This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft File: IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft (raw, json) Hash identifier: Bh2acXrb9JJucSNlrDJK/Ycvnn2+P6EzE2j+whIBOU0= Subject key identifier: 1E:5D:83:10:B4:04:35:05:82:D5:65:D8:49:28:4A:FD:A6:19:20:B4 Authority key identifier: 21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9 Certificate issuer: /CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9 Certificate serial: 019AF27712CB48BCE5E325CEA56202A3BC29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft Manifest number: 0A5C Signing time: Sat 06 Dec 2025 07:01:21 +0000 Manifest this update: Sat 06 Dec 2025 07:01:21 +0000 Manifest next update: Sun 07 Dec 2025 07:01:21 +0000 Files and hashes: 1: IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl (hash: OomphIUeOURNE8rP3fLCdYAzP3Fj566MViG6RVWCsOU=) 2: NfqHOhcJXcqSfQpuNgytLU6Q0gw.roa (hash: fdvl8Vjh1i6SnoxQG77IPFWNq1tbBXhWcHGwbwfOV50=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:12:cb:48:bc:e5:e3:25:ce:a5:62:02:a3:bc:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9 Validity Not Before: Dec 6 07:01:21 2025 GMT Not After : Dec 7 07:01:21 2025 GMT Subject: CN=1e5d8310b404350582d565d849284afda61920b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:17:95:2d:69:1d:db:52:51:dc:c3:82:82:fa: 14:c4:2b:c2:16:d3:41:bf:3f:a5:31:64:da:1b:39: c4:06:d8:2e:c7:dc:94:f7:67:0a:b4:2f:77:e6:7d: 1b:9b:cb:bf:8b:38:11:10:43:19:a8:86:93:9d:e9: 15:0e:84:a4:80:39:12:58:85:29:30:b6:a4:1d:6d: 90:e3:2d:c9:ee:90:31:2f:86:99:23:83:57:fb:b8: 4e:2c:da:f3:87:80:e1:41:4b:87:a7:84:9b:e8:00: c8:91:55:0f:50:ea:2f:71:e0:97:12:22:c9:7e:5c: 89:ad:33:f7:ca:f6:b0:ed:32:9d:fe:b3:7b:31:7e: 3e:2c:47:e8:f6:ce:06:6a:62:16:a1:97:37:32:8e: 34:5a:17:40:bc:ae:d0:6a:71:c7:e3:71:fc:cd:2c: 77:eb:c6:3b:cf:6e:7e:81:0c:0e:a8:8e:fa:bd:2f: ef:13:81:9e:f1:8f:d3:00:51:2d:24:04:b7:49:f9: a4:89:0b:b6:4a:b7:d3:ff:32:e9:c1:b1:ad:70:20: a1:4a:02:64:ee:42:ae:ee:1c:73:c7:d5:f1:c2:29: 41:91:44:43:32:95:7d:af:44:aa:59:da:ee:0c:4d: 01:dc:9d:ba:dc:23:89:95:cf:81:a8:c1:68:4e:89: 15:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:5D:83:10:B4:04:35:05:82:D5:65:D8:49:28:4A:FD:A6:19:20:B4 X509v3 Authority Key Identifier: keyid:21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:50:d3:04:25:c2:f4:c3:71:dd:ec:f2:ed:56:8d:6b:77:f0: cb:88:cb:95:1a:fb:5c:92:db:07:f0:d7:10:31:e3:d7:77:fa: 9a:33:52:41:9a:fa:74:6e:88:24:28:28:63:c1:c8:59:8a:8f: 8f:1a:f8:d1:35:af:ae:6d:3a:0a:52:da:7c:f9:fb:da:c0:3f: 36:ae:bf:2d:ba:dd:62:48:43:76:83:b6:88:e1:79:09:ef:c7: 59:2b:01:a7:92:24:ea:23:5e:31:21:41:66:9c:ae:d4:12:cf: f9:e7:5e:31:9d:1a:ae:7f:87:88:09:b0:52:03:a3:9f:62:16: d2:89:31:33:f5:46:33:07:70:85:c7:30:68:a0:f1:43:8a:6d: 83:f8:7b:6b:81:97:3d:e9:7f:81:38:cf:56:db:e8:66:0d:c5: f4:6d:cc:f8:6b:83:fa:b6:c2:ac:37:4d:f8:4c:be:cf:93:9d: 98:f2:a6:0b:10:11:84:16:ba:2a:7f:08:79:df:9d:e6:15:94: c8:ad:bc:3b:c6:ad:da:01:3b:04:97:29:f8:4d:13:77:5a:83: 29:5e:8d:4c:b8:92:34:f1:46:3f:6f:08:72:fa:23:64:86:49: 0a:c5:58:3e:9b:8c:f2:89:f9:da:02:06:de:7c:c9:e2:02:3e: 4f:51:50:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydxLLSLzl4yXOpWICo7wpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxNTMwZTlkMDllMmZmOGMzODQxMzYxNTU4OWE1ZjIwNmU3 ZjNlYTkwHhcNMjUxMjA2MDcwMTIxWhcNMjUxMjA3MDcwMTIxWjAzMTEwLwYDVQQD EygxZTVkODMxMGI0MDQzNTA1ODJkNTY1ZDg0OTI4NGFmZGE2MTkyMGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBeVLWkd21JR3MOCgvoUxCvCFtNB vz+lMWTaGznEBtgux9yU92cKtC935n0bm8u/izgREEMZqIaTnekVDoSkgDkSWIUp MLakHW2Q4y3J7pAxL4aZI4NX+7hOLNrzh4DhQUuHp4Sb6ADIkVUPUOovceCXEiLJ flyJrTP3yvaw7TKd/rN7MX4+LEfo9s4GamIWoZc3Mo40WhdAvK7QanHH43H8zSx3 68Y7z25+gQwOqI76vS/vE4Ge8Y/TAFEtJAS3SfmkiQu2SrfT/zLpwbGtcCChSgJk 7kKu7hxzx9XxwilBkURDMpV9r0SqWdruDE0B3J263COJlc+BqMFoTokVNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB5dgxC0BDUFgtVl2EkoSv2mGSC0MB8GA1UdIwQY MBaAFCFTDp0J4v+MOEE2FViaXyBufz6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDIt NjI0ZjRjMTQxZjJjLzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDItNjI0ZjRjMTQxZjJj LzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdFDTBCXC 9MNx3ezy7VaNa3fwy4jLlRr7XJLbB/DXEDHj13f6mjNSQZr6dG6IJCgoY8HIWYqP jxr40TWvrm06ClLafPn72sA/Nq6/LbrdYkhDdoO2iOF5Ce/HWSsBp5Ik6iNeMSFB Zpyu1BLP+edeMZ0arn+HiAmwUgOjn2IW0okxM/VGMwdwhccwaKDxQ4ptg/h7a4GX Pel/gTjPVtvoZg3F9G3M+GuD+rbCrDdN+Ey+z5OdmPKmCxARhBa6Kn8Ied+d5hWU yK28O8at2gE7BJcp+E0Td1qDKV6NTLiSNPFGP28IcvojZIZJCsVYPpuM8on52gIG 3nzJ4gI+T1FQ3A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:08:03 2025 by rpki-client