This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft File: IkI4OfIQchYnZBrmtszqzujZBns.mft (raw, json) Hash identifier: m6YFNEj+h7HO+HkQxwWvzux9h0ZDIa9ED6qhHtPOX10= Subject key identifier: 23:FB:E8:8E:1D:49:35:54:42:7B:91:9F:0B:07:2F:7D:75:20:61:4F Authority key identifier: 22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B Certificate issuer: /CN=22423839f210721627641ae6b6cceacee8d9067b Certificate serial: 019B318C66CD1C630CF89B1CCA24AA03EC3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft Manifest number: 0CC5 Signing time: Thu 18 Dec 2025 13:00:43 +0000 Manifest this update: Thu 18 Dec 2025 13:00:43 +0000 Manifest next update: Fri 19 Dec 2025 13:00:43 +0000 Files and hashes: 1: IkI4OfIQchYnZBrmtszqzujZBns.crl (hash: vXgVNdKqYAxFFDsHtrcPAZQee2sdB6zjwnbk6Yp3VtE=) 2: Uyg4_Ozw9Ipj9uu784y9KAfEr7A.roa (hash: PWFMCOTkx94rFl6c7QVt2h1VgycYcWOsnSvIAK4MJo0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.crl rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:8c:66:cd:1c:63:0c:f8:9b:1c:ca:24:aa:03:ec:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22423839f210721627641ae6b6cceacee8d9067b Validity Not Before: Dec 18 13:00:43 2025 GMT Not After : Dec 19 13:00:43 2025 GMT Subject: CN=23fbe88e1d493554427b919f0b072f7d7520614f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:ca:dd:98:4e:9d:26:7d:32:a4:4d:47:e6:f4: 4c:cc:96:55:d9:4a:74:21:85:be:e5:09:87:5f:8e: 6f:35:5c:5c:ec:fb:0c:dc:4a:ca:19:1b:87:d4:ed: 67:c8:4b:92:b3:ed:ea:9a:71:72:2f:c0:f1:51:1f: 86:6c:12:01:88:1c:f7:fe:8a:47:5d:91:08:37:02: 25:18:17:60:fa:33:1c:7d:f0:59:75:f3:f3:ef:e1: 51:8e:bb:cf:64:ce:4f:a5:2e:0b:ab:82:58:f9:49: 19:95:cd:62:f4:ae:e3:aa:ed:61:84:98:68:9d:39: 75:41:3f:f5:9c:b5:ec:3e:8b:57:d5:4b:aa:e8:93: ab:ad:87:95:8b:ad:ac:fc:da:d4:36:57:e8:20:fd: 86:3a:67:69:76:dd:73:02:05:98:19:35:1a:24:fb: a5:19:8a:0c:b8:46:55:71:6c:64:94:c2:59:ad:f3: 81:d8:03:1a:34:ad:1d:c1:44:ec:94:65:5d:56:7f: 37:86:31:6e:f2:35:70:f6:2e:4d:fe:01:a8:58:f2: 0c:f9:7a:b9:51:39:79:91:e5:65:50:22:b6:59:f0: 7c:5c:4c:d6:a2:a2:3f:c5:c8:7a:9a:52:49:e8:21: 75:27:fb:f2:1c:cf:d2:57:fd:96:76:fb:03:9d:64: c1:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:FB:E8:8E:1D:49:35:54:42:7B:91:9F:0B:07:2F:7D:75:20:61:4F X509v3 Authority Key Identifier: keyid:22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 20:2d:8e:74:57:9b:8c:1a:1b:04:aa:91:0c:3c:5c:e9:b6:df: e6:88:6c:5d:3a:ac:eb:d2:b3:30:e3:68:a6:12:52:10:af:e8: c9:f3:62:3e:0e:f2:13:b7:7d:33:ff:3d:e1:a0:f1:5f:92:c3: d9:82:2a:68:1f:df:59:8a:a4:fd:bc:2e:ad:68:14:d5:5b:21: 85:ae:c3:94:a1:7e:8d:c9:0f:99:7f:a9:95:af:cb:15:04:e5: 50:d7:d6:e9:92:78:7b:71:f4:9d:90:e0:1b:e5:a1:50:cc:c0: 15:41:bf:f1:b1:e2:47:41:14:62:a8:04:25:25:42:aa:dc:44: 09:1c:16:8a:e3:45:b3:43:eb:9c:53:4a:97:b6:78:59:55:6a: 59:d9:a7:8d:d2:8b:8c:22:2e:4a:e9:b0:78:34:38:5e:74:18: 27:cb:70:b0:1f:5d:24:47:1a:3c:a5:23:c8:38:2c:19:99:b3: 73:d0:91:39:55:87:6b:75:9a:48:2c:8b:4f:30:21:1d:c5:c5: e8:83:25:e8:b7:da:ef:c2:db:0b:e9:7d:91:68:2b:65:8c:7b: cd:d4:29:99:54:56:31:09:61:fb:f5:2f:7c:4c:99:44:2f:42: fe:6b:c3:75:0f:e0:f6:36:f9:d9:f4:1b:d9:e2:01:7a:9d:bd: b2:de:f4:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxjGbNHGMM+JscyiSqA+w9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyNDIzODM5ZjIxMDcyMTYyNzY0MWFlNmI2Y2NlYWNlZThk OTA2N2IwHhcNMjUxMjE4MTMwMDQzWhcNMjUxMjE5MTMwMDQzWjAzMTEwLwYDVQQD EygyM2ZiZTg4ZTFkNDkzNTU0NDI3YjkxOWYwYjA3MmY3ZDc1MjA2MTRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsrdmE6dJn0ypE1H5vRMzJZV2Up0 IYW+5QmHX45vNVxc7PsM3ErKGRuH1O1nyEuSs+3qmnFyL8DxUR+GbBIBiBz3/opH XZEINwIlGBdg+jMcffBZdfPz7+FRjrvPZM5PpS4Lq4JY+UkZlc1i9K7jqu1hhJho nTl1QT/1nLXsPotX1Uuq6JOrrYeVi62s/NrUNlfoIP2GOmdpdt1zAgWYGTUaJPul GYoMuEZVcWxklMJZrfOB2AMaNK0dwUTslGVdVn83hjFu8jVw9i5N/gGoWPIM+Xq5 UTl5keVlUCK2WfB8XEzWoqI/xch6mlJJ6CF1J/vyHM/SV/2WdvsDnWTBFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCP76I4dSTVUQnuRnwsHL311IGFPMB8GA1UdIwQY MBaAFCJCODnyEHIWJ2Qa5rbM6s7o2QZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYt OThjODc1YWUzNWM5LzEvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYtOThjODc1YWUzNWM5 LzEvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIC2OdFeb jBobBKqRDDxc6bbf5ohsXTqs69KzMONophJSEK/oyfNiPg7yE7d9M/894aDxX5LD 2YIqaB/fWYqk/bwurWgU1Vshha7DlKF+jckPmX+pla/LFQTlUNfW6ZJ4e3H0nZDg G+WhUMzAFUG/8bHiR0EUYqgEJSVCqtxECRwWiuNFs0PrnFNKl7Z4WVVqWdmnjdKL jCIuSumweDQ4XnQYJ8twsB9dJEcaPKUjyDgsGZmzc9CROVWHa3WaSCyLTzAhHcXF 6IMl6Lfa78LbC+l9kWgrZYx7zdQpmVRWMQlh+/UvfEyZRC9C/mvDdQ/g9jb52fQb 2eIBep29st70pg== -----END CERTIFICATE-----Generated at Thu Dec 18 20:37:36 2025 by rpki-client