This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft File: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft (raw, json) Hash identifier: muUpZVRwlXp7jtjU7+H8ZeNpoVyqc5ESZQdYai5fnuI= Subject key identifier: B3:FC:A4:8C:25:44:9B:25:01:18:F5:45:01:10:56:03:E7:45:96:21 Authority key identifier: 0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02 Certificate issuer: /CN=0d784bd96a44bc361d13344d54c8bc51ff67a802 Certificate serial: 019AF49BBC88F23EAC9755C8F90821573A22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft Manifest number: 0EC6 Signing time: Sat 06 Dec 2025 17:00:38 +0000 Manifest this update: Sat 06 Dec 2025 17:00:38 +0000 Manifest next update: Sun 07 Dec 2025 17:00:38 +0000 Files and hashes: 1: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl (hash: RnHkv6VFr91qi/93U7JrTwSZBr8kB4NOugJprnvQ1LE=) 2: zo9Y2aPXtg0v5rw18Mi_WOQc36Y.roa (hash: v9STSvD6P0pmUA0gxCp1HPZofea00hykboqUh1BCCCs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:bc:88:f2:3e:ac:97:55:c8:f9:08:21:57:3a:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d784bd96a44bc361d13344d54c8bc51ff67a802 Validity Not Before: Dec 6 17:00:38 2025 GMT Not After : Dec 7 17:00:38 2025 GMT Subject: CN=b3fca48c25449b250118f54501105603e7459621 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bc:76:73:98:ff:e0:38:55:60:7a:d1:a7:37: 5e:7c:27:85:c0:6a:49:54:d4:31:da:57:1c:fe:07: 6f:be:cd:88:49:86:4d:d4:7f:dc:5b:9d:37:a1:e0: 61:e4:6d:93:b8:91:ad:57:8d:83:a0:c2:cf:97:a8: ba:1c:f0:f3:05:cf:a9:27:16:63:da:5d:5e:e7:d7: e2:f6:f6:6d:2f:21:ed:c8:22:60:1e:7b:fc:60:61: 81:c9:94:d4:f1:51:46:8d:f1:c7:a7:e8:3b:eb:83: 61:75:f3:71:87:2b:41:4e:71:1e:62:d6:fb:4a:51: 23:93:17:68:d4:9c:21:36:a2:68:95:95:d4:d8:75: 9a:60:45:4e:d8:27:72:60:b9:00:f5:8c:a3:f8:47: 67:f6:00:28:6f:44:79:21:a9:c9:58:c6:e0:84:88: 27:dd:d8:85:de:89:b1:73:16:49:4f:53:70:25:a5: c4:00:af:4c:d5:90:a0:bb:92:54:92:13:36:8c:b4: 2a:b9:3f:49:94:b6:b2:b2:a4:ff:50:d2:4f:32:ca: c1:f5:16:dc:33:08:a5:d9:32:c5:37:42:40:6b:12: 2d:16:f1:4f:61:7a:30:f0:75:f2:0a:e1:88:10:a2: e7:ac:97:73:e1:0e:a3:b5:ce:9c:7b:b4:b5:dc:3e: d2:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:FC:A4:8C:25:44:9B:25:01:18:F5:45:01:10:56:03:E7:45:96:21 X509v3 Authority Key Identifier: keyid:0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:25:11:aa:c4:7b:6c:36:69:fe:cc:87:bb:b8:3c:85:3b:55: 64:06:5c:c2:dc:96:ac:9e:1d:c3:0d:95:98:dd:7a:ef:10:90: 80:79:3a:7d:13:27:4a:e4:65:4e:02:fc:52:9f:1d:77:d8:b4: dd:a9:87:9a:43:6f:74:ff:b6:d8:1e:73:d5:fc:d7:ed:e5:c7: eb:d9:91:55:cf:f7:66:9b:23:c1:ac:f7:6c:0d:8b:f1:8a:b9: 56:cc:44:8e:d1:0e:e3:13:2c:e1:31:86:56:61:80:de:a4:f3: a9:1c:4f:ca:20:8b:00:56:1e:43:d5:8f:2e:d1:c2:82:5e:4f: f9:74:44:60:77:7a:38:6b:37:66:ad:3c:95:77:af:86:51:47: 94:ef:2d:89:a7:d6:67:f7:01:73:d4:e3:0c:2d:85:38:aa:61: bb:b9:ff:fb:fa:2c:26:f2:7c:72:de:e4:f0:a6:d6:9f:4b:e1: 55:4a:66:50:de:85:51:c0:99:23:b5:6f:dd:3e:fc:39:89:5b: 3a:2c:9f:7b:88:3d:6b:9c:dd:5f:43:64:2d:c1:44:97:94:70: b3:cb:a0:67:31:11:ea:96:48:23:b6:65:05:5f:3f:ad:32:40: c8:9c:c7:44:cd:54:18:48:49:d8:c5:a9:c0:37:79:da:22:96: 37:77:61:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m7yI8j6sl1XI+QghVzoiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNzg0YmQ5NmE0NGJjMzYxZDEzMzQ0ZDU0YzhiYzUxZmY2 N2E4MDIwHhcNMjUxMjA2MTcwMDM4WhcNMjUxMjA3MTcwMDM4WjAzMTEwLwYDVQQD EyhiM2ZjYTQ4YzI1NDQ5YjI1MDExOGY1NDUwMTEwNTYwM2U3NDU5NjIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rx2c5j/4DhVYHrRpzdefCeFwGpJ VNQx2lcc/gdvvs2ISYZN1H/cW503oeBh5G2TuJGtV42DoMLPl6i6HPDzBc+pJxZj 2l1e59fi9vZtLyHtyCJgHnv8YGGByZTU8VFGjfHHp+g764NhdfNxhytBTnEeYtb7 SlEjkxdo1JwhNqJolZXU2HWaYEVO2CdyYLkA9Yyj+Edn9gAob0R5IanJWMbghIgn 3diF3omxcxZJT1NwJaXEAK9M1ZCgu5JUkhM2jLQquT9JlLaysqT/UNJPMsrB9Rbc Mwil2TLFN0JAaxItFvFPYXow8HXyCuGIEKLnrJdz4Q6jtc6ce7S13D7STwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLP8pIwlRJslARj1RQEQVgPnRZYhMB8GA1UdIwQY MBaAFA14S9lqRLw2HRM0TVTIvFH/Z6gCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAt ZDRjNjZmNGYzYjZlLzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAtZDRjNjZmNGYzYjZl LzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKCURqsR7 bDZp/syHu7g8hTtVZAZcwtyWrJ4dww2VmN167xCQgHk6fRMnSuRlTgL8Up8dd9i0 3amHmkNvdP+22B5z1fzX7eXH69mRVc/3Zpsjwaz3bA2L8Yq5VsxEjtEO4xMs4TGG VmGA3qTzqRxPyiCLAFYeQ9WPLtHCgl5P+XREYHd6OGs3Zq08lXevhlFHlO8tiafW Z/cBc9TjDC2FOKphu7n/+/osJvJ8ct7k8KbWn0vhVUpmUN6FUcCZI7Vv3T78OYlb Oiyfe4g9a5zdX0NkLcFEl5Rws8ugZzER6pZII7ZlBV8/rTJAyJzHRM1UGEhJ2MWp wDd52iKWN3dh7Q== -----END CERTIFICATE-----Generated at Sun Dec 7 01:53:20 2025 by rpki-client