This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft File: d7tRRrULW8gaNXR6K75lKqC3Fnw.mft (raw, json) Hash identifier: 7OgCiqD+luc9te9lErrJmavIxChGPuZuTpWk8ExPTXc= Subject key identifier: DA:47:EC:A3:F0:54:CC:1C:7D:EA:11:6C:92:77:4D:05:C2:72:3A:06 Authority key identifier: 77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C Certificate issuer: /CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c Certificate serial: 019B397D96AE7C96D655AA0BCA55143EE704 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft Manifest number: 142B Signing time: Sat 20 Dec 2025 02:01:30 +0000 Manifest this update: Sat 20 Dec 2025 02:01:30 +0000 Manifest next update: Sun 21 Dec 2025 02:01:30 +0000 Files and hashes: 1: d7tRRrULW8gaNXR6K75lKqC3Fnw.crl (hash: iBNgkIRj0QXNpcu4YwwQd78xbWWW+1GHz+ZfIcBGyF0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:7d:96:ae:7c:96:d6:55:aa:0b:ca:55:14:3e:e7:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c Validity Not Before: Dec 20 02:01:30 2025 GMT Not After : Dec 21 02:01:30 2025 GMT Subject: CN=da47eca3f054cc1c7dea116c92774d05c2723a06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ca:c4:57:c9:6a:37:b6:1a:4a:18:cd:57:78: 56:79:1e:35:67:79:a6:84:dd:9c:56:51:5a:af:91: 7c:c4:15:06:81:90:ac:9f:2c:1f:2e:1e:ef:9f:f5: bf:52:81:5c:ac:82:e3:2f:09:42:85:f0:03:a8:4c: 49:43:2f:7f:58:f0:61:f5:80:e6:7b:a8:0c:ed:fa: 80:af:52:d6:07:2f:07:b4:fa:32:a7:ae:f2:79:7e: 97:da:c2:de:95:20:97:54:0b:74:a2:5e:ae:54:53: 99:56:65:92:16:b6:e5:c4:5c:ef:d4:0a:2d:c4:ad: 9e:8e:c5:ad:53:4c:71:57:87:af:db:65:9c:86:43: df:13:1d:66:48:4c:77:0b:91:ad:18:7c:3f:85:5f: 68:98:1c:62:0a:5e:9c:02:1a:31:1d:29:d5:0e:23: 47:5f:65:f0:f3:82:5b:38:cc:90:9a:1e:e2:dc:3b: 25:81:c5:f9:4f:79:5f:0e:9a:c3:22:62:80:90:01: 5f:0c:0c:2b:32:9c:9d:e0:1e:d1:8b:91:94:ee:6f: 41:93:94:ae:e4:a6:14:04:d0:64:da:fd:06:fc:15: b4:7f:3c:a5:d3:42:a1:a4:7f:56:45:8a:50:17:2e: 55:3e:9e:03:20:aa:a9:0d:20:2e:58:ae:63:ec:5c: f2:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:47:EC:A3:F0:54:CC:1C:7D:EA:11:6C:92:77:4D:05:C2:72:3A:06 X509v3 Authority Key Identifier: keyid:77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:97:f6:ac:21:4e:64:b6:d9:50:de:b7:33:11:51:11:7b:37: 6f:66:61:2d:ef:65:58:31:5c:09:f1:f2:78:6e:33:af:e7:b4: 48:10:09:01:de:a6:0a:b7:70:3b:e0:12:be:cb:a1:7f:62:be: c5:4a:38:5f:57:b2:6f:ce:cc:d7:4d:d1:8d:e6:8a:71:a9:4b: 80:e5:12:68:9c:8e:7a:11:e3:ff:00:7d:c9:39:ea:66:c2:43: 6c:63:87:5c:7e:52:f4:a2:ce:41:00:51:c2:17:c5:be:f2:05: 33:95:5a:b3:b2:fb:b2:15:a9:62:af:76:34:4b:80:2c:b3:01: 7d:0c:56:c5:c0:1d:39:15:18:42:80:7d:97:22:21:5a:20:7e: 4d:79:8d:07:e7:c6:41:1b:20:f7:cd:e6:2e:f6:04:bc:ad:67: e7:7b:13:e5:90:90:6b:dd:6c:94:88:73:52:90:34:20:36:12: 27:55:dc:40:db:55:0d:9d:74:09:d9:f7:fa:d5:fb:47:59:44: 97:fb:96:c6:e4:d9:9e:69:30:e8:29:33:23:41:d8:ab:62:a7: 9c:0c:60:0e:36:6f:f0:4f:1c:d3:39:b5:00:51:d8:26:0a:74: 07:b3:12:43:d1:c0:8f:d7:9c:46:06:4b:d9:cd:3b:85:32:3f: 57:c6:1a:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5fZaufJbWVaoLylUUPucEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3YmI1MTQ2YjUwYjViYzgxYTM1NzQ3YTJiYmU2NTJhYTBi NzE2N2MwHhcNMjUxMjIwMDIwMTMwWhcNMjUxMjIxMDIwMTMwWjAzMTEwLwYDVQQD EyhkYTQ3ZWNhM2YwNTRjYzFjN2RlYTExNmM5Mjc3NGQwNWMyNzIzYTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucrEV8lqN7YaShjNV3hWeR41Z3mm hN2cVlFar5F8xBUGgZCsnywfLh7vn/W/UoFcrILjLwlChfADqExJQy9/WPBh9YDm e6gM7fqAr1LWBy8HtPoyp67yeX6X2sLelSCXVAt0ol6uVFOZVmWSFrblxFzv1Aot xK2ejsWtU0xxV4ev22WchkPfEx1mSEx3C5GtGHw/hV9omBxiCl6cAhoxHSnVDiNH X2Xw84JbOMyQmh7i3DslgcX5T3lfDprDImKAkAFfDAwrMpyd4B7Ri5GU7m9Bk5Su 5KYUBNBk2v0G/BW0fzyl00KhpH9WRYpQFy5VPp4DIKqpDSAuWK5j7FzypQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNpH7KPwVMwcfeoRbJJ3TQXCcjoGMB8GA1UdIwQY MBaAFHe7UUa1C1vIGjV0eiu+ZSqgtxZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYt ZjA4N2U0Zjg1ZTUwLzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYtZjA4N2U0Zjg1ZTUw LzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbpf2rCFO ZLbZUN63MxFREXs3b2ZhLe9lWDFcCfHyeG4zr+e0SBAJAd6mCrdwO+ASvsuhf2K+ xUo4X1eyb87M103RjeaKcalLgOUSaJyOehHj/wB9yTnqZsJDbGOHXH5S9KLOQQBR whfFvvIFM5Vas7L7shWpYq92NEuALLMBfQxWxcAdORUYQoB9lyIhWiB+TXmNB+fG QRsg983mLvYEvK1n53sT5ZCQa91slIhzUpA0IDYSJ1XcQNtVDZ10Cdn3+tX7R1lE l/uWxuTZnmkw6CkzI0HYq2KnnAxgDjZv8E8c0zm1AFHYJgp0B7MSQ9HAj9ecRgZL 2c07hTI/V8YawA== -----END CERTIFICATE-----Generated at Sat Dec 20 09:52:08 2025 by rpki-client