This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft File: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json) Hash identifier: 8tmp0AXFRmO2vAIGCVvpTfMIXSJ1D8++AlpoEZz7/oY= Subject key identifier: 57:9E:8D:86:FF:95:D1:65:87:89:98:28:F0:1D:A8:2F:33:65:27:A2 Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8 Certificate issuer: /CN=0ddc509b4db35203ab616f4781f85dd5860443d8 Certificate serial: 019AF31B764E348D41B10A5336347D0BC7D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft Manifest number: 149A Signing time: Sat 06 Dec 2025 10:00:54 +0000 Manifest this update: Sat 06 Dec 2025 10:00:54 +0000 Manifest next update: Sun 07 Dec 2025 10:00:54 +0000 Files and hashes: 1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: z0t5+YmHyTJiUIngzM28Cspn/DflWHkO2Tu32jt+uuo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:76:4e:34:8d:41:b1:0a:53:36:34:7d:0b:c7:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8 Validity Not Before: Dec 6 10:00:54 2025 GMT Not After : Dec 7 10:00:54 2025 GMT Subject: CN=579e8d86ff95d16587899828f01da82f336527a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:0c:7f:84:8a:6b:ac:25:b3:2c:be:b2:42:8c: 01:02:c7:19:90:aa:69:8b:90:31:26:f0:aa:9b:30: a8:12:f6:d2:9b:21:62:e8:5a:03:1b:14:18:43:93: e7:3b:76:18:3a:99:41:c9:7c:7e:4b:db:6b:3a:15: f3:e6:71:22:ba:1f:14:d2:21:20:c8:8f:12:c1:96: ee:1e:a5:c8:9f:1c:20:37:f4:58:d4:58:bd:3a:b9: 70:6f:17:93:71:e0:e0:13:29:04:ea:42:25:f0:7f: 63:06:72:57:37:d3:a1:18:88:00:8b:e2:20:24:0a: a6:e4:f2:04:d0:4b:4e:38:47:2c:4d:12:86:85:15: a1:70:9d:b5:a5:71:d4:b1:11:0e:bf:6f:72:3d:86: 66:13:7c:77:38:b4:f1:53:15:44:2e:59:e7:bb:69: bd:e6:6a:0a:4c:1c:e4:7a:ae:f9:37:24:9b:ef:95: 05:62:38:71:62:d8:ae:90:04:64:c9:7c:cd:f8:1a: 50:95:c6:88:6c:8c:51:19:a9:3f:44:01:43:21:58: db:10:07:a5:5c:16:f0:a5:5e:8f:9e:95:a0:68:43: aa:a2:e5:e5:7a:f2:d2:3f:51:fe:81:b6:81:6c:53: 35:e5:b0:c1:54:56:35:87:b9:db:4d:77:dd:58:50: 19:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:9E:8D:86:FF:95:D1:65:87:89:98:28:F0:1D:A8:2F:33:65:27:A2 X509v3 Authority Key Identifier: keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:0b:c2:1c:ae:67:9b:12:ff:39:51:c7:9e:a3:db:52:61:50: b7:7b:f6:47:61:d8:74:fd:87:a6:46:b3:54:6f:d0:6f:79:b5: 79:e9:e7:47:52:8b:e8:68:33:03:a8:ad:a7:07:9f:d6:56:3a: ce:8a:38:e7:54:b6:f7:69:48:1d:b5:a0:23:30:ea:33:c9:e3: a9:89:e0:15:93:02:af:21:f3:94:70:a7:b9:dd:27:cf:5b:76: bf:a8:22:20:3f:f5:28:08:54:27:76:27:17:8d:c4:87:38:66: 53:89:13:c6:d9:81:a9:04:0e:1d:13:c6:c7:44:d7:c2:b5:9e: 87:37:38:de:1f:d9:b9:58:44:0e:75:64:c7:12:e3:ad:c8:2e: 82:13:32:74:66:e8:91:e1:6f:40:c1:13:4f:f1:70:57:58:dc: 5c:a4:17:4c:39:7b:84:a0:34:1a:36:ed:6d:08:fc:f0:ce:57: af:de:98:a7:85:57:64:ce:51:c3:70:14:29:2a:71:b1:88:17: ae:31:78:6c:69:01:d6:93:d5:fa:40:91:78:64:b0:c8:a4:e8: e3:33:1a:61:37:4f:22:46:5c:be:18:a4:8d:1e:80:af:e9:a7: 8c:a5:12:06:cd:bf:4b:69:7e:19:d0:09:3b:06:cd:31:9c:12: ff:b5:4c:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG3ZONI1BsQpTNjR9C8fRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw NDQzZDgwHhcNMjUxMjA2MTAwMDU0WhcNMjUxMjA3MTAwMDU0WjAzMTEwLwYDVQQD Eyg1NzllOGQ4NmZmOTVkMTY1ODc4OTk4MjhmMDFkYTgyZjMzNjUyN2EyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwx/hIprrCWzLL6yQowBAscZkKpp i5AxJvCqmzCoEvbSmyFi6FoDGxQYQ5PnO3YYOplByXx+S9trOhXz5nEiuh8U0iEg yI8SwZbuHqXInxwgN/RY1Fi9OrlwbxeTceDgEykE6kIl8H9jBnJXN9OhGIgAi+Ig JAqm5PIE0EtOOEcsTRKGhRWhcJ21pXHUsREOv29yPYZmE3x3OLTxUxVELlnnu2m9 5moKTBzkeq75NySb75UFYjhxYtiukARkyXzN+BpQlcaIbIxRGak/RAFDIVjbEAel XBbwpV6PnpWgaEOqouXlevLSP1H+gbaBbFM15bDBVFY1h7nbTXfdWFAZEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFeejYb/ldFlh4mYKPAdqC8zZSeiMB8GA1UdIwQY MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuwvCHK5n mxL/OVHHnqPbUmFQt3v2R2HYdP2HpkazVG/Qb3m1eennR1KL6GgzA6itpwef1lY6 zoo451S292lIHbWgIzDqM8njqYngFZMCryHzlHCnud0nz1t2v6giID/1KAhUJ3Yn F43EhzhmU4kTxtmBqQQOHRPGx0TXwrWehzc43h/ZuVhEDnVkxxLjrcgughMydGbo keFvQMETT/FwV1jcXKQXTDl7hKA0GjbtbQj88M5Xr96Yp4VXZM5Rw3AUKSpxsYgX rjF4bGkB1pPV+kCReGSwyKTo4zMaYTdPIkZcvhikjR6Ar+mnjKUSBs2/S2l+GdAJ OwbNMZwS/7VMCA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:06:55 2025 by rpki-client