This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft File: DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft (raw, json) Hash identifier: Dem5A8H4FelqzZnvOE2nilv3LejQCOw8JyrEjngoK4I= Subject key identifier: 97:3B:C9:A9:F9:58:92:CC:60:5B:80:6A:45:03:12:AE:B6:42:73:7D Authority key identifier: 0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B Certificate issuer: /CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b Certificate serial: 019AF209262EB73B46ABA7BAB6022FCAEDD3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft Manifest number: 143C Signing time: Sat 06 Dec 2025 05:01:17 +0000 Manifest this update: Sat 06 Dec 2025 05:01:17 +0000 Manifest next update: Sun 07 Dec 2025 05:01:17 +0000 Files and hashes: 1: DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl (hash: k6l5Ro8BiRgCHYHTAg9Z1e1yV9OhoLbomqEhhBqXqMM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:26:2e:b7:3b:46:ab:a7:ba:b6:02:2f:ca:ed:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b Validity Not Before: Dec 6 05:01:17 2025 GMT Not After : Dec 7 05:01:17 2025 GMT Subject: CN=973bc9a9f95892cc605b806a450312aeb642737d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:32:c1:0d:58:3d:f7:3d:30:4d:06:79:2a:4f: 7f:15:e2:ed:14:55:9b:62:15:ff:4e:e1:ba:6d:22: 52:bb:1b:c6:66:23:a2:d1:0f:c0:74:75:1a:04:45: c2:3c:c3:f9:62:28:97:93:a2:79:62:ab:12:66:49: ec:47:50:42:1c:25:03:b7:86:29:7a:4f:36:9b:d7: ed:64:c2:d2:41:0b:f3:3b:72:6a:c2:fd:1d:19:c2: 2b:15:fc:6f:54:7a:4f:9c:86:29:75:58:3d:c4:2f: 0c:77:1e:8b:5e:eb:95:81:75:40:59:1c:a0:51:d8: 9c:8d:27:c7:53:45:e9:6e:a8:15:94:f2:59:66:68: 87:66:a5:00:d3:a8:e0:a3:f1:80:30:8b:4d:8b:66: 97:d9:06:d1:6c:f8:a5:ac:1b:04:88:13:86:95:c4: 40:6d:46:91:07:bd:36:ed:5a:42:d7:79:8f:87:54: 94:58:5c:bb:7e:3d:54:42:20:2e:70:45:70:e1:5c: 59:a1:ac:57:91:d9:6b:8a:25:72:87:50:6c:96:38: 50:e0:9d:15:d2:0d:c0:77:61:98:d4:f8:76:41:b8: f1:ad:1a:06:7e:79:2c:9a:d6:0b:a7:71:f1:cc:f8: 5a:a5:3a:9e:f8:df:4f:ff:35:4d:d2:2b:5b:7d:3b: e9:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:3B:C9:A9:F9:58:92:CC:60:5B:80:6A:45:03:12:AE:B6:42:73:7D X509v3 Authority Key Identifier: keyid:0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:a3:ff:38:a8:23:06:9c:8a:ef:51:a4:e1:57:2c:19:a5:a3: 37:4e:e0:99:82:39:3a:f1:f5:c8:84:68:e4:b5:7e:f2:2a:90: 60:d5:8c:19:df:24:f6:20:61:c1:70:1f:3f:d2:94:83:d6:c3: e8:b3:8c:13:0c:44:8d:ce:e8:f3:22:84:cb:d6:2c:73:38:37: 2d:45:0f:a1:28:0c:68:d2:b3:ef:44:4b:e6:4d:78:d8:81:1a: 81:7a:e8:c5:17:78:98:3c:b5:b1:e4:81:e2:d0:2f:a3:c2:1c: b0:a9:30:e4:64:d1:fa:76:04:5c:64:02:07:c3:2a:b1:19:ae: ae:70:4b:79:8c:fa:3e:f9:9e:e4:41:d2:44:10:3d:a2:34:d1: d6:73:d4:97:96:12:a4:8f:43:76:12:42:3d:35:fa:78:0d:f2: f8:1e:4b:d1:29:de:27:0f:b8:da:83:0a:a3:13:41:6d:78:a6: 81:ce:80:24:d9:f1:d4:5d:64:1c:12:c6:af:ae:15:0b:68:cf: 72:89:70:00:40:ef:83:e6:35:5c:04:29:e1:af:04:69:b3:5a: b5:b1:36:b4:7f:8b:96:d0:32:6c:3c:6e:e8:14:21:e1:19:f9: 44:f4:19:21:52:51:87:46:db:c6:6f:d6:b2:2a:25:ec:59:28: ea:a0:72:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCSYutztGq6e6tgIvyu3TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjNGYwYjlhNWZlMDM4OWZhZGNiYmZiMWZhMWM0MGM0YTRi YTBkMmIwHhcNMjUxMjA2MDUwMTE3WhcNMjUxMjA3MDUwMTE3WjAzMTEwLwYDVQQD Eyg5NzNiYzlhOWY5NTg5MmNjNjA1YjgwNmE0NTAzMTJhZWI2NDI3MzdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzLBDVg99z0wTQZ5Kk9/FeLtFFWb YhX/TuG6bSJSuxvGZiOi0Q/AdHUaBEXCPMP5YiiXk6J5YqsSZknsR1BCHCUDt4Yp ek82m9ftZMLSQQvzO3Jqwv0dGcIrFfxvVHpPnIYpdVg9xC8Mdx6LXuuVgXVAWRyg UdicjSfHU0XpbqgVlPJZZmiHZqUA06jgo/GAMItNi2aX2QbRbPilrBsEiBOGlcRA bUaRB7027VpC13mPh1SUWFy7fj1UQiAucEVw4VxZoaxXkdlriiVyh1BsljhQ4J0V 0g3Ad2GY1Ph2QbjxrRoGfnksmtYLp3HxzPhapTqe+N9P/zVN0itbfTvp0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJc7yan5WJLMYFuAakUDEq62QnN9MB8GA1UdIwQY MBaAFAxPC5pf4Difrcu/sfocQMSkug0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMt ZjYwNmFjZTRhY2MyLzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMtZjYwNmFjZTRhY2My LzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMaP/OKgj BpyK71Gk4VcsGaWjN07gmYI5OvH1yIRo5LV+8iqQYNWMGd8k9iBhwXAfP9KUg9bD 6LOMEwxEjc7o8yKEy9Ysczg3LUUPoSgMaNKz70RL5k142IEagXroxRd4mDy1seSB 4tAvo8IcsKkw5GTR+nYEXGQCB8MqsRmurnBLeYz6Pvme5EHSRBA9ojTR1nPUl5YS pI9DdhJCPTX6eA3y+B5L0SneJw+42oMKoxNBbXimgc6AJNnx1F1kHBLGr64VC2jP colwAEDvg+Y1XAQp4a8EabNatbE2tH+LltAybDxu6BQh4Rn5RPQZIVJRh0bbxm/W siol7Fko6qByTA== -----END CERTIFICATE-----Generated at Sat Dec 6 06:59:09 2025 by rpki-client