This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.mft File: IxMMmax6pAhscXVxFKQWP4AJAUI.mft (raw, json) Hash identifier: jxVUQS/GW3B9R7+oszptNIwpyggL+0VMcfY0H9xl1P0= Subject key identifier: 8D:12:C8:87:EA:14:4C:A0:9B:D3:C5:C2:7E:DA:D1:EC:42:28:E9:F7 Authority key identifier: 23:13:0C:99:AC:7A:A4:08:6C:71:75:71:14:A4:16:3F:80:09:01:42 Certificate issuer: /CN=23130c99ac7aa4086c71757114a4163f80090142 Certificate serial: 019AF208D1F9C3E177EBFDA37150A7A17212 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IxMMmax6pAhscXVxFKQWP4AJAUI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.mft Manifest number: 0AAA Signing time: Sat 06 Dec 2025 05:00:55 +0000 Manifest this update: Sat 06 Dec 2025 05:00:55 +0000 Manifest next update: Sun 07 Dec 2025 05:00:55 +0000 Files and hashes: 1: 7LeNtT1Py-375udT6tgnEczdaA4.roa (hash: KcUWkl6MBuk85woap7zLa0rzE+sobb9Vo8npqesilrw=) 2: IxMMmax6pAhscXVxFKQWP4AJAUI.crl (hash: k795B2tEISb7fIGJAs2v7lRy+cmVhhU3dDUVqNlN5z4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.mft rsync://rpki.ripe.net/repository/DEFAULT/IxMMmax6pAhscXVxFKQWP4AJAUI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:d1:f9:c3:e1:77:eb:fd:a3:71:50:a7:a1:72:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23130c99ac7aa4086c71757114a4163f80090142 Validity Not Before: Dec 6 05:00:55 2025 GMT Not After : Dec 7 05:00:55 2025 GMT Subject: CN=8d12c887ea144ca09bd3c5c27edad1ec4228e9f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:3a:2c:0e:a4:f3:21:71:3e:70:ed:38:a3:5a: ab:15:48:b7:fa:84:b3:53:bc:99:6c:cd:26:b5:cd: 9e:f9:f2:99:00:d4:d0:b9:7a:d7:98:4e:e1:66:04: 76:b6:3c:4a:53:ee:76:63:1c:1c:55:30:ad:f3:ce: 22:7e:fd:0e:18:04:f9:1e:16:30:59:e7:62:b1:04: 09:05:c1:bf:90:c7:0c:43:6a:5c:8b:78:98:da:92: 33:c6:4e:33:c1:28:9b:25:13:e6:38:8b:68:7a:00: 9c:0b:8d:27:ad:eb:80:4e:85:31:d2:50:7a:9c:62: a5:a3:1c:f3:96:79:51:08:bf:c9:07:7d:f0:69:c1: 54:85:84:51:ba:57:7a:30:0e:a3:0d:f1:ca:36:8c: bf:5e:5f:06:9b:12:91:a7:b4:aa:fe:9a:d3:3e:6e: fb:ee:54:08:16:75:a1:ac:38:8d:cc:d0:37:21:f1: b4:56:cb:99:5d:83:29:71:5a:b0:60:f9:ad:72:eb: 8c:7b:9a:8b:88:75:35:3b:9a:43:a9:89:d3:a5:9b: 08:5f:fb:98:11:54:57:5c:50:a7:a7:e7:90:bc:d1: 97:76:e6:d4:2c:5b:c6:76:a7:74:ca:9a:f2:50:b2: 44:27:8e:e7:fd:8f:36:b7:58:c3:79:a2:c3:b4:f2: cc:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:12:C8:87:EA:14:4C:A0:9B:D3:C5:C2:7E:DA:D1:EC:42:28:E9:F7 X509v3 Authority Key Identifier: keyid:23:13:0C:99:AC:7A:A4:08:6C:71:75:71:14:A4:16:3F:80:09:01:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IxMMmax6pAhscXVxFKQWP4AJAUI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5c3ae6-2934-479e-8c2d-8e8d5b3e5586/1/IxMMmax6pAhscXVxFKQWP4AJAUI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:5c:09:20:1b:6b:f1:18:24:ac:91:57:b4:0f:db:7f:75:eb: 3f:fd:3f:f9:54:38:a2:a3:1e:b5:c8:89:8d:8e:ff:d0:17:c7: 69:ce:6e:a7:9e:c9:30:32:42:e3:1b:d9:1a:ee:d1:ec:be:50: 77:06:a2:a5:57:91:d9:8f:5a:eb:39:3b:3c:76:b7:35:9a:92: 6f:ff:9e:a4:ca:93:bb:1e:63:d9:47:7e:66:bd:06:93:d6:e4: 46:d1:97:92:56:78:c3:e0:08:3c:08:05:fe:ce:a7:08:69:13: 08:8a:9a:d3:31:b3:fc:a2:e5:dc:5d:00:b8:e4:1e:96:1a:88: 4b:7d:bf:84:a4:8e:32:61:48:f2:57:be:b5:f4:a0:4a:ca:3a: d3:97:be:a7:4c:c4:8f:cb:2d:12:a8:22:28:01:a0:62:84:60: 7d:1c:de:c7:83:c1:a7:51:7d:39:f9:af:b4:84:7b:0f:f2:7a: 85:f4:de:f6:5a:1c:83:cc:3b:79:ce:4f:04:18:b9:d1:6c:f0: 02:d7:7a:87:bb:eb:de:38:1b:96:b6:0f:de:6e:3b:4d:5b:58: 4f:32:a5:e5:96:b3:f5:e3:52:f6:63:96:9d:cf:3d:a2:25:08: 77:19:6f:57:29:55:71:68:a9:de:94:bc:aa:c5:46:50:68:cb: 96:11:9e:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCNH5w+F36/2jcVCnoXISMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMTMwYzk5YWM3YWE0MDg2YzcxNzU3MTE0YTQxNjNmODAw OTAxNDIwHhcNMjUxMjA2MDUwMDU1WhcNMjUxMjA3MDUwMDU1WjAzMTEwLwYDVQQD Eyg4ZDEyYzg4N2VhMTQ0Y2EwOWJkM2M1YzI3ZWRhZDFlYzQyMjhlOWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzosDqTzIXE+cO04o1qrFUi3+oSz U7yZbM0mtc2e+fKZANTQuXrXmE7hZgR2tjxKU+52YxwcVTCt884ifv0OGAT5HhYw WedisQQJBcG/kMcMQ2pci3iY2pIzxk4zwSibJRPmOItoegCcC40nreuAToUx0lB6 nGKloxzzlnlRCL/JB33wacFUhYRRuld6MA6jDfHKNoy/Xl8GmxKRp7Sq/prTPm77 7lQIFnWhrDiNzNA3IfG0VsuZXYMpcVqwYPmtcuuMe5qLiHU1O5pDqYnTpZsIX/uY EVRXXFCnp+eQvNGXdubULFvGdqd0ypryULJEJ47n/Y82t1jDeaLDtPLMowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI0SyIfqFEygm9PFwn7a0exCKOn3MB8GA1UdIwQY MBaAFCMTDJmseqQIbHF1cRSkFj+ACQFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXhNTW1heDZwQWhzY1hWeEZLUVdQNEFKQVVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81YzNhZTYtMjkzNC00NzllLThjMmQt OGU4ZDViM2U1NTg2LzEvSXhNTW1heDZwQWhzY1hWeEZLUVdQNEFKQVVJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy81YzNhZTYtMjkzNC00NzllLThjMmQtOGU4ZDViM2U1NTg2 LzEvSXhNTW1heDZwQWhzY1hWeEZLUVdQNEFKQVVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclwJIBtr 8RgkrJFXtA/bf3XrP/0/+VQ4oqMetciJjY7/0BfHac5up57JMDJC4xvZGu7R7L5Q dwaipVeR2Y9a6zk7PHa3NZqSb/+epMqTux5j2Ud+Zr0Gk9bkRtGXklZ4w+AIPAgF /s6nCGkTCIqa0zGz/KLl3F0AuOQelhqIS32/hKSOMmFI8le+tfSgSso605e+p0zE j8stEqgiKAGgYoRgfRzex4PBp1F9OfmvtIR7D/J6hfTe9locg8w7ec5PBBi50Wzw Atd6h7vr3jgblrYP3m47TVtYTzKl5Zaz9eNS9mOWnc89oiUIdxlvVylVcWip3pS8 qsVGUGjLlhGeSg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:06:12 2025 by rpki-client