This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft File: Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft (raw, json) Hash identifier: zawTjcSmIEQOZJ/WSeutmFOLfsZas/de4KOXef2+v5w= Subject key identifier: A8:21:C9:A3:2A:98:F0:CA:85:E0:06:7D:96:4B:27:21:7F:F2:9D:2F Authority key identifier: 21:CE:31:1C:8E:D6:0B:EF:1B:5E:4F:7D:3B:86:41:07:81:44:18:A3 Certificate issuer: /CN=21ce311c8ed60bef1b5e4f7d3b864107814418a3 Certificate serial: 019AF465385E7BE305FD82A5C1E46C033388 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft Manifest number: 0B03 Signing time: Sat 06 Dec 2025 16:01:05 +0000 Manifest this update: Sat 06 Dec 2025 16:01:05 +0000 Manifest next update: Sun 07 Dec 2025 16:01:05 +0000 Files and hashes: 1: Ic4xHI7WC-8bXk99O4ZBB4FEGKM.crl (hash: JnT89O33G+PiQRzk8z16SMAfIELJtNDNQmXXjgnbXeQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:38:5e:7b:e3:05:fd:82:a5:c1:e4:6c:03:33:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21ce311c8ed60bef1b5e4f7d3b864107814418a3 Validity Not Before: Dec 6 16:01:05 2025 GMT Not After : Dec 7 16:01:05 2025 GMT Subject: CN=a821c9a32a98f0ca85e0067d964b27217ff29d2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:8c:87:56:99:18:36:4f:52:6e:7f:eb:57:d7: 8b:87:97:39:4d:61:a9:46:8f:e7:6c:fb:95:dc:93: e6:be:1b:21:bd:47:b9:70:f2:81:83:0a:ac:67:7a: 84:28:6f:50:27:7d:92:66:88:e5:ad:71:31:ac:42: 21:e1:c7:15:d4:35:ed:b8:37:a9:28:7d:97:b2:22: 1e:8e:24:70:b3:12:95:51:2a:34:d3:26:2a:9a:9e: 05:d5:da:b1:2f:08:52:af:79:df:b8:95:61:f8:2e: f8:22:57:f4:7e:8a:47:2a:0e:84:55:02:72:83:d5: 98:7f:c4:23:b9:9f:a1:2f:5d:19:5d:9e:0d:0d:44: 7b:3f:e7:58:c1:48:8d:d5:6d:76:02:9e:d5:16:08: 06:70:28:2f:66:14:71:8a:7d:69:4c:4a:4b:f4:a0: 33:99:bc:54:13:45:dd:e1:30:76:55:6a:97:10:8a: 5a:51:2b:84:b6:b2:92:0c:8c:9a:42:cb:70:7d:ed: d7:53:12:17:cb:1c:d7:b4:45:6d:e5:74:03:3a:a9: c5:92:66:bc:60:66:51:93:df:ba:b6:5b:99:0c:e7: 28:28:e3:66:9e:9c:10:40:9b:a6:4e:08:0d:73:dd: dc:d7:8e:6a:93:5e:ef:cb:44:65:b0:e9:1e:1c:eb: 65:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:21:C9:A3:2A:98:F0:CA:85:E0:06:7D:96:4B:27:21:7F:F2:9D:2F X509v3 Authority Key Identifier: keyid:21:CE:31:1C:8E:D6:0B:EF:1B:5E:4F:7D:3B:86:41:07:81:44:18:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/6bac55-9aaa-4530-8ff4-6027a6839ae4/1/Ic4xHI7WC-8bXk99O4ZBB4FEGKM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:45:d0:c3:55:c1:ed:a7:6b:9e:6b:75:e2:70:89:52:fa:80: 37:6c:93:15:a8:07:f9:bb:61:76:8a:5f:c3:8e:a8:bd:27:69: c9:5f:6d:ae:95:f9:c6:76:1c:a1:4b:27:d1:a1:27:e1:11:bd: fd:4c:bb:0d:b9:b3:20:6a:b4:0f:3e:df:b2:70:b3:7d:7e:bb: 23:b7:fe:e9:f7:5e:4e:f4:b3:af:d9:4e:58:70:21:18:6b:6f: 1a:31:5a:4f:f7:f3:98:3a:d1:f0:7f:42:49:09:ff:23:8d:51: 96:d9:16:b1:da:08:a9:7f:e8:ba:61:28:7a:57:73:b4:97:60: 32:6f:8c:fb:40:dc:8c:87:68:a8:e6:c7:fa:7f:d2:14:a7:ac: 8c:1e:47:a2:91:fb:b5:cf:2f:bc:41:ed:ea:65:e5:37:50:ce: b3:9b:5d:55:d4:c1:40:ce:94:e2:03:3e:c8:ef:88:78:c7:8d: 72:d7:4f:59:44:76:55:30:d8:fc:b5:7e:1a:90:78:29:bc:32: dc:d1:bd:59:31:9b:2d:99:2b:27:ec:f5:70:ed:58:c8:1f:33: c9:70:df:05:6e:0d:9d:ea:1d:f6:d9:51:a0:af:c7:d6:43:de: 78:50:1b:7d:5e:22:b5:0c:e0:76:51:0e:d7:bd:5b:4e:aa:49: 64:d3:28:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZThee+MF/YKlweRsAzOIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxY2UzMTFjOGVkNjBiZWYxYjVlNGY3ZDNiODY0MTA3ODE0 NDE4YTMwHhcNMjUxMjA2MTYwMTA1WhcNMjUxMjA3MTYwMTA1WjAzMTEwLwYDVQQD EyhhODIxYzlhMzJhOThmMGNhODVlMDA2N2Q5NjRiMjcyMTdmZjI5ZDJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYyHVpkYNk9Sbn/rV9eLh5c5TWGp Ro/nbPuV3JPmvhshvUe5cPKBgwqsZ3qEKG9QJ32SZojlrXExrEIh4ccV1DXtuDep KH2XsiIejiRwsxKVUSo00yYqmp4F1dqxLwhSr3nfuJVh+C74Ilf0fopHKg6EVQJy g9WYf8QjuZ+hL10ZXZ4NDUR7P+dYwUiN1W12Ap7VFggGcCgvZhRxin1pTEpL9KAz mbxUE0Xd4TB2VWqXEIpaUSuEtrKSDIyaQstwfe3XUxIXyxzXtEVt5XQDOqnFkma8 YGZRk9+6tluZDOcoKONmnpwQQJumTggNc93c145qk17vy0RlsOkeHOtlqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKghyaMqmPDKheAGfZZLJyF/8p0vMB8GA1UdIwQY MBaAFCHOMRyO1gvvG15PfTuGQQeBRBijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWM0eEhJN1dDLThiWGs5OU80WkJCNEZFR0tNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82YmFjNTUtOWFhYS00NTMwLThmZjQt NjAyN2E2ODM5YWU0LzEvSWM0eEhJN1dDLThiWGs5OU80WkJCNEZFR0tNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi82YmFjNTUtOWFhYS00NTMwLThmZjQtNjAyN2E2ODM5YWU0 LzEvSWM0eEhJN1dDLThiWGs5OU80WkJCNEZFR0tNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAkXQw1XB 7adrnmt14nCJUvqAN2yTFagH+bthdopfw46ovSdpyV9trpX5xnYcoUsn0aEn4RG9 /Uy7DbmzIGq0Dz7fsnCzfX67I7f+6fdeTvSzr9lOWHAhGGtvGjFaT/fzmDrR8H9C SQn/I41RltkWsdoIqX/oumEoeldztJdgMm+M+0DcjIdoqObH+n/SFKesjB5HopH7 tc8vvEHt6mXlN1DOs5tdVdTBQM6U4gM+yO+IeMeNctdPWUR2VTDY/LV+GpB4Kbwy 3NG9WTGbLZkrJ+z1cO1YyB8zyXDfBW4Nneod9tlRoK/H1kPeeFAbfV4itQzgdlEO 171bTqpJZNMoog== -----END CERTIFICATE-----Generated at Sat Dec 6 21:27:40 2025 by rpki-client