This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft File: DXtk3YGIxSbrXrReqB6mqK-cWek.mft (raw, json) Hash identifier: AcTsnkbbRB5twxCFs9TSIGzBEYQFwXLpc5vhe0hzJQo= Subject key identifier: 1E:E3:7C:84:F4:64:93:53:34:0C:CE:C8:19:98:39:E7:90:57:14:01 Authority key identifier: 0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9 Certificate issuer: /CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9 Certificate serial: 019AF19B6FB832EAF6165176E3A5B3851630 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft Manifest number: 03E7 Signing time: Sat 06 Dec 2025 03:01:26 +0000 Manifest this update: Sat 06 Dec 2025 03:01:26 +0000 Manifest next update: Sun 07 Dec 2025 03:01:26 +0000 Files and hashes: 1: DXtk3YGIxSbrXrReqB6mqK-cWek.crl (hash: W2iTVueWSbjEp1uwf8YiO2HZF4HLQI49ISbR9EdXbyo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:6f:b8:32:ea:f6:16:51:76:e3:a5:b3:85:16:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d7b64dd8188c526eb5eb45ea81ea6a8af9c59e9 Validity Not Before: Dec 6 03:01:26 2025 GMT Not After : Dec 7 03:01:26 2025 GMT Subject: CN=1ee37c84f4649353340ccec8199839e790571401 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:e1:bb:70:48:7d:7e:2f:1d:1d:7a:73:c6:d0: f5:38:6d:d9:65:9d:99:34:d7:11:fc:6f:13:1b:a3: f9:18:d6:4e:fc:85:86:5d:c7:e5:34:27:3e:ef:4b: b3:bb:d5:cd:d1:ce:da:0e:df:9e:e7:76:a6:27:c4: 4a:a9:33:1d:7a:9b:b3:09:a9:98:e9:47:fb:0b:e1: aa:21:38:2d:8b:41:13:c0:ef:a9:8b:eb:76:0d:27: a2:8d:dd:50:11:2e:d4:3a:f2:5e:3d:0f:44:7b:f6: c6:09:b3:f8:52:b6:bd:a7:84:db:68:25:7f:75:26: 22:38:bd:2a:48:b4:92:db:7b:5e:62:ae:fd:fc:96: 1b:a2:53:f9:c2:14:9c:82:12:53:99:e0:84:f6:86: cd:00:37:ee:8e:82:a0:c4:f1:bf:1d:67:0f:52:65: a3:1f:f4:44:8b:9d:96:20:98:34:c2:3d:50:8d:74: 6f:a7:27:1a:f0:51:33:99:36:cd:b1:ff:f4:5d:b1: e0:20:68:25:45:30:07:b2:d9:ac:74:24:8a:af:5b: ed:98:77:c1:4f:fc:9b:24:01:2a:4c:38:f2:22:65: de:c6:f7:22:b6:98:d9:09:6f:a5:2a:6f:96:e3:65: 60:f9:e2:31:4a:b7:8a:f2:81:7b:1e:84:67:b0:2c: f6:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:E3:7C:84:F4:64:93:53:34:0C:CE:C8:19:98:39:E7:90:57:14:01 X509v3 Authority Key Identifier: keyid:0D:7B:64:DD:81:88:C5:26:EB:5E:B4:5E:A8:1E:A6:A8:AF:9C:59:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXtk3YGIxSbrXrReqB6mqK-cWek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bc91d2-e209-4a1d-9f78-33d31293f0e1/1/DXtk3YGIxSbrXrReqB6mqK-cWek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:92:ff:d1:b9:64:4c:a3:d1:be:91:ec:3d:e5:d0:49:d8:e1: 94:8a:13:bc:fe:39:11:79:d4:14:b5:d9:32:8d:01:3c:52:2a: 11:bc:ee:b0:de:c4:ee:b8:0b:b4:bd:5a:20:f0:78:4d:4c:a4: 5d:01:61:d7:0d:e4:6c:f5:03:f3:ce:33:43:30:98:40:46:06: 6b:ee:a8:67:e7:90:8f:a3:da:e0:bb:d5:c8:c1:1b:65:07:ea: f5:08:da:30:8f:3b:4e:04:8d:03:a8:02:4d:1b:cb:15:6a:47: ba:dd:0a:8d:ed:44:f7:13:99:30:42:36:2e:e1:ee:71:9c:8b: 4d:2c:d1:10:b6:6d:9e:0f:62:48:7e:88:03:ae:31:86:d4:93: db:cd:d1:f3:8c:e1:35:70:73:78:cc:2e:7a:df:98:1d:ee:60: ef:7e:60:92:f3:6d:8e:24:c4:09:ea:0c:e2:89:bc:e4:08:86: cc:92:0a:cd:b9:a5:fb:40:00:c3:38:a6:b7:9e:a6:36:f9:7b: c1:5a:0d:9d:8e:90:14:48:6a:d8:84:4e:31:1a:e9:62:e3:0b: c0:1b:54:2a:c8:23:2c:ed:ee:b5:8c:a5:ed:97:89:f3:33:4f: b7:a7:51:6a:79:a2:51:02:15:48:49:a5:32:8c:1e:35:15:98: 50:7f:2a:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm2+4Mur2FlF246WzhRYwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkN2I2NGRkODE4OGM1MjZlYjVlYjQ1ZWE4MWVhNmE4YWY5 YzU5ZTkwHhcNMjUxMjA2MDMwMTI2WhcNMjUxMjA3MDMwMTI2WjAzMTEwLwYDVQQD EygxZWUzN2M4NGY0NjQ5MzUzMzQwY2NlYzgxOTk4MzllNzkwNTcxNDAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieG7cEh9fi8dHXpzxtD1OG3ZZZ2Z NNcR/G8TG6P5GNZO/IWGXcflNCc+70uzu9XN0c7aDt+e53amJ8RKqTMdepuzCamY 6Uf7C+GqITgti0ETwO+pi+t2DSeijd1QES7UOvJePQ9Ee/bGCbP4Ura9p4TbaCV/ dSYiOL0qSLSS23teYq79/JYbolP5whScghJTmeCE9obNADfujoKgxPG/HWcPUmWj H/REi52WIJg0wj1QjXRvpyca8FEzmTbNsf/0XbHgIGglRTAHstmsdCSKr1vtmHfB T/ybJAEqTDjyImXexvcitpjZCW+lKm+W42Vg+eIxSreK8oF7HoRnsCz2xQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7jfIT0ZJNTNAzOyBmYOeeQVxQBMB8GA1UdIwQY MBaAFA17ZN2BiMUm6160XqgepqivnFnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgt MzNkMzEyOTNmMGUxLzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9iYzkxZDItZTIwOS00YTFkLTlmNzgtMzNkMzEyOTNmMGUx LzEvRFh0azNZR0l4U2JyWHJSZXFCNm1xSy1jV2VrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANpL/0blk TKPRvpHsPeXQSdjhlIoTvP45EXnUFLXZMo0BPFIqEbzusN7E7rgLtL1aIPB4TUyk XQFh1w3kbPUD884zQzCYQEYGa+6oZ+eQj6Pa4LvVyMEbZQfq9QjaMI87TgSNA6gC TRvLFWpHut0Kje1E9xOZMEI2LuHucZyLTSzRELZtng9iSH6IA64xhtST283R84zh NXBzeMwuet+YHe5g735gkvNtjiTECeoM4om85AiGzJIKzbml+0AAwzimt56mNvl7 wVoNnY6QFEhq2IROMRrpYuMLwBtUKsgjLO3utYyl7ZeJ8zNPt6dRanmiUQIVSEml MoweNRWYUH8qtQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:47:06 2025 by rpki-client