This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft File: DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json) Hash identifier: M4n+bGN0Ug12+nNYbFVJ+lm72TQVudwtcc37Yi2IpnM= Subject key identifier: 09:E3:38:36:AA:B7:FA:D8:3E:02:37:13:83:CC:AA:91:08:4A:8D:99 Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C Certificate issuer: /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c Certificate serial: 019AF276578F2C9B2559DCD4D3A02D6114DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft Manifest number: 1127 Signing time: Sat 06 Dec 2025 07:00:32 +0000 Manifest this update: Sat 06 Dec 2025 07:00:32 +0000 Manifest next update: Sun 07 Dec 2025 07:00:32 +0000 Files and hashes: 1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: awl8STWz2USSHHrNVVjMPKg7NZDK1duYfZAg6EzSsVw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:57:8f:2c:9b:25:59:dc:d4:d3:a0:2d:61:14:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c Validity Not Before: Dec 6 07:00:32 2025 GMT Not After : Dec 7 07:00:32 2025 GMT Subject: CN=09e33836aab7fad83e02371383ccaa91084a8d99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:39:0e:f4:9a:5f:d8:b8:0c:bd:8c:81:f9:58: a8:f7:92:77:20:fb:9a:ba:a2:dc:b5:f7:b1:59:ca: 71:f9:c5:93:c6:95:cd:f5:76:d7:11:e4:97:15:85: 64:49:11:a6:43:92:51:ee:08:c0:23:52:b4:b0:4f: 7a:56:2e:a8:21:fb:87:6a:51:69:1a:ce:1f:98:f3: d8:77:de:82:d7:52:45:6b:7d:be:fd:99:4c:4c:e7: 4b:b1:85:fa:ef:c7:d1:06:60:90:94:dc:d7:b4:ee: 8d:64:7f:e0:50:0e:e2:9e:10:0f:79:ac:3f:da:90: a0:ad:2d:53:77:11:5b:c3:1d:93:1e:41:a0:92:37: 77:86:86:00:60:bd:cf:ff:61:5c:5d:91:03:d1:9a: 08:d3:da:b8:f9:6c:48:7d:30:c0:29:95:fd:63:31: e6:5b:8d:e8:eb:4b:d9:ef:8f:b4:04:ab:46:6a:d6: f3:df:1a:54:be:d5:3e:86:52:9a:77:d9:f7:93:db: d9:42:37:df:08:84:2e:b6:0d:07:49:ba:2f:29:71: 20:bf:45:ee:26:44:25:b6:5f:95:3e:09:30:a0:20: ef:34:70:5a:67:97:91:1f:02:3b:f5:44:eb:a7:35: 23:bc:7f:fc:cd:c8:2e:a4:aa:99:10:81:b2:e5:49: 54:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:E3:38:36:AA:B7:FA:D8:3E:02:37:13:83:CC:AA:91:08:4A:8D:99 X509v3 Authority Key Identifier: keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:bb:3e:93:26:39:1b:58:ab:63:b6:c8:1f:40:11:b1:f2:d1: d5:0e:0e:92:3c:ec:dd:14:da:bb:18:38:c0:2e:4f:5f:36:b0: 77:ab:7f:b0:62:f1:ce:35:f5:ce:19:d6:2a:ce:63:29:f6:44: 2a:58:65:81:45:a3:87:b2:14:63:be:4b:01:5b:a3:f0:de:0b: 39:e1:02:72:1d:a9:01:47:bb:9c:37:c0:e5:10:65:01:d4:72: bf:a7:9e:ba:11:78:eb:a5:20:21:a7:a5:93:ed:7c:d0:cd:05: 73:48:01:d0:13:63:94:64:89:21:48:09:d1:98:56:62:c6:f2: bf:2e:f5:ea:ca:c1:f7:6d:f0:2e:f1:9f:28:74:3a:05:fe:41: a4:4b:77:cb:0f:32:2e:06:7f:36:db:17:f3:38:65:38:59:c9: 3c:69:bb:23:c7:0c:ae:b3:ba:de:be:00:f9:de:c8:df:c6:1f: cf:ae:a5:59:43:e1:30:9c:a9:b9:ae:f4:31:6e:6c:c2:5d:1c: df:03:e0:44:47:0d:59:58:3a:a5:62:ed:6c:1e:de:3c:dc:d9: 2f:ea:c4:0b:cd:c8:3c:76:60:a4:43:0b:71:26:d3:e0:c5:cc: ac:28:f7:70:2b:b6:86:1f:bb:82:fa:57:54:c7:b7:47:02:b6: ba:bb:80:e5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydlePLJslWdzU06AtYRTfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw MzMzOGMwHhcNMjUxMjA2MDcwMDMyWhcNMjUxMjA3MDcwMDMyWjAzMTEwLwYDVQQD EygwOWUzMzgzNmFhYjdmYWQ4M2UwMjM3MTM4M2NjYWE5MTA4NGE4ZDk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TkO9Jpf2LgMvYyB+Vio95J3IPua uqLctfexWcpx+cWTxpXN9XbXEeSXFYVkSRGmQ5JR7gjAI1K0sE96Vi6oIfuHalFp Gs4fmPPYd96C11JFa32+/ZlMTOdLsYX678fRBmCQlNzXtO6NZH/gUA7inhAPeaw/ 2pCgrS1TdxFbwx2THkGgkjd3hoYAYL3P/2FcXZED0ZoI09q4+WxIfTDAKZX9YzHm W43o60vZ74+0BKtGatbz3xpUvtU+hlKad9n3k9vZQjffCIQutg0HSbovKXEgv0Xu JkQltl+VPgkwoCDvNHBaZ5eRHwI79UTrpzUjvH/8zcgupKqZEIGy5UlURQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAnjODaqt/rYPgI3E4PMqpEISo2ZMB8GA1UdIwQY MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALrs+kyY5 G1irY7bIH0ARsfLR1Q4Okjzs3RTauxg4wC5PXzawd6t/sGLxzjX1zhnWKs5jKfZE KlhlgUWjh7IUY75LAVuj8N4LOeECch2pAUe7nDfA5RBlAdRyv6eeuhF466UgIael k+180M0Fc0gB0BNjlGSJIUgJ0ZhWYsbyvy716srB923wLvGfKHQ6Bf5BpEt3yw8y LgZ/NtsX8zhlOFnJPGm7I8cMrrO63r4A+d7I38Yfz66lWUPhMJypua70MW5swl0c 3wPgREcNWVg6pWLtbB7ePNzZL+rEC83IPHZgpEMLcSbT4MXMrCj3cCu2hh+7gvpX VMe3RwK2uruA5Q== -----END CERTIFICATE-----Generated at Sat Dec 6 14:03:07 2025 by rpki-client