This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json) Hash identifier: L7LltO5mtHuA8yM8KNL/AFTtobY/h0rgJP55LVH/TgI= Subject key identifier: A6:04:29:0E:DF:01:D4:76:35:81:DB:6F:A6:C7:8F:0F:0B:9D:E5:0D Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21 Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21 Certificate serial: 019AF19B3B6B98D79B01F7038AA9F4EF9DC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 03:01:13 +0000 Manifest this update: Sat 06 Dec 2025 03:01:13 +0000 Manifest next update: Sun 07 Dec 2025 03:01:13 +0000 Files and hashes: 1: HbgX7OEx-8g9VTQvYvbD_e0bPJ4.roa (hash: W8tzfEVYuZk67nGO3GJK/wSiRVXk9GPJqQ4Zpo1nq8A=) 2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: o2bTJPuLlcqR6kE2sJxRbvZMp4OA5WzratZFx3rAGYQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:3b:6b:98:d7:9b:01:f7:03:8a:a9:f4:ef:9d:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21 Validity Not Before: Dec 6 03:01:13 2025 GMT Not After : Dec 7 03:01:13 2025 GMT Subject: CN=a604290edf01d4763581db6fa6c78f0f0b9de50d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:11:bd:68:7b:27:d8:ca:67:18:79:ad:99:e1: 71:43:8d:fe:a5:d2:77:13:96:3e:a0:bd:23:a0:9c: 87:34:be:a0:bd:ea:ac:99:16:a6:73:8f:a8:17:02: 1c:36:eb:33:67:77:d6:cf:b2:84:af:ae:bc:44:82: 37:26:a7:67:5d:60:1b:24:40:99:d9:84:10:a3:28: 7b:31:a3:56:8a:57:7c:83:92:7a:cf:93:bf:dd:36: e7:85:3e:f2:ab:b6:56:45:5d:16:fc:58:46:f2:0e: a7:e2:e5:68:b3:b8:45:42:18:7a:2d:7b:8b:92:05: 90:6a:1b:27:87:42:99:62:9a:75:ab:66:55:b1:19: 6d:b0:72:83:e3:f2:b3:28:e4:01:c9:be:45:8e:93: 66:81:24:19:f5:0f:ae:10:07:64:a0:a0:05:4b:87: 96:98:0a:76:59:2e:62:99:a0:b3:01:19:60:47:01: ee:3d:47:29:8b:0e:99:1e:d2:10:fc:b2:c6:ac:82: 53:1d:68:82:85:75:7e:02:f0:6b:00:f9:b2:b3:b4: 43:41:b6:dd:71:15:6b:3c:33:b1:ee:4c:8e:30:f9: 21:de:0f:01:25:6c:6c:05:22:1b:1e:e3:e1:4c:4c: c6:6a:88:94:68:9d:df:ac:dd:29:b9:65:2c:a4:d8: 80:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:04:29:0E:DF:01:D4:76:35:81:DB:6F:A6:C7:8F:0F:0B:9D:E5:0D X509v3 Authority Key Identifier: keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:49:3c:cf:fa:c1:bb:1e:06:8f:be:ce:2f:e7:87:75:6f:5b: 82:cc:1f:8f:8f:f1:a6:81:e0:4d:b3:69:70:3d:fd:e5:5a:5e: 2f:49:15:c1:1a:e0:80:5d:3a:b1:65:98:5b:a2:b1:43:70:54: c7:11:ee:ea:ab:89:eb:9e:cc:0c:7c:bb:66:17:f8:fd:10:73: 73:a6:5b:8c:86:2a:d5:d1:b1:fb:06:60:85:94:e6:c2:3d:35: d1:e5:59:df:83:53:d9:66:46:91:1c:4c:f3:a3:34:f9:ff:80: 14:a7:23:ff:85:dd:fc:98:1e:18:97:02:19:55:dc:6c:0c:4d: b8:b5:8b:86:e1:87:0b:20:13:1a:4c:34:fb:41:2e:84:ee:eb: 50:e2:95:02:8c:d3:a7:77:d8:28:85:0b:e7:b0:73:a4:30:77: 0c:d3:b5:89:e7:69:b0:80:51:4c:c9:23:9a:b2:42:41:f8:2e: cf:52:6b:02:b5:45:a8:d8:1c:86:eb:a0:5a:dc:33:6f:f1:26: 98:46:03:a9:2a:59:c5:62:c7:22:aa:7f:bf:d9:a5:14:83:66: 22:ce:0d:bd:0f:ef:f3:4e:c8:a5:bb:cb:84:0f:d6:8d:78:b5: 32:63:96:2d:24:97:7c:3d:61:bd:b4:52:c7:59:66:69:12:b3: 49:c4:fc:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmztrmNebAfcDiqn0753GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy ZjZiMjEwHhcNMjUxMjA2MDMwMTEzWhcNMjUxMjA3MDMwMTEzWjAzMTEwLwYDVQQD EyhhNjA0MjkwZWRmMDFkNDc2MzU4MWRiNmZhNmM3OGYwZjBiOWRlNTBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhG9aHsn2MpnGHmtmeFxQ43+pdJ3 E5Y+oL0joJyHNL6gveqsmRamc4+oFwIcNuszZ3fWz7KEr668RII3JqdnXWAbJECZ 2YQQoyh7MaNWild8g5J6z5O/3TbnhT7yq7ZWRV0W/FhG8g6n4uVos7hFQhh6LXuL kgWQahsnh0KZYpp1q2ZVsRltsHKD4/KzKOQByb5FjpNmgSQZ9Q+uEAdkoKAFS4eW mAp2WS5imaCzARlgRwHuPUcpiw6ZHtIQ/LLGrIJTHWiChXV+AvBrAPmys7RDQbbd cRVrPDOx7kyOMPkh3g8BJWxsBSIbHuPhTEzGaoiUaJ3frN0puWUspNiAEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKYEKQ7fAdR2NYHbb6bHjw8LneUNMB8GA1UdIwQY MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2 LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABEk8z/rB ux4Gj77OL+eHdW9bgswfj4/xpoHgTbNpcD395VpeL0kVwRrggF06sWWYW6KxQ3BU xxHu6quJ657MDHy7Zhf4/RBzc6ZbjIYq1dGx+wZghZTmwj010eVZ34NT2WZGkRxM 86M0+f+AFKcj/4Xd/JgeGJcCGVXcbAxNuLWLhuGHCyATGkw0+0EuhO7rUOKVAozT p3fYKIUL57BzpDB3DNO1iedpsIBRTMkjmrJCQfguz1JrArVFqNgchuugWtwzb/Em mEYDqSpZxWLHIqp/v9mlFINmIs4NvQ/v807IpbvLhA/WjXi1MmOWLSSXfD1hvbRS x1lmaRKzScT8aw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:22:19 2025 by rpki-client