This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft File: DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json) Hash identifier: 8YauWwvQ92hYM8sS9jIBQgt4ZrjDz/HoKUAGt5jQM/8= Subject key identifier: 97:2A:21:91:EA:6A:DE:4C:43:AD:38:73:8C:D5:AA:96:69:98:09:0F Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9 Certificate issuer: /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9 Certificate serial: 019B25BFFD93457A811D0BED5A4EDF82D819 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft Manifest number: 0402 Signing time: Tue 16 Dec 2025 06:01:37 +0000 Manifest this update: Tue 16 Dec 2025 06:01:37 +0000 Manifest next update: Wed 17 Dec 2025 06:01:37 +0000 Files and hashes: 1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: xtUiyBXIlLa3n+10b4Nc9Av1328kMgMnLZdL/zIWwvc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:bf:fd:93:45:7a:81:1d:0b:ed:5a:4e:df:82:d8:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9 Validity Not Before: Dec 16 06:01:37 2025 GMT Not After : Dec 17 06:01:37 2025 GMT Subject: CN=972a2191ea6ade4c43ad38738cd5aa966998090f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:52:89:33:b0:68:02:4c:b4:36:af:6d:bd:75: 83:16:52:67:97:ce:2d:c7:27:5a:c9:f7:0e:18:5c: f5:4b:b2:f8:90:7b:37:77:e0:76:4c:dd:77:93:fd: d1:04:76:ba:fc:86:d0:81:50:fe:b4:f9:ab:18:c2: 65:ba:ec:22:26:f2:bb:8d:d0:87:92:80:92:dd:e4: 6e:37:34:45:3d:ec:b8:f0:3e:75:6a:8b:da:4e:c9: 9f:9f:0e:a5:ae:71:1b:26:b8:5a:c5:6f:2c:27:af: 55:0f:90:83:b6:99:c9:ef:4c:ad:5e:f0:59:74:d1: 7c:22:3b:7d:7b:75:91:7c:40:c8:42:6e:9e:b5:21: ab:8f:9d:cf:c3:92:a8:78:b0:53:c5:6d:0e:af:0c: 7d:d1:8d:b0:77:b8:9a:49:32:37:a2:9f:a3:45:f6: 18:05:22:e5:ab:af:dd:f4:5c:47:ae:ed:4a:20:49: e0:c3:47:e2:d8:cf:6f:1c:c7:7a:b3:05:28:09:09: a8:11:58:39:99:c6:39:1e:39:1d:67:cf:5b:8a:95: ea:c3:27:81:54:22:0b:12:d9:0d:7e:0b:b6:ae:73: 4f:27:9f:32:c5:bb:e1:d0:1e:80:ef:75:33:8f:3d: 85:a3:20:88:33:ac:01:08:40:a0:80:9b:a1:c8:f8: ee:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:2A:21:91:EA:6A:DE:4C:43:AD:38:73:8C:D5:AA:96:69:98:09:0F X509v3 Authority Key Identifier: keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:a4:3a:f8:ec:01:1d:d6:6a:b6:a5:35:e8:7b:f9:43:bb:1f: 53:82:37:a4:78:77:90:1b:b8:88:c9:93:f2:a5:ef:f0:51:ec: f6:72:0f:cb:d7:6f:2e:3b:5f:89:db:8d:16:f8:f1:14:ca:f9: 10:ee:d7:64:b0:6f:f8:3a:1b:ea:95:aa:bd:88:5e:41:9d:b4: 94:a2:47:c5:a4:6a:12:72:f5:4e:8b:06:b4:a3:75:85:70:ca: 0a:d2:de:1a:37:16:e9:66:d9:5c:5f:d5:d3:21:e1:e7:c8:f8: 0c:d5:fd:b9:85:1b:0d:f3:e4:0c:79:25:95:4b:99:c5:46:9e: 04:28:e9:e5:b3:4f:d3:2b:00:07:65:2d:f3:32:56:6d:90:bf: e5:3b:2d:4e:3c:6c:e8:f7:60:01:e1:2b:de:72:74:0e:a1:10: a6:18:e6:1f:96:59:92:2b:9e:d1:21:8a:20:2d:66:39:fe:09: 92:6a:5c:50:eb:ec:ee:15:99:ac:10:37:2b:3e:2f:0a:25:3f: b4:c9:5e:f8:01:f7:68:3c:93:84:18:91:4e:46:0b:53:84:12: ec:2b:58:c4:55:f3:a8:02:35:d9:8d:22:08:49:db:cb:29:d1: c5:17:ff:96:34:03:95:6c:c5:08:bf:87:bd:3b:35:d8:19:7b: 56:cf:00:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZslv/2TRXqBHQvtWk7fgtgZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5 YzU5ZTkwHhcNMjUxMjE2MDYwMTM3WhcNMjUxMjE3MDYwMTM3WjAzMTEwLwYDVQQD Eyg5NzJhMjE5MWVhNmFkZTRjNDNhZDM4NzM4Y2Q1YWE5NjY5OTgwOTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFKJM7BoAky0Nq9tvXWDFlJnl84t xydayfcOGFz1S7L4kHs3d+B2TN13k/3RBHa6/IbQgVD+tPmrGMJluuwiJvK7jdCH koCS3eRuNzRFPey48D51aovaTsmfnw6lrnEbJrhaxW8sJ69VD5CDtpnJ70ytXvBZ dNF8Ijt9e3WRfEDIQm6etSGrj53Pw5KoeLBTxW0Orwx90Y2wd7iaSTI3op+jRfYY BSLlq6/d9FxHru1KIEngw0fi2M9vHMd6swUoCQmoEVg5mcY5HjkdZ89bipXqwyeB VCILEtkNfgu2rnNPJ58yxbvh0B6A73Uzjz2FoyCIM6wBCECggJuhyPjuowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJcqIZHqat5MQ604c4zVqpZpmAkPMB8GA1UdIwQY MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF6Q6+OwB HdZqtqU16Hv5Q7sfU4I3pHh3kBu4iMmT8qXv8FHs9nIPy9dvLjtfiduNFvjxFMr5 EO7XZLBv+Dob6pWqvYheQZ20lKJHxaRqEnL1TosGtKN1hXDKCtLeGjcW6WbZXF/V 0yHh58j4DNX9uYUbDfPkDHkllUuZxUaeBCjp5bNP0ysAB2Ut8zJWbZC/5TstTjxs 6PdgAeEr3nJ0DqEQphjmH5ZZkiue0SGKIC1mOf4JkmpcUOvs7hWZrBA3Kz4vCiU/ tMle+AH3aDyThBiRTkYLU4QS7CtYxFXzqAI12Y0iCEnbyynRxRf/ljQDlWzFCL+H vTs12Bl7Vs8Amg== -----END CERTIFICATE-----Generated at Tue Dec 16 10:57:54 2025 by rpki-client