 Manifest next update: Sun 07 Dec 2025 22:01:07 +0000 Files and hashes: 1: IkI4OfIQchYnZBrmtszqzujZBns.crl (hash: ezWhfU4jpHPdH8qt2J6UY/zcgCWiIStIcSDnldpb43Y=) 2: Uyg4_Ozw9Ipj9uu784y9KAfEr7A.roa (hash: PWFMCOTkx94rFl6c7QVt2h1VgycYcWOsnSvIAK4MJo0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.crl rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:d9:00:b4:8e:9f:42:03:76:c0:f4:85:41:45:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22423839f210721627641ae6b6cceacee8d9067b Validity Not Before: Dec 6 22:01:07 2025 GMT Not After : Dec 7 22:01:07 2025 GMT Subject: CN=8118fea13d89cf0cbea2f97d1a3e587ef33d99fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a6:0f:07:9b:25:b9:cb:e5:59:a2:70:5d:b8: 44:60:a8:95:11:e8:b5:f8:31:7d:f0:62:18:3a:32: b2:77:73:5f:e7:a0:16:f0:ff:40:89:ff:5a:c9:04: 17:6d:22:83:85:64:9e:c9:a7:28:8e:37:71:11:55: 71:b3:46:90:be:ab:d5:78:57:54:54:58:b6:4b:6f: 65:82:6e:3c:ea:55:5a:c3:92:a3:b6:7c:24:0e:94: 73:a6:f0:bb:a7:9a:24:ae:14:38:d9:45:7e:ed:02: 8c:3b:3e:e6:f5:55:1a:48:fa:31:7d:61:46:30:29: bd:fd:e4:2f:0f:b5:47:9a:47:df:64:cd:62:97:1a: 52:d3:e5:91:e8:a1:bf:cf:6d:a5:19:0f:20:a6:37: cd:60:a4:67:eb:91:ac:4f:01:df:99:f8:92:88:f4: 6b:5f:f7:34:52:6d:cb:80:37:24:e4:9d:50:15:68: 26:ee:fe:6e:3a:4d:29:82:73:44:9a:74:f3:29:3e: 28:5d:3c:00:8b:2f:ed:9e:ae:03:ad:a1:f2:fc:5c: 39:7c:64:87:3a:54:99:e0:3f:32:fc:47:3d:04:f8: 9e:fb:ce:43:60:c2:21:f0:82:53:7e:e1:21:a8:00: e6:69:79:03:17:ab:e0:90:f5:96:66:b8:58:8f:06: 02:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:18:FE:A1:3D:89:CF:0C:BE:A2:F9:7D:1A:3E:58:7E:F3:3D:99:FE X509v3 Authority Key Identifier: keyid:22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:dc:54:8e:1c:cc:51:c3:83:1d:65:f1:b5:4b:db:f2:a1:33: 3d:ba:02:54:fb:05:c5:ac:ae:6b:08:1e:60:44:9a:63:ac:38: 7b:d2:56:28:29:67:7a:83:4f:af:91:b0:6f:4a:6d:a8:60:47: 24:e4:61:b9:fd:58:ad:b5:d0:2d:51:bb:cc:94:ff:c6:cd:dc: 74:e9:f7:40:84:4a:b4:ae:4f:5f:6c:7f:c3:e7:b8:15:f2:fc: 8c:24:93:59:90:a7:54:b6:1d:20:31:0f:ea:22:e9:e0:82:f0: e5:2f:31:58:b2:80:29:af:11:2e:c8:04:26:c2:43:d3:dd:13: 22:92:d0:59:04:bc:08:4a:ee:17:4a:96:29:cd:64:df:eb:58: d4:a5:3e:43:b0:be:4a:e8:d6:9d:37:98:6a:ca:8d:32:e4:fc: fa:eb:b6:a1:3f:df:2e:c9:91:f1:26:f9:28:86:7f:97:49:10: 93:11:fd:83:59:e9:38:74:b5:c9:07:10:b8:f9:ba:2d:ab:84: 6f:75:7a:1f:d5:46:90:1a:67:41:fd:10:0e:ee:9d:65:8c:1c: e8:97:e0:f5:cc:e2:f2:4c:30:de:79:fa:48:1c:33:2d:e3:67: 8f:a7:b9:0e:b9:58:69:ac:68:c3:9a:72:77:73:1f:bb:10:e9: e5:56:db:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rtkAtI6fQgN2wPSFQUVOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyNDIzODM5ZjIxMDcyMTYyNzY0MWFlNmI2Y2NlYWNlZThk OTA2N2IwHhcNMjUxMjA2MjIwMTA3WhcNMjUxMjA3MjIwMTA3WjAzMTEwLwYDVQQD Eyg4MTE4ZmVhMTNkODljZjBjYmVhMmY5N2QxYTNlNTg3ZWYzM2Q5OWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKYPB5slucvlWaJwXbhEYKiVEei1 +DF98GIYOjKyd3Nf56AW8P9Aif9ayQQXbSKDhWSeyacojjdxEVVxs0aQvqvVeFdU VFi2S29lgm486lVaw5KjtnwkDpRzpvC7p5okrhQ42UV+7QKMOz7m9VUaSPoxfWFG MCm9/eQvD7VHmkffZM1ilxpS0+WR6KG/z22lGQ8gpjfNYKRn65GsTwHfmfiSiPRr X/c0Um3LgDck5J1QFWgm7v5uOk0pgnNEmnTzKT4oXTwAiy/tnq4DraHy/Fw5fGSH OlSZ4D8y/Ec9BPie+85DYMIh8IJTfuEhqADmaXkDF6vgkPWWZrhYjwYC2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIEY/qE9ic8MvqL5fRo+WH7zPZn+MB8GA1UdIwQY MBaAFCJCODnyEHIWJ2Qa5rbM6s7o2QZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYt OThjODc1YWUzNWM5LzEvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYtOThjODc1YWUzNWM5 LzEvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9xUjhzM UcODHWXxtUvb8qEzPboCVPsFxayuawgeYESaY6w4e9JWKClneoNPr5Gwb0ptqGBH JORhuf1YrbXQLVG7zJT/xs3cdOn3QIRKtK5PX2x/w+e4FfL8jCSTWZCnVLYdIDEP 6iLp4ILw5S8xWLKAKa8RLsgEJsJD090TIpLQWQS8CEruF0qWKc1k3+tY1KU+Q7C+ SujWnTeYasqNMuT8+uu2oT/fLsmR8Sb5KIZ/l0kQkxH9g1npOHS1yQcQuPm6LauE b3V6H9VGkBpnQf0QDu6dZYwc6Jfg9czi8kww3nn6SBwzLeNnj6e5DrlYaaxow5py d3MfuxDp5VbbkA== -----END CERTIFICATE-----Generated at Sun Dec 7 00:30:56 2025 by rpki-client