This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft File: duK6XMFQs1PL00ufBF6gUJdAhE0.mft (raw, json) Hash identifier: KB4D2giRiSSeB1M/TV1L0lSCNFuKJQarxCL26RGvYt0= Subject key identifier: 21:61:A0:C0:CC:76:D1:B7:42:11:0F:13:56:AB:21:70:0C:B7:2E:56 Authority key identifier: 76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D Certificate issuer: /CN=76e2ba5cc150b353cbd34b9f045ea0509740844d Certificate serial: 019AF1D208A6726381DE4EAF0EFADD307793 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 04:01:05 +0000 Manifest this update: Sat 06 Dec 2025 04:01:05 +0000 Manifest next update: Sun 07 Dec 2025 04:01:05 +0000 Files and hashes: 1: Bia10WQI4xw0UI_i-ndQUbuN950.roa (hash: cjV4yJiHMdoyYcYcYJ8yPol8C2FCborf12L6f+mp+8Y=) 2: duK6XMFQs1PL00ufBF6gUJdAhE0.crl (hash: 0E//YuhgjDrbCDUPKuaKliZIvzt9Zm1fy/ccDiNZzW8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:08:a6:72:63:81:de:4e:af:0e:fa:dd:30:77:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76e2ba5cc150b353cbd34b9f045ea0509740844d Validity Not Before: Dec 6 04:01:05 2025 GMT Not After : Dec 7 04:01:05 2025 GMT Subject: CN=2161a0c0cc76d1b742110f1356ab21700cb72e56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:67:c9:ae:2a:07:5c:82:2b:8f:b0:58:76:bd: ee:e1:48:3e:f4:cd:a1:22:92:43:eb:6b:0f:1b:ea: ba:ce:9c:2a:cc:d2:05:e4:98:62:ee:df:4f:57:0b: 5f:de:2e:69:0d:a7:09:30:0b:2c:65:63:ff:70:a3: ce:78:0f:06:7f:dd:29:d2:5b:cd:7c:6a:f0:64:3d: a0:32:55:e3:7d:5a:74:73:2a:da:0c:e4:f7:51:f5: e1:ac:69:25:ff:5d:5d:a3:84:c6:a8:7a:e6:91:38: 07:9b:5d:24:f9:cb:9d:0e:26:f1:91:82:da:94:c1: e6:70:63:c5:97:0e:1b:6a:56:d9:7d:ab:e9:c1:11: 3a:77:ed:69:9b:4e:4b:61:a1:03:b4:6b:c2:be:32: ba:55:f5:bc:d7:b7:6c:7f:0f:17:60:d7:76:06:2f: 07:bf:4f:51:45:40:86:9e:b3:c6:cf:1f:33:63:2d: 6d:31:98:8e:a4:63:7f:87:c3:ce:22:ef:e6:57:35: b3:d7:6b:54:ff:d9:74:ca:30:76:9f:18:52:71:37: 35:db:7c:fe:19:62:20:36:38:1f:7e:82:4e:98:61: d2:96:a1:81:70:5d:58:b5:72:1c:d1:13:2b:56:06: 36:b8:bd:d3:8f:5a:bf:b9:4d:32:aa:f4:ed:39:cc: 58:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:61:A0:C0:CC:76:D1:B7:42:11:0F:13:56:AB:21:70:0C:B7:2E:56 X509v3 Authority Key Identifier: keyid:76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:03:b5:e0:e9:0d:a4:7b:4c:e4:ff:29:c8:c9:7e:3f:da:dd: eb:dd:2c:06:14:25:55:57:d5:78:a3:43:85:99:14:31:60:ed: ed:f7:c2:65:20:06:a0:3c:58:1f:f8:ea:27:89:14:25:6a:18: f6:2d:03:10:d4:30:01:a5:6a:ac:b2:4a:0d:fb:48:d8:f1:57: 6a:9d:63:29:b9:b6:9f:f3:33:b9:3b:a8:00:36:05:44:0f:81: c7:2f:f7:11:58:c0:b1:b5:18:b6:0a:63:ad:97:f4:1d:ad:a7: 8d:8e:13:35:0d:c7:72:f8:c8:09:ae:cb:96:aa:88:fb:8c:35: d1:b3:10:ab:8c:2b:f4:ee:b1:ef:7b:4d:d3:71:2c:68:68:5a: d7:a5:14:b6:b5:da:06:53:c0:35:5f:36:59:d1:22:7c:52:f0: 2d:2d:e8:b8:7b:18:6e:df:14:27:3d:0c:a5:ce:d5:2c:22:1d: 9e:a1:fb:29:ea:aa:18:40:bc:7a:f3:2e:d3:cb:7c:e7:1d:d1: 30:4f:27:7e:8e:31:3a:21:bb:4b:a7:b3:e4:ec:08:96:74:68: cd:7b:23:57:5d:15:1f:8d:e7:48:bb:c9:90:c0:21:1f:2d:23: 8a:32:7c:ed:7b:e2:bf:72:ee:fe:4c:64:73:88:81:da:46:0c: 0c:09:4a:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0gimcmOB3k6vDvrdMHeTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2ZTJiYTVjYzE1MGIzNTNjYmQzNGI5ZjA0NWVhMDUwOTc0 MDg0NGQwHhcNMjUxMjA2MDQwMTA1WhcNMjUxMjA3MDQwMTA1WjAzMTEwLwYDVQQD EygyMTYxYTBjMGNjNzZkMWI3NDIxMTBmMTM1NmFiMjE3MDBjYjcyZTU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGfJrioHXIIrj7BYdr3u4Ug+9M2h IpJD62sPG+q6zpwqzNIF5Jhi7t9PVwtf3i5pDacJMAssZWP/cKPOeA8Gf90p0lvN fGrwZD2gMlXjfVp0cyraDOT3UfXhrGkl/11do4TGqHrmkTgHm10k+cudDibxkYLa lMHmcGPFlw4balbZfavpwRE6d+1pm05LYaEDtGvCvjK6VfW817dsfw8XYNd2Bi8H v09RRUCGnrPGzx8zYy1tMZiOpGN/h8POIu/mVzWz12tU/9l0yjB2nxhScTc123z+ GWIgNjgffoJOmGHSlqGBcF1YtXIc0RMrVgY2uL3Tj1q/uU0yqvTtOcxY7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCFhoMDMdtG3QhEPE1arIXAMty5WMB8GA1UdIwQY MBaAFHbiulzBULNTy9NLnwReoFCXQIRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2Et NzA0MDVlMzUyOGFmLzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2EtNzA0MDVlMzUyOGFm LzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIwO14OkN pHtM5P8pyMl+P9rd690sBhQlVVfVeKNDhZkUMWDt7ffCZSAGoDxYH/jqJ4kUJWoY 9i0DENQwAaVqrLJKDftI2PFXap1jKbm2n/MzuTuoADYFRA+Bxy/3EVjAsbUYtgpj rZf0Ha2njY4TNQ3HcvjICa7LlqqI+4w10bMQq4wr9O6x73tN03EsaGha16UUtrXa BlPANV82WdEifFLwLS3ouHsYbt8UJz0Mpc7VLCIdnqH7KeqqGEC8evMu08t85x3R ME8nfo4xOiG7S6ez5OwIlnRozXsjV10VH43nSLvJkMAhHy0jijJ87Xviv3Lu/kxk c4iB2kYMDAlKtQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:23:20 2025 by rpki-client