This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft File: d4LgCn_HYX2UJguB_SKjo_PcaG0.mft (raw, json) Hash identifier: ssaA3+fhDMpR1mPxuEB8Ll904iQxQmU8S1BY2bsRTp0= Subject key identifier: 4C:D1:DC:BD:0F:7B:67:7F:08:3C:61:3B:8E:48:F7:ED:99:67:3F:3F Authority key identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D Certificate issuer: /CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d Certificate serial: 019B2175191FA5AFD764063BC59C6082537C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft Manifest number: 0C08 Signing time: Mon 15 Dec 2025 10:01:20 +0000 Manifest this update: Mon 15 Dec 2025 10:01:20 +0000 Manifest next update: Tue 16 Dec 2025 10:01:20 +0000 Files and hashes: 1: d4LgCn_HYX2UJguB_SKjo_PcaG0.crl (hash: IZW8zMPrDad+WwBio8hx48/i6VE8afa3ZtzuEQJU9Aw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:19:1f:a5:af:d7:64:06:3b:c5:9c:60:82:53:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d Validity Not Before: Dec 15 10:01:20 2025 GMT Not After : Dec 16 10:01:20 2025 GMT Subject: CN=4cd1dcbd0f7b677f083c613b8e48f7ed99673f3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f3:7d:49:63:20:38:0d:da:87:ed:58:b5:b0: 6d:4b:54:56:20:47:bb:5e:a7:d9:04:74:11:62:d9: 50:b7:08:01:b4:5c:8e:cd:97:e3:65:7d:f0:b0:cf: ed:21:71:25:fa:9a:00:a9:a4:ac:fe:1b:41:d9:81: 0b:b8:78:aa:ad:a8:87:8d:93:05:5f:3a:35:10:6a: ad:e6:f8:1e:13:98:6b:fe:1e:75:d9:24:4e:7b:0f: af:b7:90:02:08:32:4c:b3:a8:c6:db:c1:8f:03:51: 5f:df:a3:fb:39:af:c9:5d:b6:b4:3a:4f:b0:2b:10: 27:9d:1e:93:ab:43:2e:33:be:fe:c4:cc:2d:c0:f4: 57:a3:64:75:34:50:6a:d0:de:31:5f:4d:e9:cf:7f: 6a:32:0f:5d:c6:61:19:47:e7:c7:8b:a2:1d:ec:89: 11:f4:e9:58:2e:69:43:fe:6d:af:20:26:69:b9:b5: 67:95:94:87:08:dd:56:03:50:87:09:7e:28:c8:a5: a4:5d:5d:78:a6:09:bc:19:88:5f:39:cc:44:2e:7a: 48:c7:dc:22:e3:15:c0:db:7b:07:ab:08:56:6b:b0: 50:82:87:06:04:fe:ba:a7:9b:cf:55:df:2a:e1:85: f9:58:55:23:65:66:d4:03:df:b3:53:34:3d:7b:60: 0c:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:D1:DC:BD:0F:7B:67:7F:08:3C:61:3B:8E:48:F7:ED:99:67:3F:3F X509v3 Authority Key Identifier: keyid:77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:3d:ba:57:a4:e4:cf:ff:dd:ba:07:a0:2e:87:34:5e:8f:39: 8a:ba:97:56:6c:d7:ed:e3:39:45:10:98:5c:db:4c:d1:5e:61: 65:35:d5:7f:78:76:96:14:bf:69:85:e5:24:cc:55:bc:b5:43: c5:39:0e:16:8e:6a:81:bd:b0:d2:58:5f:8a:4d:86:61:ac:82: 39:f9:a0:a7:f4:33:bc:24:05:d8:13:43:89:74:4e:3e:77:34: bd:e0:cc:84:ba:40:0d:ce:41:63:6a:63:b1:6f:7a:d3:d2:8a: 3d:c0:21:07:f2:ec:9a:8d:f3:0e:fb:33:d6:44:bc:2e:18:9b: 3b:61:c5:1b:3c:80:c2:5c:7e:23:e8:27:2b:41:7b:fc:55:3c: 30:2e:21:13:20:36:5a:20:d4:54:4b:16:4e:46:41:82:7e:5a: 39:9e:48:7c:13:df:4b:ed:4c:06:a7:0f:e0:85:43:0a:a1:98: b3:f6:a0:d5:70:18:7e:dd:df:2c:5d:21:76:bf:0d:50:ff:a9: 69:aa:c5:47:dd:68:d3:78:c0:52:86:03:b6:11:ae:5a:ff:f4: 5f:8d:63:69:07:57:c5:4a:70:b6:f5:bf:fb:6d:c7:bb:cf:8f: 37:8c:70:53:1b:a4:a2:f2:fb:85:33:bf:9f:a3:0b:3e:0d:75: 54:46:08:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdRkfpa/XZAY7xZxgglN8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3ODJlMDBhN2ZjNzYxN2Q5NDI2MGI4MWZkMjJhM2EzZjNk YzY4NmQwHhcNMjUxMjE1MTAwMTIwWhcNMjUxMjE2MTAwMTIwWjAzMTEwLwYDVQQD Eyg0Y2QxZGNiZDBmN2I2NzdmMDgzYzYxM2I4ZTQ4ZjdlZDk5NjczZjNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vN9SWMgOA3ah+1YtbBtS1RWIEe7 XqfZBHQRYtlQtwgBtFyOzZfjZX3wsM/tIXEl+poAqaSs/htB2YELuHiqraiHjZMF Xzo1EGqt5vgeE5hr/h512SROew+vt5ACCDJMs6jG28GPA1Ff36P7Oa/JXba0Ok+w KxAnnR6Tq0MuM77+xMwtwPRXo2R1NFBq0N4xX03pz39qMg9dxmEZR+fHi6Id7IkR 9OlYLmlD/m2vICZpubVnlZSHCN1WA1CHCX4oyKWkXV14pgm8GYhfOcxELnpIx9wi 4xXA23sHqwhWa7BQgocGBP66p5vPVd8q4YX5WFUjZWbUA9+zUzQ9e2AMNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEzR3L0Pe2d/CDxhO45I9+2ZZz8/MB8GA1UdIwQY MBaAFHeC4Ap/x2F9lCYLgf0io6Pz3GhtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgt OWEwMjg0YjNhZGMxLzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgtOWEwMjg0YjNhZGMx LzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmz26V6Tk z//dugegLoc0Xo85irqXVmzX7eM5RRCYXNtM0V5hZTXVf3h2lhS/aYXlJMxVvLVD xTkOFo5qgb2w0lhfik2GYayCOfmgp/QzvCQF2BNDiXROPnc0veDMhLpADc5BY2pj sW9609KKPcAhB/Lsmo3zDvsz1kS8LhibO2HFGzyAwlx+I+gnK0F7/FU8MC4hEyA2 WiDUVEsWTkZBgn5aOZ5IfBPfS+1MBqcP4IVDCqGYs/ag1XAYft3fLF0hdr8NUP+p aarFR91o03jAUoYDthGuWv/0X41jaQdXxUpwtvW/+23Hu8+PN4xwUxukovL7hTO/ n6MLPg11VEYItg== -----END CERTIFICATE-----Generated at Mon Dec 15 15:35:21 2025 by rpki-client