This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft File: dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json) Hash identifier: 0ukZmrmM6BFf+POEFBuZVFxR3ZpOKq8Xzujjj68I3vA= Subject key identifier: F6:4A:EF:AB:56:B6:B8:F9:05:C0:90:E3:9F:9A:62:6F:73:22:67:8B Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A Certificate issuer: /CN=74b27c5d5684864853df5b81572212ede322ce0a Certificate serial: 019AF2771D9B8D9A23258F57CF86BFBC42EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft Manifest number: 0436 Signing time: Sat 06 Dec 2025 07:01:23 +0000 Manifest this update: Sat 06 Dec 2025 07:01:23 +0000 Manifest next update: Sun 07 Dec 2025 07:01:23 +0000 Files and hashes: 1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: mHEjDSMch6tlRON7ww+iDTmc/gbPNcjSow4R4eH79oo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:1d:9b:8d:9a:23:25:8f:57:cf:86:bf:bc:42:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a Validity Not Before: Dec 6 07:01:23 2025 GMT Not After : Dec 7 07:01:23 2025 GMT Subject: CN=f64aefab56b6b8f905c090e39f9a626f7322678b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:e2:86:56:9d:45:f5:20:6b:9f:a8:f7:80:e2: 29:7a:c0:b0:19:ab:82:31:ce:34:e8:cb:8e:1d:ec: 2a:59:53:08:ba:09:eb:88:f5:b0:38:14:0b:4a:d0: 0a:3a:d1:88:00:61:a8:40:d8:fd:1c:b0:51:a7:ad: 1e:80:48:ea:10:7e:74:0e:76:23:5c:3d:95:59:1c: 90:b6:ac:87:ec:f7:6e:3b:c9:e5:aa:65:f6:79:0a: 5e:06:cf:6c:a5:d2:34:f2:ab:4e:92:db:b3:f1:b2: 87:6e:cb:fa:77:6d:10:55:28:a6:3e:07:b1:57:b7: 42:e7:82:76:d0:03:17:82:21:3e:8f:2e:ab:2b:fc: 7a:18:bf:4f:8f:db:33:0a:ad:46:b6:a2:c6:d7:9e: 5d:a8:83:c7:46:0d:4b:a6:f6:ed:aa:d4:94:c3:93: a3:67:76:ed:cf:cc:20:4b:68:3c:c8:42:af:bc:11: cd:28:ab:db:74:d7:ec:34:0a:96:75:94:95:68:45: 59:ee:63:bb:2e:ee:48:6e:c6:9b:53:85:24:03:09: ad:d5:0d:e1:a6:ad:62:32:93:03:d1:77:61:38:60: 9a:6d:53:7d:e5:32:00:92:45:89:94:14:cb:10:c4: e3:f1:ee:46:4a:7e:16:4d:cd:4e:8b:6c:23:0d:2d: 2e:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:4A:EF:AB:56:B6:B8:F9:05:C0:90:E3:9F:9A:62:6F:73:22:67:8B X509v3 Authority Key Identifier: keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:7d:cb:52:fe:14:48:03:2d:0f:84:ea:a7:3d:de:54:af:b7: 38:cf:7b:c2:d2:73:be:5b:7c:c2:b5:34:3c:6d:43:ce:e8:cd: 0b:bf:16:79:60:5a:90:17:dd:6d:cd:91:ee:96:01:97:c7:67: 01:35:f6:d9:4e:68:b9:c2:23:bf:ac:5a:f0:f6:a7:7b:2f:f3: 80:bf:e8:1f:c9:97:06:34:5d:73:68:2c:97:ca:52:33:70:70: 2e:bb:60:0c:eb:f6:75:0d:a3:ff:d1:90:02:84:58:45:75:b9: 7a:b7:6e:89:16:ba:9f:4f:5e:c9:70:7a:cc:a8:50:59:0e:79: df:8d:d0:16:30:f5:6a:60:6a:1c:ce:4b:a6:eb:ec:1f:d2:d9: f4:40:b0:f5:fe:dc:a0:93:82:bc:1b:37:f8:53:65:f8:57:03: b0:8c:0c:a3:b9:d6:ed:96:8b:97:61:08:dc:53:91:cb:69:45: f1:3a:07:f1:f6:93:66:b4:95:c9:59:85:75:7d:60:06:d9:69: 94:4a:50:16:fb:8c:eb:e6:74:7e:8e:8b:bd:44:49:2b:db:b1: a5:a5:74:8d:46:34:55:49:55:e8:84:71:ef:33:4a:a7:7c:f1: 53:5f:5b:01:71:90:98:7d:1d:c2:8f:42:43:40:d4:93:75:6c: 91:ad:cc:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydx2bjZojJY9Xz4a/vELuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy MmNlMGEwHhcNMjUxMjA2MDcwMTIzWhcNMjUxMjA3MDcwMTIzWjAzMTEwLwYDVQQD EyhmNjRhZWZhYjU2YjZiOGY5MDVjMDkwZTM5ZjlhNjI2ZjczMjI2NzhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouKGVp1F9SBrn6j3gOIpesCwGauC Mc406MuOHewqWVMIugnriPWwOBQLStAKOtGIAGGoQNj9HLBRp60egEjqEH50DnYj XD2VWRyQtqyH7PduO8nlqmX2eQpeBs9spdI08qtOktuz8bKHbsv6d20QVSimPgex V7dC54J20AMXgiE+jy6rK/x6GL9Pj9szCq1GtqLG155dqIPHRg1LpvbtqtSUw5Oj Z3btz8wgS2g8yEKvvBHNKKvbdNfsNAqWdZSVaEVZ7mO7Lu5IbsabU4UkAwmt1Q3h pq1iMpMD0XdhOGCabVN95TIAkkWJlBTLEMTj8e5GSn4WTc1Oi2wjDS0uGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPZK76tWtrj5BcCQ45+aYm9zImeLMB8GA1UdIwQY MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1 LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYH3LUv4U SAMtD4Tqpz3eVK+3OM97wtJzvlt8wrU0PG1DzujNC78WeWBakBfdbc2R7pYBl8dn ATX22U5oucIjv6xa8Paney/zgL/oH8mXBjRdc2gsl8pSM3BwLrtgDOv2dQ2j/9GQ AoRYRXW5erduiRa6n09eyXB6zKhQWQ55343QFjD1amBqHM5LpuvsH9LZ9ECw9f7c oJOCvBs3+FNl+FcDsIwMo7nW7ZaLl2EI3FORy2lF8ToH8faTZrSVyVmFdX1gBtlp lEpQFvuM6+Z0fo6LvURJK9uxpaV0jUY0VUlV6IRx7zNKp3zxU19bAXGQmH0dwo9C Q0DUk3Vska3MiQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:15:00 2025 by rpki-client