This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/8e291a-b655-46e4-bdc3-ef5ba54adb59/1/ILSHOEKpBPGmlyATk-e6YmhC9K8.mft File: ILSHOEKpBPGmlyATk-e6YmhC9K8.mft (raw, json) Hash identifier: FVjJc4fwxMitec+Kvat7ow/uEote3wQC6FqYtYWzwbo= Subject key identifier: D7:F9:0A:39:68:05:8D:E1:A3:42:7C:95:2E:89:43:FE:0B:FE:E3:5F Authority key identifier: 20:B4:87:38:42:A9:04:F1:A6:97:20:13:93:E7:BA:62:68:42:F4:AF Certificate issuer: /CN=20b4873842a904f1a697201393e7ba626842f4af Certificate serial: 019AF5AEB90A729B94A4063BFEC055C2CBD1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILSHOEKpBPGmlyATk-e6YmhC9K8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/8e291a-b655-46e4-bdc3-ef5ba54adb59/1/ILSHOEKpBPGmlyATk-e6YmhC9K8.mft Manifest number: 0281 Signing time: Sat 06 Dec 2025 22:00:59 +0000 Manifest this update: Sat 06 Dec 2025 22:00:59 +0000 Manifest next update: Sun 07 Dec 2025 22:00:59 +0000 Files and hashes: 1: ILSHOEKpBPGmlyATk-e6YmhC9K8.crl (hash: 7Qsuebyl0MXFq+czENzmJvLL1NgPUKj3tpCXtoIzjis=) 2: ikBv5b5jvUgLHCzEElZRpG0xhaQ.roa (hash: gqu/sWjZphbSMNC/g5mms3lw1LEITcFb3ZdY4tecg1U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/8e291a-b655-46e4-bdc3-ef5ba54adb59/1/ILSHOEKpBPGmlyATk-e6YmhC9K8.crl rsync://rpki.ripe.net/repository/DEFAULT/da/8e291a-b655-46e4-bdc3-ef5ba54adb59/1/ILSHOEKpBPGmlyATk-e6YmhC9K8.mft rsync://rpki.ripe.net/repository/DEFAULT/ILSHOEKpBPGmlyATk-e6YmhC9K8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:b9:0a:72:9b:94:a4:06:3b:fe:c0:55:c2:cb:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20b4873842a904f1a697201393e7ba626842f4af Validity Not Before: Dec 6 22:00:59 2025 GMT Not After : Dec 7 22:00:59 2025 GMT Subject: CN=d7f90a3968058de1a3427c952e8943fe0bfee35f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:1e:85:68:a2:60:29:11:f8:a8:06:f4:4f:74: cd:76:05:e9:f2:93:e3:16:0b:f0:fe:85:a0:30:43: 4a:17:14:ed:ff:e2:02:c8:44:a2:1b:3e:f7:26:0d: 0f:ff:29:7f:30:7d:dd:a8:ab:43:d6:78:ae:bb:30: 82:f8:21:c6:22:b9:a9:b2:55:b2:e6:9d:95:0e:52: 87:a5:cd:2a:a8:2a:38:db:3a:f0:19:9e:b5:b0:d2: fa:b8:29:18:59:d8:3e:6b:34:f3:47:6e:b2:d3:f1: 1d:2c:81:b1:96:64:2b:35:b1:54:14:79:45:95:2d: 81:22:c1:8f:49:0c:d2:7b:77:a5:b4:8e:5f:4a:7e: 04:9e:2a:95:66:8b:ad:b5:ef:2d:79:61:46:00:5d: fa:0d:e2:a2:73:5a:56:54:0f:ab:36:ac:0f:c3:7b: 0e:8e:b7:e8:40:32:47:a3:f8:bb:0d:c0:77:a7:76: 13:1d:34:f7:7c:d0:cd:8e:3f:90:e7:03:65:60:a4: ae:a8:5f:10:3d:fa:d1:91:c0:b5:7b:56:89:8d:26: 5c:80:e1:1d:84:e2:83:3d:da:35:d7:a1:29:ad:29: 3d:8d:36:b8:ce:ed:3b:fe:82:83:fc:e7:a2:c5:a1: 0a:0d:73:50:31:c8:56:d3:64:ee:e2:67:a0:d2:e6: 99:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:F9:0A:39:68:05:8D:E1:A3:42:7C:95:2E:89:43:FE:0B:FE:E3:5F X509v3 Authority Key Identifier: keyid:20:B4:87:38:42:A9:04:F1:A6:97:20:13:93:E7:BA:62:68:42:F4:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILSHOEKpBPGmlyATk-e6YmhC9K8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/8e291a-b655-46e4-bdc3-ef5ba54adb59/1/ILSHOEKpBPGmlyATk-e6YmhC9K8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/8e291a-b655-46e4-bdc3-ef5ba54adb59/1/ILSHOEKpBPGmlyATk-e6YmhC9K8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:06:ae:3f:bf:b0:05:04:7e:71:05:a0:6e:60:b3:68:1b:81: 3d:46:30:69:aa:de:20:95:eb:c5:56:51:b0:4e:ca:9e:8b:d0: 6e:51:46:e3:aa:00:19:08:14:1a:8f:8a:93:87:69:1a:69:a3: cf:3f:ef:9e:74:98:95:16:2c:84:16:34:32:41:35:ad:4f:de: 4d:50:36:fb:29:63:b4:22:8b:73:e5:42:f0:35:c7:bc:14:aa: 8a:31:fa:ab:98:6c:b8:17:58:4d:ec:79:5e:a0:5b:e0:ee:71: 1b:da:0f:37:ef:aa:0e:15:2b:fd:e1:cb:ac:fc:dd:bd:b4:9f: 4f:20:2c:07:4b:7f:9f:c5:f2:5c:57:71:4b:01:bf:54:9e:6d: b2:30:9f:54:cc:99:7e:9b:68:fd:1a:59:87:b2:51:f8:26:26: 30:04:e8:a2:1b:90:63:f8:29:b0:0e:3b:cb:28:ad:42:cc:47: b3:21:d5:c1:f7:56:dd:4c:cd:f4:fe:69:c8:8c:ae:3a:85:d1: e0:22:5c:ca:de:fc:e1:a6:8e:85:a9:88:a4:a2:89:89:46:a6: 58:03:0a:3b:67:38:ff:af:9e:7c:57:28:92:fb:f4:e4:72:77: f3:dc:c2:b7:c3:61:1c:9a:81:56:da:8a:50:ca:47:13:0e:5b: 45:94:e2:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rrkKcpuUpAY7/sBVwsvRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwYjQ4NzM4NDJhOTA0ZjFhNjk3MjAxMzkzZTdiYTYyNjg0 MmY0YWYwHhcNMjUxMjA2MjIwMDU5WhcNMjUxMjA3MjIwMDU5WjAzMTEwLwYDVQQD EyhkN2Y5MGEzOTY4MDU4ZGUxYTM0MjdjOTUyZTg5NDNmZTBiZmVlMzVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB6FaKJgKRH4qAb0T3TNdgXp8pPj Fgvw/oWgMENKFxTt/+ICyESiGz73Jg0P/yl/MH3dqKtD1niuuzCC+CHGIrmpslWy 5p2VDlKHpc0qqCo42zrwGZ61sNL6uCkYWdg+azTzR26y0/EdLIGxlmQrNbFUFHlF lS2BIsGPSQzSe3eltI5fSn4EniqVZoutte8teWFGAF36DeKic1pWVA+rNqwPw3sO jrfoQDJHo/i7DcB3p3YTHTT3fNDNjj+Q5wNlYKSuqF8QPfrRkcC1e1aJjSZcgOEd hOKDPdo116EprSk9jTa4zu07/oKD/OeixaEKDXNQMchW02Tu4meg0uaZNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNf5CjloBY3ho0J8lS6JQ/4L/uNfMB8GA1UdIwQY MBaAFCC0hzhCqQTxppcgE5PnumJoQvSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUxTSE9FS3BCUEdtbHlBVGstZTZZbWhDOUs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84ZTI5MWEtYjY1NS00NmU0LWJkYzMt ZWY1YmE1NGFkYjU5LzEvSUxTSE9FS3BCUEdtbHlBVGstZTZZbWhDOUs4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS84ZTI5MWEtYjY1NS00NmU0LWJkYzMtZWY1YmE1NGFkYjU5 LzEvSUxTSE9FS3BCUEdtbHlBVGstZTZZbWhDOUs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQauP7+w BQR+cQWgbmCzaBuBPUYwaareIJXrxVZRsE7KnovQblFG46oAGQgUGo+Kk4dpGmmj zz/vnnSYlRYshBY0MkE1rU/eTVA2+yljtCKLc+VC8DXHvBSqijH6q5hsuBdYTex5 XqBb4O5xG9oPN++qDhUr/eHLrPzdvbSfTyAsB0t/n8XyXFdxSwG/VJ5tsjCfVMyZ fpto/RpZh7JR+CYmMAToohuQY/gpsA47yyitQsxHsyHVwfdW3UzN9P5pyIyuOoXR 4CJcyt784aaOhamIpKKJiUamWAMKO2c4/6+efFcokvv05HJ389zCt8NhHJqBVtqK UMpHEw5bRZTilg== -----END CERTIFICATE-----Generated at Sun Dec 7 02:58:47 2025 by rpki-client