This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft File: dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json) Hash identifier: Wt2U5Fuv8Cc7XqnzOuuLQ52WP4/44CoZvYe31CAOG4o= Subject key identifier: CF:99:3D:E0:7D:28:27:D1:B6:64:AC:B4:D4:D7:6D:D8:29:4F:14:EB Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A Certificate issuer: /CN=74b27c5d5684864853df5b81572212ede322ce0a Certificate serial: 019B360E0012608FF2DC3A7422A2C5DAE82F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft Manifest number: 0459 Signing time: Fri 19 Dec 2025 10:00:45 +0000 Manifest this update: Fri 19 Dec 2025 10:00:45 +0000 Manifest next update: Sat 20 Dec 2025 10:00:45 +0000 Files and hashes: 1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: rzTvuN0KPA0sLY9iN+h8YfdoCOt/J2TeRbuGDM1ZRGM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:0e:00:12:60:8f:f2:dc:3a:74:22:a2:c5:da:e8:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a Validity Not Before: Dec 19 10:00:45 2025 GMT Not After : Dec 20 10:00:45 2025 GMT Subject: CN=cf993de07d2827d1b664acb4d4d76dd8294f14eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:32:23:e9:44:a4:75:7e:08:7f:bb:ce:7e:55: 42:06:84:22:d1:22:6c:8d:89:f2:12:0c:9c:6d:b7: 38:19:36:00:1c:8b:5b:89:19:aa:ae:4b:17:dc:be: 73:3c:d6:6a:6c:3d:13:fb:bc:f0:da:ff:1b:d2:5c: 16:82:af:c1:93:e8:67:67:0c:5f:db:19:49:da:4e: 3e:ab:0e:1b:a7:c0:be:95:a8:c8:0c:36:19:c6:1c: ef:be:e4:d8:8a:bb:1d:f1:c1:6d:a9:53:8a:6a:f4: 03:12:24:86:ac:e7:7b:c4:bd:d2:10:23:21:e8:a5: 28:3e:d2:93:de:9b:d5:1d:75:8c:8c:95:65:79:b5: 2f:06:c5:96:06:21:7e:5a:e4:75:f3:00:03:c4:6b: 8c:44:16:ae:54:3d:39:7d:a0:9c:a2:47:2a:6c:84: f7:b3:f0:64:02:5f:71:fe:6e:9e:d4:35:9c:96:4e: 49:6f:66:1c:e4:ff:65:38:9e:37:2c:17:03:a6:44: c7:e1:84:ab:06:be:3c:69:ee:94:ad:d5:c5:75:c6: 90:8e:d2:e7:dd:09:8a:d9:02:c6:e9:b0:a5:0e:ed: a8:5d:80:7f:05:e5:a4:85:ed:bd:d6:f0:ce:c1:dc: 98:d4:62:75:47:fa:61:96:ee:a6:fb:19:9f:5a:5b: 90:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:99:3D:E0:7D:28:27:D1:B6:64:AC:B4:D4:D7:6D:D8:29:4F:14:EB X509v3 Authority Key Identifier: keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:06:13:3c:18:9d:80:ee:6d:67:43:17:db:03:d9:0c:02:4a: f5:70:a2:c2:89:b4:d7:c7:38:cf:08:35:ab:31:f4:e4:e8:5b: 97:9e:29:60:44:be:b0:17:75:2a:99:a7:8a:b6:2a:3b:63:1a: 5a:ae:35:e1:d9:7d:87:57:98:8c:e5:31:36:6a:5c:2b:9d:a8: 71:fb:01:3c:9d:59:db:3f:4b:bd:95:db:9d:b9:4d:19:e4:4e: 71:4f:20:8b:58:1d:c6:35:e1:4c:4a:43:43:4a:2c:4a:31:6a: e6:33:7e:7d:18:54:4a:1a:85:76:ca:f0:1b:31:b4:1a:6b:8b: 03:3b:2f:53:e6:e4:84:d0:a4:fd:a0:f7:3c:2c:56:50:4c:9a: 09:d9:e6:41:46:f4:21:5e:89:0c:a1:76:c3:b0:8f:6a:45:fe: 97:b2:3e:cc:68:f4:5d:0f:43:f1:27:2e:b8:6b:51:57:d4:41: e7:aa:27:4e:e7:f4:60:c4:a5:f5:31:75:1e:c6:c2:6a:f9:92: fc:73:ee:3c:a1:fd:1f:a1:1d:4f:13:0e:f9:1f:11:62:2c:be: 1a:2b:10:30:6f:01:e4:16:8b:9c:21:d6:c2:52:ef:67:ab:b9: de:ea:42:32:3c:d7:10:f8:2e:df:a2:ca:a4:d5:e3:5e:a8:be: 66:84:21:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs2DgASYI/y3Dp0IqLF2ugvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy MmNlMGEwHhcNMjUxMjE5MTAwMDQ1WhcNMjUxMjIwMTAwMDQ1WjAzMTEwLwYDVQQD EyhjZjk5M2RlMDdkMjgyN2QxYjY2NGFjYjRkNGQ3NmRkODI5NGYxNGViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zIj6USkdX4If7vOflVCBoQi0SJs jYnyEgycbbc4GTYAHItbiRmqrksX3L5zPNZqbD0T+7zw2v8b0lwWgq/Bk+hnZwxf 2xlJ2k4+qw4bp8C+lajIDDYZxhzvvuTYirsd8cFtqVOKavQDEiSGrOd7xL3SECMh 6KUoPtKT3pvVHXWMjJVlebUvBsWWBiF+WuR18wADxGuMRBauVD05faCcokcqbIT3 s/BkAl9x/m6e1DWclk5Jb2Yc5P9lOJ43LBcDpkTH4YSrBr48ae6UrdXFdcaQjtLn 3QmK2QLG6bClDu2oXYB/BeWkhe291vDOwdyY1GJ1R/phlu6m+xmfWluQAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM+ZPeB9KCfRtmSstNTXbdgpTxTrMB8GA1UdIwQY MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1 LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAugYTPBid gO5tZ0MX2wPZDAJK9XCiwom018c4zwg1qzH05Ohbl54pYES+sBd1KpmnirYqO2Ma Wq414dl9h1eYjOUxNmpcK52ocfsBPJ1Z2z9LvZXbnblNGeROcU8gi1gdxjXhTEpD Q0osSjFq5jN+fRhUShqFdsrwGzG0GmuLAzsvU+bkhNCk/aD3PCxWUEyaCdnmQUb0 IV6JDKF2w7CPakX+l7I+zGj0XQ9D8ScuuGtRV9RB56onTuf0YMSl9TF1HsbCavmS /HPuPKH9H6EdTxMO+R8RYiy+GisQMG8B5BaLnCHWwlLvZ6u53upCMjzXEPgu36LK pNXjXqi+ZoQhWA== -----END CERTIFICATE-----Generated at Fri Dec 19 12:49:08 2025 by rpki-client