This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft File: DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft (raw, json) Hash identifier: uI5h91Eal9/72uc/+c5goS1zpRijHBX5pCn0p0zvjE4= Subject key identifier: 86:67:C2:81:A9:11:B8:25:06:E1:72:43:12:F8:86:E3:26:E6:CF:40 Authority key identifier: 0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53 Certificate issuer: /CN=0c874a5f52734e260e7bfa4d45114add9277e353 Certificate serial: 019AF12F034F7C22D8F717EBA63888767231 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft Manifest number: 094D Signing time: Sat 06 Dec 2025 01:03:01 +0000 Manifest this update: Sat 06 Dec 2025 01:03:01 +0000 Manifest next update: Sun 07 Dec 2025 01:03:01 +0000 Files and hashes: 1: DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl (hash: 6V7pPpkpaWweFu3C91CqCpReoo9zcRhp15BTh2vjHek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:03:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2f:03:4f:7c:22:d8:f7:17:eb:a6:38:88:76:72:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0c874a5f52734e260e7bfa4d45114add9277e353 Validity Not Before: Dec 6 01:03:01 2025 GMT Not After : Dec 7 01:03:01 2025 GMT Subject: CN=8667c281a911b82506e1724312f886e326e6cf40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3f:6e:af:42:82:c3:e3:e6:c6:a1:71:cc:56: d7:98:ce:4c:f9:06:e1:ab:c6:35:ed:e2:6f:03:f7: 21:53:47:71:f0:3c:82:6d:cd:89:5b:63:ac:b6:d7: c6:03:77:93:b8:60:1f:91:3c:a7:71:e9:51:84:45: 64:54:f6:3c:98:f1:ff:01:01:7b:12:38:39:6a:e9: e1:20:99:f7:9e:23:21:ef:57:03:bf:1b:9f:88:35: 57:84:ca:f8:30:87:08:1c:89:a4:27:00:ec:71:f6: 5b:2c:36:48:6a:f2:45:7b:9e:d6:9f:fe:0e:9d:32: 8d:15:99:1c:d1:13:08:46:c3:5a:23:30:97:57:75: e2:f8:5e:16:72:f7:9a:45:74:09:e4:44:f0:5c:9f: 3d:28:38:4e:49:b8:d5:f5:5c:a5:a7:01:3b:8e:42: 18:b1:75:24:73:5a:06:33:13:b8:49:8a:c4:f8:d4: b8:32:14:57:01:87:ea:a9:90:04:5b:67:6c:21:43: 2a:98:ea:c2:a4:1b:c5:6b:b5:58:6f:d4:86:83:40: f7:da:ad:a6:0e:ad:46:fb:a5:cd:f6:b6:90:74:1c: 1f:d5:47:4d:ed:6b:03:d6:8c:97:e2:2e:f9:5d:2a: 70:a8:0a:b9:35:f5:46:53:81:8e:76:f5:90:33:85: 1c:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:67:C2:81:A9:11:B8:25:06:E1:72:43:12:F8:86:E3:26:E6:CF:40 X509v3 Authority Key Identifier: keyid:0C:87:4A:5F:52:73:4E:26:0E:7B:FA:4D:45:11:4A:DD:92:77:E3:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DIdKX1JzTiYOe_pNRRFK3ZJ341M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/53b489-ab48-49fe-9d01-a0e37f25a515/1/DIdKX1JzTiYOe_pNRRFK3ZJ341M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:d1:6d:25:b5:15:eb:fa:8e:7c:63:0f:d3:e7:53:6d:41:86: e6:7c:28:00:99:e5:3f:0a:05:bc:7c:a3:63:fb:b8:1e:07:b3: eb:96:bc:43:d6:cd:57:9e:63:58:c2:27:17:6a:4e:91:43:83: 52:58:35:e4:62:c1:75:26:b4:16:59:d4:f9:ba:49:46:26:8e: fb:0f:9e:69:cc:79:27:e6:d4:0e:e8:d9:e8:2b:6b:f3:a8:05: b6:3a:8b:d5:11:f5:4a:db:dd:1c:c1:c4:40:1d:eb:12:91:27: 15:4b:f2:e5:b1:c1:43:ce:3a:d9:4e:0f:ac:ee:f8:cc:8b:57: 19:13:c9:56:4c:c2:d7:37:9b:5b:47:1c:1b:88:66:b1:3f:b9: a0:9b:2b:12:fe:ba:65:67:31:4a:3f:fa:f1:12:fa:c1:8f:ca: 7f:f8:3f:9c:3b:80:c6:e2:6c:4c:22:48:f4:79:a9:72:ab:ae: b0:0d:1c:e6:cc:66:b1:44:0f:46:0d:25:da:65:69:f4:14:fc: 2d:43:69:ec:f3:e1:ed:9e:78:d7:3b:40:fc:c2:2b:c5:93:0d: 23:34:ba:f8:02:18:71:75:56:50:6b:92:c2:45:ec:6e:b0:09: c7:51:8d:d5:f1:a7:9e:2b:47:d7:c7:be:26:e6:79:88:dc:ee: ba:fd:b7:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLwNPfCLY9xfrpjiIdnIxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjODc0YTVmNTI3MzRlMjYwZTdiZmE0ZDQ1MTE0YWRkOTI3 N2UzNTMwHhcNMjUxMjA2MDEwMzAxWhcNMjUxMjA3MDEwMzAxWjAzMTEwLwYDVQQD Eyg4NjY3YzI4MWE5MTFiODI1MDZlMTcyNDMxMmY4ODZlMzI2ZTZjZjQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD9ur0KCw+PmxqFxzFbXmM5M+Qbh q8Y17eJvA/chU0dx8DyCbc2JW2OsttfGA3eTuGAfkTyncelRhEVkVPY8mPH/AQF7 Ejg5aunhIJn3niMh71cDvxufiDVXhMr4MIcIHImkJwDscfZbLDZIavJFe57Wn/4O nTKNFZkc0RMIRsNaIzCXV3Xi+F4WcveaRXQJ5ETwXJ89KDhOSbjV9VylpwE7jkIY sXUkc1oGMxO4SYrE+NS4MhRXAYfqqZAEW2dsIUMqmOrCpBvFa7VYb9SGg0D32q2m Dq1G+6XN9raQdBwf1UdN7WsD1oyX4i75XSpwqAq5NfVGU4GOdvWQM4Uc6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIZnwoGpEbglBuFyQxL4huMm5s9AMB8GA1UdIwQY MBaAFAyHSl9Sc04mDnv6TUURSt2Sd+NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEt YTBlMzdmMjVhNTE1LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC81M2I0ODktYWI0OC00OWZlLTlkMDEtYTBlMzdmMjVhNTE1 LzEvRElkS1gxSnpUaVlPZV9wTlJSRkszWkozNDFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVdFtJbUV 6/qOfGMP0+dTbUGG5nwoAJnlPwoFvHyjY/u4Hgez65a8Q9bNV55jWMInF2pOkUOD Ulg15GLBdSa0FlnU+bpJRiaO+w+eacx5J+bUDujZ6Ctr86gFtjqL1RH1StvdHMHE QB3rEpEnFUvy5bHBQ8462U4PrO74zItXGRPJVkzC1zebW0ccG4hmsT+5oJsrEv66 ZWcxSj/68RL6wY/Kf/g/nDuAxuJsTCJI9HmpcquusA0c5sxmsUQPRg0l2mVp9BT8 LUNp7PPh7Z541ztA/MIrxZMNIzS6+AIYcXVWUGuSwkXsbrAJx1GN1fGnnitH18e+ JuZ5iNzuuv23CQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:50 2025 by rpki-client