This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft File: DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json) Hash identifier: PxdRSD1MeqZECzsA8fXm+hPUFB0cfP/WFOxfCcLbgyk= Subject key identifier: 7D:99:F4:53:B7:4C:55:D0:44:4D:D6:A4:ED:FB:0B:DF:77:C2:C7:2E Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82 Certificate issuer: /CN=0d49427d8a4477cdb7680861a9ec50dc73216982 Certificate serial: 019B2552950D12DBB6DB9AF4AE11EBAE9B24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft Manifest number: 0808 Signing time: Tue 16 Dec 2025 04:02:07 +0000 Manifest this update: Tue 16 Dec 2025 04:02:07 +0000 Manifest next update: Wed 17 Dec 2025 04:02:07 +0000 Files and hashes: 1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: kSB0OYUMg6593XpY09cd/WPfrdA4F+YpjRR2FaDbjyQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 04:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:52:95:0d:12:db:b6:db:9a:f4:ae:11:eb:ae:9b:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982 Validity Not Before: Dec 16 04:02:07 2025 GMT Not After : Dec 17 04:02:07 2025 GMT Subject: CN=7d99f453b74c55d0444dd6a4edfb0bdf77c2c72e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d6:c4:4d:23:5c:b1:41:88:fc:01:9b:02:99: 7a:02:ff:f3:b7:60:ad:8f:41:c4:60:a4:6f:9d:d4: 8f:46:eb:8c:cc:19:f4:88:8d:66:17:67:ee:99:e4: ae:8f:e6:d1:c2:d4:26:f1:86:13:04:60:82:bb:46: 28:ba:6c:29:63:5a:ce:d5:25:d6:e6:81:e2:63:94: b9:52:d0:d2:7d:1a:d0:67:e2:a0:2e:3a:f1:c0:36: 66:bb:75:2f:ae:09:0e:9f:b5:6e:40:26:e5:45:ec: 2d:46:2e:72:3a:78:fe:c1:af:6f:46:34:c3:4e:cc: 23:d5:41:a2:aa:6d:d4:30:fc:ff:97:4a:1d:be:e5: 72:76:0a:99:66:17:6d:9d:87:6f:aa:d6:c1:8d:e1: e3:0e:91:dd:9b:a3:25:a6:7e:48:96:e2:02:8c:b3: 39:aa:1f:68:df:eb:cc:9f:8f:d4:43:5d:df:ad:64: ae:0b:a3:ca:97:4b:4a:02:1d:3f:3a:74:f4:3c:77: c0:2b:7d:13:b9:c9:0d:dd:c3:87:7d:df:d4:4b:6d: 77:c1:33:06:2e:86:39:e7:fc:f1:bc:32:44:b3:b1: 27:07:45:84:28:42:8a:0d:00:8c:30:4d:0f:48:da: 84:b1:7c:be:97:29:54:c2:61:3a:fb:07:6d:7c:fa: 19:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:99:F4:53:B7:4C:55:D0:44:4D:D6:A4:ED:FB:0B:DF:77:C2:C7:2E X509v3 Authority Key Identifier: keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:53:8d:a3:21:1a:d6:b6:fb:0e:35:35:3a:6e:c3:25:81:d5: 81:d1:83:da:21:15:b8:3b:dc:a9:c7:2e:89:7f:14:3a:18:7b: b3:62:54:78:56:8d:bf:d2:f0:d9:f2:4b:cd:7b:1a:ae:f6:0b: 2d:40:ab:ef:e4:b2:73:a1:8f:ad:86:ce:7b:f2:83:97:da:ce: c6:5d:9b:2e:bc:46:2a:ce:a2:f6:a6:fd:1a:f9:2a:c5:64:2f: 98:94:e8:80:4d:03:78:e0:5d:43:5d:be:f2:0b:98:eb:25:ff: 26:7e:61:c2:9c:fe:78:97:8b:30:41:18:35:fa:a7:9a:76:6c: 08:fb:f6:ae:5e:e2:c0:58:18:ac:6d:bd:42:77:3f:2a:c2:36: 69:4f:48:53:dd:af:02:fb:6c:6d:16:5d:6a:e2:4b:de:9e:3b: 8f:25:fc:df:86:87:6c:f2:51:9a:89:e4:13:f3:6e:3f:68:af: 3c:71:67:51:80:cd:07:8d:dd:ed:8a:f1:dd:4b:3e:02:fd:8b: ee:78:4f:fc:84:9e:26:55:a5:0b:de:96:9d:cd:9c:ab:7a:c1: 2a:ed:b7:af:ef:1e:5b:d1:e1:6c:d2:54:89:08:6a:eb:8f:74: b7:c1:61:ac:19:90:0b:ff:68:46:f2:a4:90:bc:39:e7:79:74: 0c:3a:19:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZslUpUNEtu225r0rhHrrpskMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy MTY5ODIwHhcNMjUxMjE2MDQwMjA3WhcNMjUxMjE3MDQwMjA3WjAzMTEwLwYDVQQD Eyg3ZDk5ZjQ1M2I3NGM1NWQwNDQ0ZGQ2YTRlZGZiMGJkZjc3YzJjNzJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9bETSNcsUGI/AGbApl6Av/zt2Ct j0HEYKRvndSPRuuMzBn0iI1mF2fumeSuj+bRwtQm8YYTBGCCu0YoumwpY1rO1SXW 5oHiY5S5UtDSfRrQZ+KgLjrxwDZmu3UvrgkOn7VuQCblRewtRi5yOnj+wa9vRjTD Tswj1UGiqm3UMPz/l0odvuVydgqZZhdtnYdvqtbBjeHjDpHdm6Mlpn5IluICjLM5 qh9o3+vMn4/UQ13frWSuC6PKl0tKAh0/OnT0PHfAK30TuckN3cOHfd/US213wTMG LoY55/zxvDJEs7EnB0WEKEKKDQCMME0PSNqEsXy+lylUwmE6+wdtfPoZHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH2Z9FO3TFXQRE3WpO37C993wscuMB8GA1UdIwQY MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3 LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASlONoyEa 1rb7DjU1Om7DJYHVgdGD2iEVuDvcqccuiX8UOhh7s2JUeFaNv9Lw2fJLzXsarvYL LUCr7+Syc6GPrYbOe/KDl9rOxl2bLrxGKs6i9qb9GvkqxWQvmJTogE0DeOBdQ12+ 8guY6yX/Jn5hwpz+eJeLMEEYNfqnmnZsCPv2rl7iwFgYrG29Qnc/KsI2aU9IU92v AvtsbRZdauJL3p47jyX834aHbPJRmonkE/NuP2ivPHFnUYDNB43d7Yrx3Us+Av2L 7nhP/ISeJlWlC96Wnc2cq3rBKu23r+8eW9HhbNJUiQhq6490t8FhrBmQC/9oRvKk kLw553l0DDoZOQ== -----END CERTIFICATE-----Generated at Tue Dec 16 14:27:34 2025 by rpki-client