This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft File: DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json) Hash identifier: IU2M83ryzdwuBSDJNB+fKs1LVXolUPtiue9cvUfEmwo= Subject key identifier: AE:77:99:BB:8D:CA:1C:91:AC:72:02:8D:BB:60:EE:88:23:DC:EC:93 Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C Certificate issuer: /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c Certificate serial: 019AF12ECE8FCB9D0E77BBF314DB0C61639E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft Manifest number: 12F0 Signing time: Sat 06 Dec 2025 01:02:47 +0000 Manifest this update: Sat 06 Dec 2025 01:02:47 +0000 Manifest next update: Sun 07 Dec 2025 01:02:47 +0000 Files and hashes: 1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: g8UZc18+vb5MVl2rp1XvqerKemr7X5CsYpYg6V2IlkI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:ce:8f:cb:9d:0e:77:bb:f3:14:db:0c:61:63:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c Validity Not Before: Dec 6 01:02:47 2025 GMT Not After : Dec 7 01:02:47 2025 GMT Subject: CN=ae7799bb8dca1c91ac72028dbb60ee8823dcec93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:51:a9:b0:01:f7:c3:2a:c4:0e:00:39:79:08: 80:9b:63:6d:bd:54:da:94:48:39:36:97:b3:08:6e: 5c:5f:ff:da:7b:f4:43:43:21:30:2d:28:f8:e3:50: 99:1c:e6:1a:a1:16:2a:18:16:b9:ad:12:c4:c6:2e: 2f:cb:69:8c:94:ae:18:6c:e7:c4:d8:01:c3:96:4f: e7:3d:35:ee:8f:77:55:32:83:85:0e:e3:b0:ee:31: 30:13:ba:c8:ba:24:6a:c2:b3:ac:41:2b:9a:fb:5c: ab:35:4b:2b:bb:f9:8c:fe:2b:d5:4c:78:9d:d8:ea: 43:9a:40:35:be:4e:c0:2b:e4:1c:a2:38:5f:1b:a5: b5:9b:64:90:5f:60:7e:82:61:62:9a:53:2f:b3:71: d2:65:bc:35:82:ff:1c:92:f5:fc:bd:48:de:56:7b: 89:92:b6:a7:bd:ba:be:8f:b0:18:0d:fa:d7:f0:9d: 9b:ba:c8:0c:c9:5c:31:ff:1b:51:27:81:28:2b:17: e7:2a:a8:fc:26:d5:c5:c8:1d:6c:63:aa:40:84:e7: 72:ce:1c:07:b0:10:1e:20:b3:54:5f:d0:ff:56:b2: b7:1d:df:a1:6c:c6:d4:c6:47:c7:89:e4:bb:d8:bb: b0:64:83:f2:d2:0a:a6:51:d2:df:84:c0:d6:ab:d8: 08:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:77:99:BB:8D:CA:1C:91:AC:72:02:8D:BB:60:EE:88:23:DC:EC:93 X509v3 Authority Key Identifier: keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:f0:9a:47:17:eb:1a:97:d9:b8:aa:c5:79:12:3e:5a:ec:a7: 10:e9:1f:6d:c5:0f:53:14:49:8c:e7:10:7f:90:7e:c2:9f:93: 21:ef:36:cd:39:a7:15:be:fd:78:19:58:5f:6a:0a:b2:03:8c: 98:27:06:8b:95:98:31:68:1e:60:d4:13:89:4e:bd:d7:86:4f: 85:ee:85:0e:8b:78:9f:b2:8f:63:49:55:b5:cf:51:b5:6d:6e: 6b:f8:47:1a:b3:1a:9b:e9:78:30:2d:5c:bb:33:7f:fd:0e:6e: f2:91:21:43:66:2f:08:77:96:09:09:a0:a3:78:d7:bf:eb:18: 3c:f5:14:34:92:e9:d0:4e:1c:ce:91:6c:9e:92:f9:91:12:f8: 29:9e:d8:4a:d7:2e:f0:9d:cb:a9:66:18:86:bc:04:4f:5b:32: bd:21:f8:cf:6c:6f:05:e8:f0:83:5a:23:48:a5:1b:d4:8e:7c: db:a1:0b:33:b5:00:11:b1:af:4c:47:99:60:54:a0:b4:17:a8: 93:7d:fe:22:da:5d:6f:7d:6b:e2:5f:af:10:9c:50:fb:be:41: 96:76:f4:7d:35:09:94:bd:b4:fe:2c:71:e9:26:e6:76:cc:20: ab:cf:c4:44:27:f1:ff:d3:0d:78:f0:21:3b:82:f6:03:e5:1d: b0:69:fb:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLs6Py50Od7vzFNsMYWOeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2 YjM1N2MwHhcNMjUxMjA2MDEwMjQ3WhcNMjUxMjA3MDEwMjQ3WjAzMTEwLwYDVQQD EyhhZTc3OTliYjhkY2ExYzkxYWM3MjAyOGRiYjYwZWU4ODIzZGNlYzkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlGpsAH3wyrEDgA5eQiAm2NtvVTa lEg5NpezCG5cX//ae/RDQyEwLSj441CZHOYaoRYqGBa5rRLExi4vy2mMlK4YbOfE 2AHDlk/nPTXuj3dVMoOFDuOw7jEwE7rIuiRqwrOsQSua+1yrNUsru/mM/ivVTHid 2OpDmkA1vk7AK+QcojhfG6W1m2SQX2B+gmFimlMvs3HSZbw1gv8ckvX8vUjeVnuJ kranvbq+j7AYDfrX8J2busgMyVwx/xtRJ4EoKxfnKqj8JtXFyB1sY6pAhOdyzhwH sBAeILNUX9D/VrK3Hd+hbMbUxkfHieS72LuwZIPy0gqmUdLfhMDWq9gIIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK53mbuNyhyRrHICjbtg7ogj3OyTMB8GA1UdIwQY MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/CaRxfr GpfZuKrFeRI+WuynEOkfbcUPUxRJjOcQf5B+wp+TIe82zTmnFb79eBlYX2oKsgOM mCcGi5WYMWgeYNQTiU6914ZPhe6FDot4n7KPY0lVtc9RtW1ua/hHGrMam+l4MC1c uzN//Q5u8pEhQ2YvCHeWCQmgo3jXv+sYPPUUNJLp0E4czpFsnpL5kRL4KZ7YStcu 8J3LqWYYhrwET1syvSH4z2xvBejwg1ojSKUb1I5826ELM7UAEbGvTEeZYFSgtBeo k33+Itpdb31r4l+vEJxQ+75Blnb0fTUJlL20/ixx6Sbmdswgq8/ERCfx/9MNePAh O4L2A+UdsGn7YA== -----END CERTIFICATE-----Generated at Sat Dec 6 06:59:05 2025 by rpki-client