This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft File: DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json) Hash identifier: ACPGG3wYPTkwOQzGn4z2QdZhfqheel99aCzT7yGI4yA= Subject key identifier: F6:C8:96:82:6E:86:FE:52:81:34:7A:42:65:4A:0A:5C:96:67:D0:58 Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 Certificate issuer: /CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Certificate serial: 019AF31C83BCC970104B4DD8E6509595F502 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft Manifest number: 16F0 Signing time: Sat 06 Dec 2025 10:02:03 +0000 Manifest this update: Sat 06 Dec 2025 10:02:03 +0000 Manifest next update: Sun 07 Dec 2025 10:02:03 +0000 Files and hashes: 1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: gtSrXUHlkEYKO7cgyuLWRBdMFMdOL5pSleIdoVvag0k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:83:bc:c9:70:10:4b:4d:d8:e6:50:95:95:f5:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Validity Not Before: Dec 6 10:02:03 2025 GMT Not After : Dec 7 10:02:03 2025 GMT Subject: CN=f6c896826e86fe5281347a42654a0a5c9667d058 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:14:ec:e5:dc:7a:a1:5c:08:7a:d6:56:18:8e: 4b:31:a1:97:68:e5:92:fe:65:bb:8c:5b:45:c6:dd: 2e:03:44:03:32:4b:19:55:88:73:64:42:51:38:b7: c6:2f:b4:1c:ce:79:30:da:d1:80:db:6c:1c:47:80: 7f:05:b8:8c:83:3c:7c:eb:55:53:46:b7:8d:13:84: f9:cd:4d:d6:4e:83:d7:84:e3:e7:6c:f6:55:1f:d0: 6e:70:89:3a:9c:87:d2:38:53:bc:17:4e:44:3b:08: b9:d3:59:4d:6d:06:71:26:91:37:70:a7:dc:b7:48: c3:59:0c:84:7e:7e:91:67:62:b6:c5:e4:ef:ab:1b: cd:41:80:8d:18:45:55:86:4a:fa:20:e0:6e:0b:62: f4:9f:34:fc:ea:40:d6:28:67:2a:16:e6:7f:90:c6: 6e:78:cd:fd:87:50:0b:e4:01:39:df:6e:43:eb:07: 47:54:ea:0f:dd:84:2e:86:ab:d9:98:4f:d9:65:6e: 27:d4:94:e2:62:f7:1e:f4:36:27:a1:3d:5e:9b:ba: b3:78:e5:45:97:41:a9:05:e1:b7:bb:b1:fe:58:00: 17:e8:72:b0:f8:1d:c9:d3:16:e2:36:15:5a:99:5a: 7d:81:12:0d:12:69:55:05:20:f1:8d:5d:88:20:ec: d7:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:C8:96:82:6E:86:FE:52:81:34:7A:42:65:4A:0A:5C:96:67:D0:58 X509v3 Authority Key Identifier: keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:39:c5:02:ee:7e:1b:ec:fa:3b:e2:de:60:8f:f8:d4:c6:7a: 3a:82:7f:5c:88:49:cd:f6:fd:62:3d:74:6e:7a:e2:35:5b:a5: ca:aa:8b:29:4e:51:15:ec:c4:3c:bc:d5:2c:37:e0:17:2f:06: f0:09:50:dc:e1:b8:d8:87:2b:89:9d:97:44:fb:a9:dc:ff:d4: ee:db:cd:c1:cc:e6:d4:e0:87:ad:bb:fa:29:42:99:a0:a2:17: b2:7a:f5:23:99:e6:73:4a:51:e4:4c:69:75:36:64:f1:a5:ab: 6d:52:6d:af:bc:90:0c:96:ef:2e:e5:df:35:ed:96:74:b1:c3: f9:9b:39:8f:6b:1f:45:ab:04:1f:92:21:d0:7f:0b:a7:f6:95: bd:9d:1c:c0:42:6d:52:21:d1:52:32:3e:ff:0f:d5:16:8a:02: 23:ec:b0:09:b1:ed:a2:c2:e2:3f:6f:be:7d:9e:4b:86:ce:f7: fa:76:80:d5:54:02:80:a4:f6:b7:4c:4a:46:67:22:e3:37:35: e3:75:16:d6:37:7c:78:63:56:1c:a4:fe:b0:5a:60:d0:69:de: 5a:28:b0:78:4e:ed:7a:11:fe:fa:6c:c8:b9:6e:be:61:23:3d: 5e:49:b0:9a:31:7e:11:9b:0d:35:1a:1f:4c:9a:f9:74:c0:5b: 32:e0:aa:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHIO8yXAQS03Y5lCVlfUCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh NDlkNDEwHhcNMjUxMjA2MTAwMjAzWhcNMjUxMjA3MTAwMjAzWjAzMTEwLwYDVQQD EyhmNmM4OTY4MjZlODZmZTUyODEzNDdhNDI2NTRhMGE1Yzk2NjdkMDU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BTs5dx6oVwIetZWGI5LMaGXaOWS /mW7jFtFxt0uA0QDMksZVYhzZEJROLfGL7Qcznkw2tGA22wcR4B/BbiMgzx861VT RreNE4T5zU3WToPXhOPnbPZVH9BucIk6nIfSOFO8F05EOwi501lNbQZxJpE3cKfc t0jDWQyEfn6RZ2K2xeTvqxvNQYCNGEVVhkr6IOBuC2L0nzT86kDWKGcqFuZ/kMZu eM39h1AL5AE5325D6wdHVOoP3YQuhqvZmE/ZZW4n1JTiYvce9DYnoT1em7qzeOVF l0GpBeG3u7H+WAAX6HKw+B3J0xbiNhVamVp9gRINEmlVBSDxjV2IIOzX3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPbIloJuhv5SgTR6QmVKClyWZ9BYMB8GA1UdIwQY MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjnFAu5+ G+z6O+LeYI/41MZ6OoJ/XIhJzfb9Yj10bnriNVulyqqLKU5RFezEPLzVLDfgFy8G 8AlQ3OG42IcriZ2XRPup3P/U7tvNwczm1OCHrbv6KUKZoKIXsnr1I5nmc0pR5Exp dTZk8aWrbVJtr7yQDJbvLuXfNe2WdLHD+Zs5j2sfRasEH5Ih0H8Lp/aVvZ0cwEJt UiHRUjI+/w/VFooCI+ywCbHtosLiP2++fZ5Lhs73+naA1VQCgKT2t0xKRmci4zc1 43UW1jd8eGNWHKT+sFpg0GneWiiweE7tehH++mzIuW6+YSM9XkmwmjF+EZsNNRof TJr5dMBbMuCqAw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:37:40 2025 by rpki-client