This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft File: r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json) Hash identifier: dCi0P6NwT/3qTW/aqR7JdsgoKEXE2N9KX/c9h3H6wD0= Subject key identifier: 20:73:08:93:95:A7:A3:90:43:76:0D:61:F3:0B:BC:D7:65:A3:21:FD Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D Certificate issuer: /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d Certificate serial: 019AF1D1894A87F9D5DEA8327199D0A57DEF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft Manifest number: 0F50 Signing time: Sat 06 Dec 2025 04:00:32 +0000 Manifest this update: Sat 06 Dec 2025 04:00:32 +0000 Manifest next update: Sun 07 Dec 2025 04:00:32 +0000 Files and hashes: 1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: +QUcouCOgBlfZesRl1dcuyMmZjpsiEwyuDy5400die4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:89:4a:87:f9:d5:de:a8:32:71:99:d0:a5:7d:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d Validity Not Before: Dec 6 04:00:32 2025 GMT Not After : Dec 7 04:00:32 2025 GMT Subject: CN=2073089395a7a39043760d61f30bbcd765a321fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6e:f0:46:df:e7:51:12:d8:85:a7:c0:26:f9: d2:1c:c6:c5:0c:f6:e9:bf:83:cd:a2:e6:aa:27:c9: a1:29:87:48:f6:6a:30:19:ae:70:55:02:04:4f:4e: c7:18:16:96:d9:38:8c:0b:99:80:d7:85:fe:d7:83: c7:68:7d:78:dd:8c:ef:a4:44:22:18:02:17:84:8d: d8:7f:43:84:4d:b7:54:b5:52:3d:88:35:19:de:5d: d6:fe:87:b8:f0:60:56:b2:a3:a8:38:63:61:f4:04: 2e:b1:b5:92:04:9f:da:ce:d3:08:d2:09:d3:56:f0: 80:cb:4b:0e:83:26:b9:d2:63:3a:81:87:9e:41:dd: d4:ad:0c:f0:e8:25:05:9c:fe:b7:54:0c:4d:99:3c: 66:f6:79:dc:7b:44:b8:5b:ef:1c:b1:c3:4b:94:9f: 7a:45:76:40:c6:90:99:da:d1:b3:35:f6:91:2a:91: 35:93:61:3b:8c:d2:02:45:41:72:ad:62:e4:c7:7f: ad:78:d9:c8:3f:a9:88:8d:1e:d0:0d:1d:16:c5:00: a2:10:f4:0a:84:77:5e:2d:60:65:6f:5b:79:9d:aa: 0a:6c:66:fc:ac:8f:cd:78:e9:a5:ae:c4:9c:15:fe: f8:1a:41:d2:28:ae:52:d9:b7:f6:93:98:77:1b:34: 57:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:73:08:93:95:A7:A3:90:43:76:0D:61:F3:0B:BC:D7:65:A3:21:FD X509v3 Authority Key Identifier: keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:21:7e:f2:00:77:6f:69:8f:10:2c:8e:d5:43:ba:2d:70:5a: a3:89:5b:49:35:cf:0f:09:19:6d:9d:d4:59:7a:e0:2a:94:e6: fb:cb:07:78:ab:dd:ba:13:09:0b:0f:7a:3a:81:e8:94:97:aa: aa:9f:25:73:d2:ff:d9:cc:58:7f:d3:49:d3:fd:95:76:46:c1: 86:62:0d:75:83:09:28:41:59:24:68:56:81:c6:74:cd:aa:7a: 86:30:d1:b4:78:3d:bf:76:41:8d:a1:60:96:56:c1:c7:61:83: a0:ea:2c:36:dc:6f:0d:ef:87:e3:5e:29:22:3d:a3:ae:ec:b7: ed:3f:1b:48:74:78:13:89:3c:94:8b:e5:6e:e4:75:f5:b6:fa: 56:ea:e9:32:8f:34:00:e1:11:63:ee:5d:73:cd:50:fc:97:34: 8f:1e:29:fb:d5:61:e5:f9:1b:8f:a3:4b:67:31:68:71:3a:3e: b4:18:cf:5d:4d:79:fc:2d:fb:41:51:d8:d1:ae:1c:20:af:55: d9:c9:52:97:f1:43:e3:39:c1:0b:33:e7:74:26:d4:ee:7f:d6: 51:a7:82:8e:07:0d:41:53:32:9b:13:ed:86:c3:8c:b3:f4:32: 17:52:ad:08:75:6b:41:6c:ca:a2:8b:94:b8:96:8f:87:50:7c: 74:87:46:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0YlKh/nV3qgycZnQpX3vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj NWM0N2QwHhcNMjUxMjA2MDQwMDMyWhcNMjUxMjA3MDQwMDMyWjAzMTEwLwYDVQQD EygyMDczMDg5Mzk1YTdhMzkwNDM3NjBkNjFmMzBiYmNkNzY1YTMyMWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy27wRt/nURLYhafAJvnSHMbFDPbp v4PNouaqJ8mhKYdI9mowGa5wVQIET07HGBaW2TiMC5mA14X+14PHaH143YzvpEQi GAIXhI3Yf0OETbdUtVI9iDUZ3l3W/oe48GBWsqOoOGNh9AQusbWSBJ/aztMI0gnT VvCAy0sOgya50mM6gYeeQd3UrQzw6CUFnP63VAxNmTxm9nnce0S4W+8cscNLlJ96 RXZAxpCZ2tGzNfaRKpE1k2E7jNICRUFyrWLkx3+teNnIP6mIjR7QDR0WxQCiEPQK hHdeLWBlb1t5naoKbGb8rI/NeOmlrsScFf74GkHSKK5S2bf2k5h3GzRX0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCBzCJOVp6OQQ3YNYfMLvNdloyH9MB8GA1UdIwQY MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAiF+8gB3 b2mPECyO1UO6LXBao4lbSTXPDwkZbZ3UWXrgKpTm+8sHeKvduhMJCw96OoHolJeq qp8lc9L/2cxYf9NJ0/2VdkbBhmINdYMJKEFZJGhWgcZ0zap6hjDRtHg9v3ZBjaFg llbBx2GDoOosNtxvDe+H414pIj2jruy37T8bSHR4E4k8lIvlbuR19bb6VurpMo80 AOERY+5dc81Q/Jc0jx4p+9Vh5fkbj6NLZzFocTo+tBjPXU15/C37QVHY0a4cIK9V 2clSl/FD4znBCzPndCbU7n/WUaeCjgcNQVMymxPthsOMs/QyF1KtCHVrQWzKoouU uJaPh1B8dIdGDA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:54 2025 by rpki-client