This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft File: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json) Hash identifier: v7akvbujBBvSOIax3yvdpbM+VtIFGfcVVbqcJKdfnbQ= Subject key identifier: E8:C9:7A:A2:84:1F:F3:9E:58:2F:E0:2F:F8:7B:82:7A:D5:11:65:2A Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6 Certificate issuer: /CN=74230d142eec7f6a99b0db4096f93a0420483fe6 Certificate serial: 019AF50B8DB3210A5672D09D86B8A8B47BE3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft Manifest number: 0958 Signing time: Sat 06 Dec 2025 19:02:46 +0000 Manifest this update: Sat 06 Dec 2025 19:02:46 +0000 Manifest next update: Sun 07 Dec 2025 19:02:46 +0000 Files and hashes: 1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: gX4IDjAZsydpWUdMEOTpq3JJNVLzc+jrFWKCqUbZ5HU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:8d:b3:21:0a:56:72:d0:9d:86:b8:a8:b4:7b:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6 Validity Not Before: Dec 6 19:02:46 2025 GMT Not After : Dec 7 19:02:46 2025 GMT Subject: CN=e8c97aa2841ff39e582fe02ff87b827ad511652a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:fd:22:0c:fd:d2:60:07:d4:58:78:e5:c9:5a: 38:2c:57:ba:cc:28:27:8a:64:85:dd:56:cc:a8:18: c2:6b:0e:34:01:b8:aa:96:39:2e:59:ac:ce:5f:8b: 8f:1e:22:57:6b:82:42:19:53:bd:27:bc:3d:66:e4: 35:ab:01:ad:6d:9d:fc:6b:b5:d1:6c:57:bd:0e:7f: a9:21:e7:20:68:8f:35:24:6d:32:5f:8d:d3:e2:56: 08:80:05:83:85:ff:44:0c:70:d1:87:8d:57:91:5c: 44:e8:1e:10:21:bd:09:5c:5c:5b:e5:48:f9:ce:ae: 56:15:bb:7a:7f:aa:af:92:4e:37:1b:df:80:26:a0: 01:80:c2:0c:c3:08:8f:4b:2c:d8:12:bd:33:9e:9a: 6c:38:4b:e6:8d:58:a2:c0:54:66:5f:80:ad:22:9e: 93:8c:f9:16:b2:89:6f:66:41:62:dc:a8:b6:e5:72: c2:08:df:d4:6c:79:37:22:b0:f5:00:eb:ed:19:98: c5:9d:d5:1b:72:85:29:bc:b9:73:61:02:4b:0c:1c: 0c:2f:2d:c3:09:7f:46:c0:b7:6d:0e:8a:2b:e8:b2: c6:98:5b:26:14:2b:45:65:ff:d8:7f:e0:a4:23:4d: b1:01:9b:b3:8d:46:b9:10:06:cc:23:af:10:80:64: 6a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:C9:7A:A2:84:1F:F3:9E:58:2F:E0:2F:F8:7B:82:7A:D5:11:65:2A X509v3 Authority Key Identifier: keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:0e:9b:c6:cb:af:0a:9e:d5:bf:57:d9:a6:1c:f3:89:e6:d2: b5:4a:a5:b4:40:c7:d6:07:eb:ec:91:34:71:86:f5:52:e3:50: 40:c1:fe:77:fc:5c:d5:27:57:32:57:45:58:fa:1d:13:1b:34: af:08:93:57:28:76:44:05:2c:03:22:8e:2e:19:3b:25:aa:8b: 08:3d:08:ae:e9:e9:1f:59:96:22:a9:88:27:75:30:58:a6:90: ff:0f:29:00:84:f6:1b:84:42:a2:62:9e:95:a2:fa:c6:45:8d: 4b:2b:65:4c:4c:73:ac:76:8c:f7:92:b0:ac:d7:e7:e8:05:ec: 18:bd:49:60:94:59:2d:5d:70:17:0a:45:94:30:af:b3:fb:cc: e5:47:e0:39:59:2f:c0:62:5b:2c:5a:a4:81:62:36:2a:5b:ef: 9c:cb:be:fe:33:d8:fe:07:ad:f5:f1:3e:f1:65:c5:0c:01:fe: d7:bf:88:57:c8:61:15:f8:0f:ea:2f:71:ee:49:02:14:8f:f0: b5:3e:b0:f2:a8:0e:05:ac:60:aa:45:84:8d:7f:3f:32:bc:63: 30:84:80:06:e1:6c:05:c4:ba:51:3a:20:af:bc:ea:86:98:e3: 46:34:6c:75:e2:20:c4:91:d3:72:1f:e8:79:95:9f:ee:58:68: c4:95:f9:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C42zIQpWctCdhriotHvjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0 ODNmZTYwHhcNMjUxMjA2MTkwMjQ2WhcNMjUxMjA3MTkwMjQ2WjAzMTEwLwYDVQQD EyhlOGM5N2FhMjg0MWZmMzllNTgyZmUwMmZmODdiODI3YWQ1MTE2NTJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf0iDP3SYAfUWHjlyVo4LFe6zCgn imSF3VbMqBjCaw40AbiqljkuWazOX4uPHiJXa4JCGVO9J7w9ZuQ1qwGtbZ38a7XR bFe9Dn+pIecgaI81JG0yX43T4lYIgAWDhf9EDHDRh41XkVxE6B4QIb0JXFxb5Uj5 zq5WFbt6f6qvkk43G9+AJqABgMIMwwiPSyzYEr0znppsOEvmjViiwFRmX4CtIp6T jPkWsolvZkFi3Ki25XLCCN/UbHk3IrD1AOvtGZjFndUbcoUpvLlzYQJLDBwMLy3D CX9GwLdtDoor6LLGmFsmFCtFZf/Yf+CkI02xAZuzjUa5EAbMI68QgGRq3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOjJeqKEH/OeWC/gL/h7gnrVEWUqMB8GA1UdIwQY MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhg6bxsuv Cp7Vv1fZphzziebStUqltEDH1gfr7JE0cYb1UuNQQMH+d/xc1SdXMldFWPodExs0 rwiTVyh2RAUsAyKOLhk7JaqLCD0IrunpH1mWIqmIJ3UwWKaQ/w8pAIT2G4RComKe laL6xkWNSytlTExzrHaM95KwrNfn6AXsGL1JYJRZLV1wFwpFlDCvs/vM5UfgOVkv wGJbLFqkgWI2KlvvnMu+/jPY/get9fE+8WXFDAH+17+IV8hhFfgP6i9x7kkCFI/w tT6w8qgOBaxgqkWEjX8/MrxjMISABuFsBcS6UTogr7zqhpjjRjRsdeIgxJHTch/o eZWf7lhoxJX5zw== -----END CERTIFICATE-----Generated at Sun Dec 7 02:13:22 2025 by rpki-client