This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/45a3ad-4b4c-4aaa-96d9-297180079422/1/DdIkCGSH7IZmumFcFdyPR532pI0.mft File: DdIkCGSH7IZmumFcFdyPR532pI0.mft (raw, json) Hash identifier: sfrakL7IaxtbpaS7xGeIZr/hk7ydWjUCoVpgH95fq5U= Subject key identifier: 7C:DC:BB:A2:D2:9A:5B:79:B7:F2:2B:A0:61:05:AC:15:BC:EA:E7:3E Authority key identifier: 0D:D2:24:08:64:87:EC:86:66:BA:61:5C:15:DC:8F:47:9D:F6:A4:8D Certificate issuer: /CN=0dd224086487ec8666ba615c15dc8f479df6a48d Certificate serial: 019AF19A983D1794083A9D693A7EB408D98B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdIkCGSH7IZmumFcFdyPR532pI0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/45a3ad-4b4c-4aaa-96d9-297180079422/1/DdIkCGSH7IZmumFcFdyPR532pI0.mft Manifest number: 0594 Signing time: Sat 06 Dec 2025 03:00:31 +0000 Manifest this update: Sat 06 Dec 2025 03:00:31 +0000 Manifest next update: Sun 07 Dec 2025 03:00:31 +0000 Files and hashes: 1: DdIkCGSH7IZmumFcFdyPR532pI0.crl (hash: str227ldHRaVIFh/E1UA8vL0whQ9X4V7LLCj9saU5eY=) 2: DsQ3XuL18x6JXJPIAS7Bywor1FI.roa (hash: YgD4/obT5P1W7ZaQyQBLHDkI0d6d+gx0ix2vsYYOe7Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/45a3ad-4b4c-4aaa-96d9-297180079422/1/DdIkCGSH7IZmumFcFdyPR532pI0.crl rsync://rpki.ripe.net/repository/DEFAULT/22/45a3ad-4b4c-4aaa-96d9-297180079422/1/DdIkCGSH7IZmumFcFdyPR532pI0.mft rsync://rpki.ripe.net/repository/DEFAULT/DdIkCGSH7IZmumFcFdyPR532pI0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:98:3d:17:94:08:3a:9d:69:3a:7e:b4:08:d9:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0dd224086487ec8666ba615c15dc8f479df6a48d Validity Not Before: Dec 6 03:00:31 2025 GMT Not After : Dec 7 03:00:31 2025 GMT Subject: CN=7cdcbba2d29a5b79b7f22ba06105ac15bceae73e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:5c:5e:ee:42:8a:62:93:a0:51:69:22:93:e0: 1d:a3:8b:cf:b8:5e:84:04:65:eb:4a:a2:9b:19:19: 70:3d:cf:1f:c4:2c:89:de:41:cf:32:c6:f2:5a:35: 0e:5b:1d:ee:f8:ea:e7:a3:5d:5d:36:dc:1f:b4:1b: b9:01:f0:db:30:3f:84:b6:f7:f0:95:40:4b:8f:7b: a7:50:c5:c5:42:fb:a4:a0:bb:98:ca:f8:5e:6f:80: de:5b:de:1f:67:54:6a:a5:96:6c:57:9f:bc:fa:46: 19:ad:b4:25:fa:9c:be:a7:46:99:02:49:fb:a9:1c: 09:2a:f2:22:c9:f7:01:05:be:86:c4:6e:7d:95:91: a0:7d:8b:43:61:de:86:66:3a:0d:99:99:9c:ef:68: e5:91:7c:23:cb:58:c4:f6:b4:47:95:bd:aa:79:06: 34:19:9b:c9:59:12:af:2a:63:ed:83:7c:0b:1a:af: 8f:d5:eb:31:9c:f5:6e:f4:e4:56:50:d4:c4:34:45: c9:09:bb:40:58:a0:cb:9a:77:2f:4c:66:11:f4:a2: 65:20:f6:20:f8:3a:1f:21:5f:c4:01:ee:f5:65:97: ef:b4:96:83:0f:b3:b2:4f:73:78:29:2d:ac:3e:92: a5:ca:27:e6:98:d3:67:b6:d3:8a:be:4f:6b:ef:f5: 26:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:DC:BB:A2:D2:9A:5B:79:B7:F2:2B:A0:61:05:AC:15:BC:EA:E7:3E X509v3 Authority Key Identifier: keyid:0D:D2:24:08:64:87:EC:86:66:BA:61:5C:15:DC:8F:47:9D:F6:A4:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdIkCGSH7IZmumFcFdyPR532pI0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45a3ad-4b4c-4aaa-96d9-297180079422/1/DdIkCGSH7IZmumFcFdyPR532pI0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/45a3ad-4b4c-4aaa-96d9-297180079422/1/DdIkCGSH7IZmumFcFdyPR532pI0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:0c:cf:0a:49:dc:e6:ca:7d:02:3a:a6:47:2b:c8:84:cf:4c: b9:5d:6d:6e:a9:53:43:5b:04:6c:61:d1:c1:4a:84:72:29:1f: 2c:2d:5f:ae:f5:ce:c5:4a:d6:3d:27:06:80:f7:61:65:83:28: df:4b:41:4c:34:e6:c6:ec:2b:0a:d7:01:35:30:3b:4c:b6:17: 88:aa:24:ce:68:71:37:6a:89:57:ab:02:46:04:02:2d:d4:18: d6:b6:e1:78:58:34:ad:f1:b8:ae:96:3b:a2:54:91:91:a3:6c: 39:e0:4d:4d:8b:4a:79:b5:05:8e:73:f9:7f:85:09:23:e3:0d: 28:e1:e5:a5:70:13:83:c3:9c:61:9d:32:c9:a9:48:2a:9c:fc: 7b:02:10:9c:aa:fe:af:93:7b:68:33:3c:53:d3:ff:ee:08:1d: 80:9c:59:85:59:29:05:1b:ad:f6:c9:32:d2:51:96:c2:f3:60: 68:e4:bb:99:27:a3:98:69:48:30:89:cb:3f:ee:f9:b8:25:f7: 93:d5:c6:eb:8c:97:94:38:f8:92:3c:79:51:0a:e6:5a:ec:5d: 23:d4:c3:42:ab:a8:f5:5f:eb:7d:b0:cf:ec:8d:9a:72:2b:c9: 9b:79:bf:51:62:5c:fa:a5:36:96:28:10:21:75:00:78:21:89: df:76:c1:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmpg9F5QIOp1pOn60CNmLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkZDIyNDA4NjQ4N2VjODY2NmJhNjE1YzE1ZGM4ZjQ3OWRm NmE0OGQwHhcNMjUxMjA2MDMwMDMxWhcNMjUxMjA3MDMwMDMxWjAzMTEwLwYDVQQD Eyg3Y2RjYmJhMmQyOWE1Yjc5YjdmMjJiYTA2MTA1YWMxNWJjZWFlNzNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVxe7kKKYpOgUWkik+Ado4vPuF6E BGXrSqKbGRlwPc8fxCyJ3kHPMsbyWjUOWx3u+Orno11dNtwftBu5AfDbMD+Etvfw lUBLj3unUMXFQvukoLuYyvheb4DeW94fZ1RqpZZsV5+8+kYZrbQl+py+p0aZAkn7 qRwJKvIiyfcBBb6GxG59lZGgfYtDYd6GZjoNmZmc72jlkXwjy1jE9rRHlb2qeQY0 GZvJWRKvKmPtg3wLGq+P1esxnPVu9ORWUNTENEXJCbtAWKDLmncvTGYR9KJlIPYg +DofIV/EAe71ZZfvtJaDD7OyT3N4KS2sPpKlyifmmNNnttOKvk9r7/UmzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHzcu6LSmlt5t/IroGEFrBW86uc+MB8GA1UdIwQY MBaAFA3SJAhkh+yGZrphXBXcj0ed9qSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGRJa0NHU0g3SVptdW1GY0ZkeVBSNTMycEkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80NWEzYWQtNGI0Yy00YWFhLTk2ZDkt Mjk3MTgwMDc5NDIyLzEvRGRJa0NHU0g3SVptdW1GY0ZkeVBSNTMycEkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi80NWEzYWQtNGI0Yy00YWFhLTk2ZDktMjk3MTgwMDc5NDIy LzEvRGRJa0NHU0g3SVptdW1GY0ZkeVBSNTMycEkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgzPCknc 5sp9AjqmRyvIhM9MuV1tbqlTQ1sEbGHRwUqEcikfLC1frvXOxUrWPScGgPdhZYMo 30tBTDTmxuwrCtcBNTA7TLYXiKokzmhxN2qJV6sCRgQCLdQY1rbheFg0rfG4rpY7 olSRkaNsOeBNTYtKebUFjnP5f4UJI+MNKOHlpXATg8OcYZ0yyalIKpz8ewIQnKr+ r5N7aDM8U9P/7ggdgJxZhVkpBRut9sky0lGWwvNgaOS7mSejmGlIMInLP+75uCX3 k9XG64yXlDj4kjx5UQrmWuxdI9TDQquo9V/rfbDP7I2acivJm3m/UWJc+qU2ligQ IXUAeCGJ33bBDw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:24 2025 by rpki-client