This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft File: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json) Hash identifier: ihanERuI0pEcLVshDTWEkabLEJunP2T/P1oxz9Cfu4U= Subject key identifier: 15:9B:C3:D2:47:B9:F6:95:0F:F0:36:31:B2:8D:3A:07:F7:EA:AE:35 Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84 Certificate issuer: /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84 Certificate serial: 019AF31CA470A4F0732DA78E639E69CE9AF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft Manifest number: 1217 Signing time: Sat 06 Dec 2025 10:02:11 +0000 Manifest this update: Sat 06 Dec 2025 10:02:11 +0000 Manifest next update: Sun 07 Dec 2025 10:02:11 +0000 Files and hashes: 1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: X2me3j9WGQFt+Riwm5aRox5s/6qtzB2QyBPtJgQgwco=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:a4:70:a4:f0:73:2d:a7:8e:63:9e:69:ce:9a:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84 Validity Not Before: Dec 6 10:02:11 2025 GMT Not After : Dec 7 10:02:11 2025 GMT Subject: CN=159bc3d247b9f6950ff03631b28d3a07f7eaae35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:cb:9f:97:6c:c7:40:d8:99:98:0e:b2:a0:89: 57:07:b3:01:e8:ef:4f:66:d2:32:8a:86:7b:8e:a4: 1d:ad:55:1d:7a:fd:77:5e:13:49:c1:3b:69:6e:79: 1d:94:03:5f:76:81:d4:91:9a:ad:5e:41:9f:45:4f: 64:1f:ef:d0:fb:17:86:c7:f7:b9:8b:b9:24:22:9c: f4:21:2f:3d:a1:06:fd:3e:b8:48:91:8b:a9:ab:bc: 68:1f:4d:1c:39:94:b1:7e:57:cf:82:91:57:1b:e5: b5:7e:a7:52:d1:e2:38:8c:f3:e1:60:04:10:25:57: 44:25:03:06:ce:fc:cd:0e:17:a5:ad:00:ca:a4:6b: 73:54:f1:97:45:52:f6:72:f4:ef:0f:08:d7:18:db: a7:ef:0f:da:62:fd:05:22:2e:96:0d:c7:c3:65:a8: 1f:64:0a:31:36:31:cd:92:13:4b:cf:e7:f2:68:6e: c2:d9:bf:70:e5:0a:ed:db:59:87:ce:e0:b5:46:ee: c5:ac:66:77:0a:91:0d:00:d6:6f:62:d9:92:c6:24: 9d:d9:fa:3e:62:08:5b:c7:1d:84:63:7d:9a:e5:d8: 9f:3a:31:27:e2:16:87:ba:11:cd:86:cf:7f:ce:e6: 06:00:f8:5e:0f:67:b6:4d:94:2e:ad:35:e7:33:88: a5:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:9B:C3:D2:47:B9:F6:95:0F:F0:36:31:B2:8D:3A:07:F7:EA:AE:35 X509v3 Authority Key Identifier: keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:ec:41:9d:06:cc:de:12:0b:92:0b:fd:fc:a3:2c:47:20:7f: 27:63:dd:fd:5d:fe:26:28:9c:44:fb:b4:78:4a:c9:b5:ec:b1: bb:8f:83:f5:cb:6b:46:9c:de:4f:29:06:f3:5b:b4:3c:d1:ae: 66:ac:7d:9f:f8:c3:e1:cc:a7:a0:01:6a:c2:4c:4d:a1:e0:72: d0:03:8f:c8:c4:29:6e:db:b8:bd:c6:ec:96:23:46:2f:7a:19: f2:6c:b4:09:cf:65:81:dd:99:6f:a4:11:fc:33:cb:34:43:bc: 51:3f:ce:5b:98:0e:eb:87:9f:89:6f:9d:4d:53:10:52:45:65: 6a:0a:03:e9:71:3a:0c:29:c2:02:43:57:04:c6:6b:b3:1d:54: b3:99:8e:c8:9c:eb:f0:ae:b7:72:67:2c:33:03:f7:cf:99:46: 33:e3:a0:a3:d4:05:82:7b:9f:50:13:11:87:c5:32:0a:3f:20: 7b:58:f7:99:8d:64:73:2e:76:2d:fb:04:fe:42:c4:25:82:70: 66:a7:24:59:63:f0:d6:ce:15:2e:c8:cb:d5:25:45:39:cc:8f: 4f:00:e0:9a:53:ee:df:6d:b1:61:c0:e7:0d:37:0f:67:56:f2: 64:8a:cf:f7:6e:94:c0:90:20:b7:9c:3a:2f:53:3c:c6:ad:f6: 04:96:b1:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHKRwpPBzLaeOY55pzprxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi NTRjODQwHhcNMjUxMjA2MTAwMjExWhcNMjUxMjA3MTAwMjExWjAzMTEwLwYDVQQD EygxNTliYzNkMjQ3YjlmNjk1MGZmMDM2MzFiMjhkM2EwN2Y3ZWFhZTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8ufl2zHQNiZmA6yoIlXB7MB6O9P ZtIyioZ7jqQdrVUdev13XhNJwTtpbnkdlANfdoHUkZqtXkGfRU9kH+/Q+xeGx/e5 i7kkIpz0IS89oQb9PrhIkYupq7xoH00cOZSxflfPgpFXG+W1fqdS0eI4jPPhYAQQ JVdEJQMGzvzNDhelrQDKpGtzVPGXRVL2cvTvDwjXGNun7w/aYv0FIi6WDcfDZagf ZAoxNjHNkhNLz+fyaG7C2b9w5Qrt21mHzuC1Ru7FrGZ3CpENANZvYtmSxiSd2fo+ Yghbxx2EY32a5difOjEn4haHuhHNhs9/zuYGAPheD2e2TZQurTXnM4ilowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBWbw9JHufaVD/A2MbKNOgf36q41MB8GA1UdIwQY MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlexBnQbM 3hILkgv9/KMsRyB/J2Pd/V3+JiicRPu0eErJteyxu4+D9ctrRpzeTykG81u0PNGu Zqx9n/jD4cynoAFqwkxNoeBy0AOPyMQpbtu4vcbsliNGL3oZ8my0Cc9lgd2Zb6QR /DPLNEO8UT/OW5gO64efiW+dTVMQUkVlagoD6XE6DCnCAkNXBMZrsx1Us5mOyJzr 8K63cmcsMwP3z5lGM+Ogo9QFgnufUBMRh8UyCj8ge1j3mY1kcy52LfsE/kLEJYJw ZqckWWPw1s4VLsjL1SVFOcyPTwDgmlPu322xYcDnDTcPZ1byZIrP926UwJAgt5w6 L1M8xq32BJaxNg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:08:00 2025 by rpki-client