This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft File: 37H24AFTpJGGEbFLawP2gS7YikM.mft (raw, json) Hash identifier: WuGblOSmH9ea4iKcups8Ji6v965OOd/2WgbQ7uPOwB8= Subject key identifier: 89:29:B0:20:7B:F6:02:B1:E0:B3:81:03:03:66:B0:9C:2D:9B:0D:AC Authority key identifier: DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43 Certificate issuer: /CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43 Certificate serial: 019AF19BBD4EBB0DF982F9EBE298E6E4A677 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft Manifest number: 106D Signing time: Sat 06 Dec 2025 03:01:46 +0000 Manifest this update: Sat 06 Dec 2025 03:01:46 +0000 Manifest next update: Sun 07 Dec 2025 03:01:46 +0000 Files and hashes: 1: 37H24AFTpJGGEbFLawP2gS7YikM.crl (hash: Y1jBjDE8AvUFzsUMvuokSLqIEmS+nGZH0IEmcPK8pKc=) 2: NZtS_yd4-bo9e2cvGKzyKvYI3pE.roa (hash: +rJHNNOfAgRLW2AYZ2GQZ4sJIXJPzKob0SOJ3Knzwec=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:bd:4e:bb:0d:f9:82:f9:eb:e2:98:e6:e4:a6:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43 Validity Not Before: Dec 6 03:01:46 2025 GMT Not After : Dec 7 03:01:46 2025 GMT Subject: CN=8929b0207bf602b1e0b381030366b09c2d9b0dac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:03:d8:37:1e:1f:12:47:37:94:ec:70:f2:47: 22:5a:10:71:a5:25:02:a6:3f:f0:6c:b2:ea:9d:6a: 81:d6:ae:7b:3c:47:61:a0:97:13:ba:12:1d:17:c3: 74:26:2f:03:43:f8:03:be:2b:70:d2:9d:b7:28:d0: 92:6f:15:de:7d:16:66:36:16:3f:fc:1b:28:6d:b8: 26:48:85:f9:36:9d:0a:01:0f:59:72:63:f1:7c:d7: f2:11:92:bf:47:1d:1c:ac:53:bc:8b:c3:2f:63:55: c3:ac:a6:2f:fe:fd:60:75:4c:96:1e:0a:bb:f6:43: 8b:50:61:03:20:a7:a8:d5:f9:46:09:8b:96:a6:39: 1c:01:f6:44:48:a1:5a:9a:98:fa:a1:ca:da:90:c4: bc:07:63:4e:45:8b:56:e8:3d:01:fa:4e:7a:dd:ca: d3:12:e3:b9:6c:1e:f2:c9:b8:10:e9:fa:b7:9c:62: 7b:c5:99:91:1e:ff:db:ef:5e:f9:c8:1e:cc:76:ae: 28:25:ae:8f:d1:b7:97:f2:38:10:cc:51:55:0c:64: 1d:2c:47:d2:23:8d:a5:2e:b2:a0:4a:1a:29:ad:b2: 03:ae:57:2a:6a:8a:ed:bd:aa:d4:78:fe:59:6a:20: ba:f5:39:91:d1:20:ea:7c:1b:f6:38:89:64:da:8b: ff:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:29:B0:20:7B:F6:02:B1:E0:B3:81:03:03:66:B0:9C:2D:9B:0D:AC X509v3 Authority Key Identifier: keyid:DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:83:0f:90:71:a6:c0:28:36:d8:53:66:7f:18:75:aa:2d:cc: e8:20:29:4c:f8:99:3d:20:bd:8d:bf:af:61:d4:06:0e:64:7e: 54:a7:92:8c:90:7a:4a:3b:8c:53:be:76:39:d5:0c:ff:67:92: 88:2d:4c:55:92:14:4f:8e:21:cf:72:56:31:cf:c9:22:f9:08: cf:36:8d:25:60:ee:52:17:ff:70:4f:2c:1c:53:4f:e6:70:5f: e7:ab:4c:dc:4a:3f:04:0f:63:83:ef:21:1e:86:b8:29:5b:55: f9:cb:48:73:53:df:b4:fa:54:67:3d:18:13:f4:41:23:57:26: 96:bf:88:28:6e:fc:03:15:18:c0:4f:4d:56:c1:d9:e7:fe:b0: 56:95:ef:6b:45:aa:d1:99:8d:12:95:32:b7:a0:c2:2f:84:7b: b5:fa:35:e5:ec:8c:f5:d2:1a:aa:2e:68:a6:56:c4:ef:6d:49: 91:3d:8d:40:f9:6d:b9:51:24:73:56:b5:ec:69:7e:31:a1:f1: bb:e4:11:8b:d4:5e:39:63:8f:e4:ca:5c:3c:3c:e7:63:ec:49: ac:9d:95:ea:cb:5a:bd:ab:4f:00:d7:97:fe:44:93:9a:6b:b7: f2:c0:1f:69:79:1d:82:46:fe:45:91:db:cd:e6:23:4b:bc:49: 29:9e:2a:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm71Ouw35gvnr4pjm5KZ3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmYjFmNmUwMDE1M2E0OTE4NjExYjE0YjZiMDNmNjgxMmVk ODhhNDMwHhcNMjUxMjA2MDMwMTQ2WhcNMjUxMjA3MDMwMTQ2WjAzMTEwLwYDVQQD Eyg4OTI5YjAyMDdiZjYwMmIxZTBiMzgxMDMwMzY2YjA5YzJkOWIwZGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQPYNx4fEkc3lOxw8kciWhBxpSUC pj/wbLLqnWqB1q57PEdhoJcTuhIdF8N0Ji8DQ/gDvitw0p23KNCSbxXefRZmNhY/ /BsobbgmSIX5Np0KAQ9ZcmPxfNfyEZK/Rx0crFO8i8MvY1XDrKYv/v1gdUyWHgq7 9kOLUGEDIKeo1flGCYuWpjkcAfZESKFampj6ocrakMS8B2NORYtW6D0B+k563crT EuO5bB7yybgQ6fq3nGJ7xZmRHv/b7175yB7Mdq4oJa6P0beX8jgQzFFVDGQdLEfS I42lLrKgShoprbIDrlcqaortvarUeP5ZaiC69TmR0SDqfBv2OIlk2ov/dQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIkpsCB79gKx4LOBAwNmsJwtmw2sMB8GA1UdIwQY MBaAFN+x9uABU6SRhhGxS2sD9oEu2IpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEt ODEwNjI3ZmIyNjcxLzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEtODEwNjI3ZmIyNjcx LzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANoMPkHGm wCg22FNmfxh1qi3M6CApTPiZPSC9jb+vYdQGDmR+VKeSjJB6SjuMU752OdUM/2eS iC1MVZIUT44hz3JWMc/JIvkIzzaNJWDuUhf/cE8sHFNP5nBf56tM3Eo/BA9jg+8h Hoa4KVtV+ctIc1PftPpUZz0YE/RBI1cmlr+IKG78AxUYwE9NVsHZ5/6wVpXva0Wq 0ZmNEpUyt6DCL4R7tfo15eyM9dIaqi5oplbE721JkT2NQPltuVEkc1a17Gl+MaHx u+QRi9ReOWOP5MpcPDznY+xJrJ2V6stavatPANeX/kSTmmu38sAfaXkdgkb+RZHb zeYjS7xJKZ4qcw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:17:25 2025 by rpki-client