This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json) Hash identifier: xIeTPutVZw5cFIEznN7C+0tK5zqIYSz6lLxACTTmaAs= Subject key identifier: 94:3A:5E:8F:A9:32:99:7E:F9:51:59:D5:0D:BA:89:DB:D9:C9:81:F5 Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Certificate serial: 019AF23FC062A71F04D26CDEAE828986D8A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft Manifest number: 0F43 Signing time: Sat 06 Dec 2025 06:00:55 +0000 Manifest this update: Sat 06 Dec 2025 06:00:55 +0000 Manifest next update: Sun 07 Dec 2025 06:00:55 +0000 Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: k9uEhKBJR4WWVAwB0/qLMlWH187QakCE5wCE9ZtC1U8=) 2: vKn82l16VjLcws3vWmstSLyeRWc.roa (hash: 69t8lHqeYhq+/2Zvm3uALN86FxM4aXQbhwTdxmIef8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:c0:62:a7:1f:04:d2:6c:de:ae:82:89:86:d8:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df Validity Not Before: Dec 6 06:00:55 2025 GMT Not After : Dec 7 06:00:55 2025 GMT Subject: CN=943a5e8fa932997ef95159d50dba89dbd9c981f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f6:55:b0:76:60:cb:65:ca:03:92:e1:f2:85: 2e:79:dc:e8:38:9d:52:a7:0b:10:72:9a:e7:57:30: 0c:96:22:4d:9d:1d:c3:02:01:80:60:97:2a:e6:00: 70:d9:58:9b:52:8a:0a:76:2b:87:6f:2f:53:ea:d1: 8b:90:ff:27:c2:cf:bd:a5:05:0b:80:b2:8a:c1:da: e5:ad:57:70:15:66:7d:b2:64:84:06:15:28:b3:8a: 1d:3d:0f:dc:d6:b3:b8:5f:28:4a:0f:7c:77:e0:9a: 25:37:7d:cb:00:63:5d:15:2a:03:50:05:e1:0a:b5: 59:41:1e:34:38:ca:47:fb:8e:92:18:d2:39:a3:a4: d6:5d:93:50:df:27:3f:9d:b2:e9:4e:42:70:2c:c4: 2b:4a:ef:07:65:52:6b:72:92:32:5a:7f:25:ad:66: b0:55:e2:c4:c5:aa:34:25:7b:ea:d3:41:83:14:48: 9b:7e:b2:7b:10:1f:0b:d8:6e:db:f0:50:84:7c:07: 36:21:1a:a8:4f:d6:af:e0:fb:41:1b:de:2a:27:53: 8d:b6:1b:2a:62:d6:97:9a:8f:9d:df:55:e2:17:26: 4e:36:f6:9f:fa:fb:59:f4:b1:6c:f6:78:54:62:3f: e9:42:69:64:2d:1e:e0:e7:9c:d4:4e:1f:30:80:60: a9:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:3A:5E:8F:A9:32:99:7E:F9:51:59:D5:0D:BA:89:DB:D9:C9:81:F5 X509v3 Authority Key Identifier: keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:51:b5:93:52:38:d6:fd:89:78:22:05:86:b1:9e:a0:90:1e: 88:13:d3:82:11:ab:97:64:27:40:29:6e:3f:9b:e4:22:70:60: f1:78:04:bd:51:6c:1f:44:1d:17:16:87:b3:7b:63:0f:d0:76: b7:d9:ad:76:0f:b0:23:0d:1a:61:75:c9:cf:1e:43:9f:7b:08: 4c:f0:9e:f5:e5:99:45:b1:4a:c6:69:42:d5:5e:84:0f:cb:5c: 7c:00:5b:60:60:35:4a:27:70:46:ac:f5:f5:c1:e5:25:1c:1d: 52:8c:5a:b2:1b:6d:54:7d:7b:78:03:2d:0d:1a:f3:b1:45:a8: 6d:ff:7f:94:5b:a4:69:29:33:9c:af:de:1c:43:dd:8a:12:57: 5b:57:d3:ce:93:97:8f:91:55:a8:46:6a:d4:a9:d9:a4:13:88: 55:07:e8:ec:26:6e:bb:1a:72:f4:01:1b:43:5a:af:84:6e:3a: f6:21:d5:9e:ff:9e:fe:68:e6:ff:14:5c:d0:5f:c4:86:29:f2: 89:25:e6:f7:4d:99:9b:49:89:df:ef:31:97:20:27:fb:ab:9d: 39:c6:c4:27:e3:3a:08:88:61:d5:e7:fd:d5:e1:fb:8e:6e:28: c4:a7:56:0f:87:d6:b9:82:42:24:9f:b9:23:4f:a7:2e:b8:ea: 71:13:12:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP8Bipx8E0mzeroKJhtilMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk ZGM3ZGYwHhcNMjUxMjA2MDYwMDU1WhcNMjUxMjA3MDYwMDU1WjAzMTEwLwYDVQQD Eyg5NDNhNWU4ZmE5MzI5OTdlZjk1MTU5ZDUwZGJhODlkYmQ5Yzk4MWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/ZVsHZgy2XKA5Lh8oUuedzoOJ1S pwsQcprnVzAMliJNnR3DAgGAYJcq5gBw2VibUooKdiuHby9T6tGLkP8nws+9pQUL gLKKwdrlrVdwFWZ9smSEBhUos4odPQ/c1rO4XyhKD3x34JolN33LAGNdFSoDUAXh CrVZQR40OMpH+46SGNI5o6TWXZNQ3yc/nbLpTkJwLMQrSu8HZVJrcpIyWn8lrWaw VeLExao0JXvq00GDFEibfrJ7EB8L2G7b8FCEfAc2IRqoT9av4PtBG94qJ1ONthsq YtaXmo+d31XiFyZONvaf+vtZ9LFs9nhUYj/pQmlkLR7g55zUTh8wgGCp1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJQ6Xo+pMpl++VFZ1Q26idvZyYH1MB8GA1UdIwQY MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1 LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHVG1k1I4 1v2JeCIFhrGeoJAeiBPTghGrl2QnQCluP5vkInBg8XgEvVFsH0QdFxaHs3tjD9B2 t9mtdg+wIw0aYXXJzx5Dn3sITPCe9eWZRbFKxmlC1V6ED8tcfABbYGA1SidwRqz1 9cHlJRwdUoxashttVH17eAMtDRrzsUWobf9/lFukaSkznK/eHEPdihJXW1fTzpOX j5FVqEZq1KnZpBOIVQfo7CZuuxpy9AEbQ1qvhG469iHVnv+e/mjm/xRc0F/Ehiny iSXm902Zm0mJ3+8xlyAn+6udOcbEJ+M6CIhh1ef91eH7jm4oxKdWD4fWuYJCJJ+5 I0+nLrjqcRMSnw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:55 2025 by rpki-client