This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft File: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft (raw, json) Hash identifier: 99X/tcgad45g16z3KjFvJBdgHjlD8maCvGirTH8ytCU= Subject key identifier: D8:2D:00:3E:F7:C1:4D:12:BE:0A:63:DA:08:13:80:63:76:61:1D:52 Authority key identifier: 0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90 Certificate issuer: /CN=0d333f72d9e294543825be63729f8034a4517090 Certificate serial: 019AF1D1871A96D518922328A9CF8FAF253D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft Manifest number: 0B57 Signing time: Sat 06 Dec 2025 04:00:31 +0000 Manifest this update: Sat 06 Dec 2025 04:00:31 +0000 Manifest next update: Sun 07 Dec 2025 04:00:31 +0000 Files and hashes: 1: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl (hash: dJr0CDzfWcQLTMKvrVaPxPf+b8T+erHrolTDDERro5w=) 2: IoDHlDbNXO3jlcqfipIcULBON5A.roa (hash: KOgCTDaSahbElR1Ol4oBVrEjOtYhS4W0VzXtKth8BeM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:87:1a:96:d5:18:92:23:28:a9:cf:8f:af:25:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d333f72d9e294543825be63729f8034a4517090 Validity Not Before: Dec 6 04:00:31 2025 GMT Not After : Dec 7 04:00:31 2025 GMT Subject: CN=d82d003ef7c14d12be0a63da0813806376611d52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:2c:d0:14:6e:e4:3f:9e:77:02:6a:8e:6e:32: cd:19:f4:e8:36:e6:dd:eb:65:23:75:f5:b4:70:ea: c0:84:4f:6b:61:cb:ce:fc:cd:17:7f:1c:c9:07:1b: d9:94:ae:56:a7:be:fd:0b:ea:f6:fc:28:45:3a:c5: 8c:eb:6c:2d:54:7e:b8:fc:07:4b:8c:c3:ca:16:e0: c9:a2:cd:3a:de:44:c7:e5:78:71:58:2f:9c:61:f2: 51:67:ae:da:49:6e:28:bf:da:bd:6f:2d:43:14:78: 38:87:8a:c8:b9:67:50:3b:a2:63:72:ab:2e:43:05: 97:e5:22:1a:19:4a:72:d0:20:d9:f5:3b:a9:d2:2c: d7:d0:10:fb:26:f2:18:80:b5:91:28:91:d1:f3:ca: 2b:2c:41:15:fd:47:17:e4:06:43:c4:2a:a9:35:ba: d3:ff:36:a9:c0:02:aa:73:90:e2:1d:e5:79:7b:60: e2:be:b3:76:b0:d2:45:e8:47:2b:e2:02:34:b1:db: 41:16:c0:e4:6e:29:fa:d4:bf:40:46:c1:52:13:25: 64:a7:fa:c4:16:71:92:64:52:ce:6a:99:92:20:b3: ae:b0:b3:7e:f1:0c:1a:97:a2:6b:a4:c9:25:7f:0a: f0:f2:c4:5c:f0:ec:75:0b:66:2e:ca:c4:52:f1:62: e7:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:2D:00:3E:F7:C1:4D:12:BE:0A:63:DA:08:13:80:63:76:61:1D:52 X509v3 Authority Key Identifier: keyid:0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:78:a7:81:00:d7:41:27:7f:7e:3a:99:1f:83:ca:17:88:d9: e3:53:67:fe:d5:ed:98:71:74:bd:77:d8:ab:67:68:b7:66:8a: 3e:db:09:de:aa:fc:06:50:e1:c1:e3:3e:0d:78:8a:1a:19:9f: 83:ab:75:f1:0d:bb:de:f3:ea:79:bd:99:7d:f9:1e:ba:a6:55: 5b:6a:bb:da:e8:82:cc:bd:c9:2c:bd:64:6f:ee:ec:21:89:2e: 53:d9:ff:4f:18:89:a9:81:da:aa:be:91:5b:02:8c:63:e0:d3: eb:3c:cd:00:f2:8d:f6:aa:30:83:f5:f8:d4:23:60:8b:2a:d1: 56:90:a6:fe:69:6d:2b:0e:f4:19:5f:a4:84:65:40:60:51:04: b5:27:16:f3:c5:05:4b:07:b1:41:08:a0:40:9d:56:a4:76:39: d5:9e:d3:3e:2a:14:a5:42:8c:f0:e9:d0:7c:3f:76:57:8a:63: ff:ef:e2:eb:2f:fc:db:ec:62:76:e9:83:d4:e5:6c:28:97:be: 01:2e:4e:f7:60:60:19:9c:fb:4c:3a:4d:1d:ae:c7:f5:98:b2: b1:d9:bd:3b:a8:da:55:97:a2:5a:9c:17:8b:35:eb:b2:de:a2: 85:87:5b:9d:fd:c4:38:e3:56:dc:21:a7:5b:db:d1:34:63:29: b0:8b:5a:a3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0YcaltUYkiMoqc+PryU9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMzMzZjcyZDllMjk0NTQzODI1YmU2MzcyOWY4MDM0YTQ1 MTcwOTAwHhcNMjUxMjA2MDQwMDMxWhcNMjUxMjA3MDQwMDMxWjAzMTEwLwYDVQQD EyhkODJkMDAzZWY3YzE0ZDEyYmUwYTYzZGEwODEzODA2Mzc2NjExZDUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SzQFG7kP553AmqObjLNGfToNubd 62UjdfW0cOrAhE9rYcvO/M0XfxzJBxvZlK5Wp779C+r2/ChFOsWM62wtVH64/AdL jMPKFuDJos063kTH5XhxWC+cYfJRZ67aSW4ov9q9by1DFHg4h4rIuWdQO6Jjcqsu QwWX5SIaGUpy0CDZ9Tup0izX0BD7JvIYgLWRKJHR88orLEEV/UcX5AZDxCqpNbrT /zapwAKqc5DiHeV5e2DivrN2sNJF6Ecr4gI0sdtBFsDkbin61L9ARsFSEyVkp/rE FnGSZFLOapmSILOusLN+8Qwal6JrpMklfwrw8sRc8Ox1C2YuysRS8WLnAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNgtAD73wU0Svgpj2ggTgGN2YR1SMB8GA1UdIwQY MBaAFA0zP3LZ4pRUOCW+Y3KfgDSkUXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQt ODk0ZGZhNWRmMDE3LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQtODk0ZGZhNWRmMDE3 LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHingQDX QSd/fjqZH4PKF4jZ41Nn/tXtmHF0vXfYq2dot2aKPtsJ3qr8BlDhweM+DXiKGhmf g6t18Q273vPqeb2ZffkeuqZVW2q72uiCzL3JLL1kb+7sIYkuU9n/TxiJqYHaqr6R WwKMY+DT6zzNAPKN9qowg/X41CNgiyrRVpCm/mltKw70GV+khGVAYFEEtScW88UF SwexQQigQJ1WpHY51Z7TPioUpUKM8OnQfD92V4pj/+/i6y/82+xidumD1OVsKJe+ AS5O92BgGZz7TDpNHa7H9Ziysdm9O6jaVZeiWpwXizXrst6ihYdbnf3EOONW3CGn W9vRNGMpsItaow== -----END CERTIFICATE-----Generated at Sat Dec 6 09:03:39 2025 by rpki-client