This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft File: IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft (raw, json) Hash identifier: mawIqg6yWzEMGOQ2MxUyUss0IoaqS313AE7klGnA190= Subject key identifier: 5E:15:77:64:74:D6:53:0E:30:88:78:DA:E8:18:18:9D:E9:D5:82:5A Authority key identifier: 21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9 Certificate issuer: /CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9 Certificate serial: 019AF12F412EB6B8955DB71A6BFAD4081C90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft Manifest number: 0751 Signing time: Sat 06 Dec 2025 01:03:17 +0000 Manifest this update: Sat 06 Dec 2025 01:03:17 +0000 Manifest next update: Sun 07 Dec 2025 01:03:17 +0000 Files and hashes: 1: IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl (hash: wQ7hdHwMZKajZG0ONQzkZ+EJ1oZRERhISsJc807TjAg=) 2: ZXtK8i0ZkTBxTFkF4gT8SCIZTmw.roa (hash: KikSjMlfZMQPJYB8hmRvlc00FrgqM6UWZDTUG/QEicY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:03:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2f:41:2e:b6:b8:95:5d:b7:1a:6b:fa:d4:08:1c:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9 Validity Not Before: Dec 6 01:03:17 2025 GMT Not After : Dec 7 01:03:17 2025 GMT Subject: CN=5e15776474d6530e308878dae818189de9d5825a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:21:e5:e3:6f:d6:dc:ff:0c:ce:f1:f5:0e:04: a5:f4:b0:8e:2d:48:24:04:61:c8:fe:4e:9b:c4:41: 8a:ce:99:8b:ff:08:30:02:29:5e:a1:98:7d:52:7f: 7c:6e:d2:34:62:13:f2:5f:d7:a8:76:2e:54:18:7b: 06:13:69:0f:ae:33:55:4c:87:01:cf:06:0e:25:48: 21:dd:fb:f8:a6:77:cd:02:76:61:bf:f6:a4:c3:46: f0:1a:cc:29:53:30:8a:8d:13:0d:0f:3d:d6:e4:c8: 5d:9d:7f:d1:64:54:e1:90:6b:f4:0f:d7:d5:d5:7f: 89:75:e9:c0:6c:d9:ae:2a:00:fb:17:93:5a:55:86: 05:8d:25:f0:85:5c:12:ff:20:96:43:49:8d:66:d5: 08:ec:36:eb:09:63:61:ad:ca:da:e1:97:c5:17:de: 00:ab:fc:ca:b6:78:38:97:2f:2f:5c:6b:92:ad:b8: c3:90:81:0d:c3:35:f5:16:55:0e:dc:b0:d0:bc:bb: 72:69:3e:ba:c0:eb:a3:e8:2f:34:4e:94:ce:e9:7c: 13:7f:7d:f3:10:4e:25:0c:0c:77:9c:d6:c4:4a:a7: fb:f8:1d:2e:cf:c4:79:80:ab:c4:f8:24:a4:2a:c1: 79:54:12:ae:08:a0:80:a7:9f:e6:dd:f9:ca:d5:94: 3a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:15:77:64:74:D6:53:0E:30:88:78:DA:E8:18:18:9D:E9:D5:82:5A X509v3 Authority Key Identifier: keyid:21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:0d:2a:d5:f5:9f:9e:4f:77:1d:44:b9:da:08:d6:3d:7b:41: 2b:8e:17:e1:cf:2f:54:f3:5b:ff:8c:10:f5:24:7f:71:f3:9a: da:88:36:61:57:f0:a3:71:6e:c8:8e:2f:c5:a5:e6:4a:d1:30: 24:bf:72:93:ea:07:08:a3:6a:58:76:d4:b7:fc:f4:30:75:10: 5b:22:24:b1:94:20:a4:83:83:6e:e1:09:b7:9a:3c:82:c0:9f: ab:f9:79:91:ed:d2:79:16:89:ef:f8:12:c3:ba:cb:72:4a:db: 0e:77:12:65:78:b3:f3:2f:63:9f:3a:51:27:c1:13:63:59:50: 2e:0b:ee:50:88:b9:7b:72:95:f0:e8:06:b2:98:1d:0a:f6:4f: 20:24:bc:ff:c1:bb:39:d7:42:d4:0c:f3:9c:14:53:39:bb:2b: bd:07:a5:31:2b:13:1c:c7:c6:fd:63:c0:a6:25:19:a6:7f:c7: ee:84:7b:80:05:a6:9d:0f:6d:36:84:06:d7:09:83:ab:ce:37: 1a:61:4f:80:60:b4:e7:ec:d8:94:ea:0c:6d:2a:d3:36:87:74: 74:31:4b:84:6d:9f:23:20:b6:c1:05:82:3c:8b:90:36:8c:75: ee:f5:f7:d6:17:2e:b9:fa:dd:71:ee:f7:a3:91:8e:22:d5:1e: ab:86:db:a8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxL0EutriVXbcaa/rUCByQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMGQxYzBkYjVhYTE4ODBkNzc0N2UyMmYxZGJmNDcxNmQz MTAxYTkwHhcNMjUxMjA2MDEwMzE3WhcNMjUxMjA3MDEwMzE3WjAzMTEwLwYDVQQD Eyg1ZTE1Nzc2NDc0ZDY1MzBlMzA4ODc4ZGFlODE4MTg5ZGU5ZDU4MjVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCHl42/W3P8MzvH1DgSl9LCOLUgk BGHI/k6bxEGKzpmL/wgwAileoZh9Un98btI0YhPyX9eodi5UGHsGE2kPrjNVTIcB zwYOJUgh3fv4pnfNAnZhv/akw0bwGswpUzCKjRMNDz3W5MhdnX/RZFThkGv0D9fV 1X+JdenAbNmuKgD7F5NaVYYFjSXwhVwS/yCWQ0mNZtUI7DbrCWNhrcra4ZfFF94A q/zKtng4ly8vXGuSrbjDkIENwzX1FlUO3LDQvLtyaT66wOuj6C80TpTO6XwTf33z EE4lDAx3nNbESqf7+B0uz8R5gKvE+CSkKsF5VBKuCKCAp5/m3fnK1ZQ6NQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF4Vd2R01lMOMIh42ugYGJ3p1YJaMB8GA1UdIwQY MBaAFCENHA21qhiA13R+IvHb9HFtMQGpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUt ZDcxMTMwYzZjMGY5LzEvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUtZDcxMTMwYzZjMGY5 LzEvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUw0q1fWf nk93HUS52gjWPXtBK44X4c8vVPNb/4wQ9SR/cfOa2og2YVfwo3FuyI4vxaXmStEw JL9yk+oHCKNqWHbUt/z0MHUQWyIksZQgpIODbuEJt5o8gsCfq/l5ke3SeRaJ7/gS w7rLckrbDncSZXiz8y9jnzpRJ8ETY1lQLgvuUIi5e3KV8OgGspgdCvZPICS8/8G7 OddC1AzznBRTObsrvQelMSsTHMfG/WPApiUZpn/H7oR7gAWmnQ9tNoQG1wmDq843 GmFPgGC05+zYlOoMbSrTNod0dDFLhG2fIyC2wQWCPIuQNox17vX31hcuufrdce73 o5GOItUeq4bbqA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:13:18 2025 by rpki-client