This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.mft File: D2cf7DjwDEAvMGbxPHkuGg7RbbM.mft (raw, json) Hash identifier: Qb5I+sR/qdgXrxo8mPlLnGYYbBOoDnbIjUYrMTkEkoc= Subject key identifier: 4E:A8:F5:7D:6D:5D:72:FA:38:BB:8D:3D:A7:E1:DF:39:AB:09:BC:0F Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3 Certificate issuer: /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3 Certificate serial: 019AF31BA7484C18E5E3D502A4A1258F9F5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.mft Manifest number: 0FC8 Signing time: Sat 06 Dec 2025 10:01:07 +0000 Manifest this update: Sat 06 Dec 2025 10:01:07 +0000 Manifest next update: Sun 07 Dec 2025 10:01:07 +0000 Files and hashes: 1: D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl (hash: k+Jc08KNUtrAdhO/EllNg9x7UqiBbtD13jLs54FQOqw=) 2: FIHDrOZdPItJ1g7-VrAk_uoQnSo.roa (hash: 1BVoM3pIwN+Dth/AavDroFy4/aBiv0LMqKNh/mLZqqI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.mft rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:a7:48:4c:18:e5:e3:d5:02:a4:a1:25:8f:9f:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3 Validity Not Before: Dec 6 10:01:07 2025 GMT Not After : Dec 7 10:01:07 2025 GMT Subject: CN=4ea8f57d6d5d72fa38bb8d3da7e1df39ab09bc0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:76:11:c5:92:5b:08:30:40:15:c3:34:a2:08: 99:bb:3d:9a:a1:44:f7:98:41:b9:52:0f:9c:00:a7: 1c:0e:d0:d8:85:24:26:03:cd:9d:a3:6c:85:af:ac: 2e:39:61:6c:04:85:6b:6b:ae:c9:d0:84:d0:9e:25: 0b:ac:9a:6c:a5:05:eb:4e:5a:64:40:69:65:9f:75: 02:d4:03:e5:2f:0a:47:06:77:4f:75:f2:de:aa:c3: a2:7c:bd:65:31:55:ef:cc:08:55:bd:70:c9:10:40: d1:21:fa:57:6b:ba:05:6b:f0:66:1b:2b:9a:15:f7: 15:db:07:56:17:ad:63:db:57:60:68:a5:7c:14:e6: 32:e2:b5:14:82:72:99:e8:70:2a:88:8a:5e:3d:fc: df:a2:e3:f8:b2:7e:bf:11:f6:f7:18:39:32:7c:75: e1:d1:fe:08:4e:20:ae:47:1b:b7:19:a6:68:e0:c4: 98:f7:a4:9f:92:7d:c6:27:e4:6e:e1:bb:40:72:62: 25:54:2e:3a:3f:ec:c0:0d:ea:b3:0e:c3:3a:f4:03: 72:cf:20:b3:7f:cb:f1:ba:4c:6f:81:89:46:25:25: ab:98:1b:54:3a:c2:27:0c:10:b9:34:37:a8:01:83: cb:fe:ce:e8:ab:4c:56:4f:87:9d:6c:00:80:54:cc: 8e:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:A8:F5:7D:6D:5D:72:FA:38:BB:8D:3D:A7:E1:DF:39:AB:09:BC:0F X509v3 Authority Key Identifier: keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:24:bd:f7:61:3c:7b:0c:41:c9:cd:66:24:69:02:ab:97:6f: 9c:c8:99:be:30:b2:96:2f:6b:64:1d:0b:03:e7:06:1c:f1:75: 54:64:04:1a:83:e1:f4:75:ef:2b:57:c9:64:6a:98:9d:2e:4f: 2d:6f:b4:39:a9:d9:d0:52:b8:a3:e0:9a:2f:ea:1d:b7:c3:c5: 31:00:ce:d6:0c:7e:6a:bd:f5:00:19:24:f2:89:15:11:34:88: 05:6a:d4:22:7a:5b:71:c7:9d:b2:82:f3:d9:96:7b:a8:43:fa: 3b:59:15:cf:e2:c4:48:5d:4a:1d:36:3a:61:ec:0d:78:54:7d: 09:9b:68:bf:8d:11:87:8a:e8:eb:05:ca:2e:ef:47:22:c6:61: 1e:75:59:3e:6e:35:8c:06:52:04:63:c5:e3:42:4a:60:9f:c4: dc:6a:57:86:c8:0f:14:8a:89:f9:58:de:94:e9:5e:1b:32:a2: b0:26:b2:e4:ad:19:a6:db:3a:aa:4e:f1:c3:89:9e:dd:9d:87: 52:2f:f2:f0:9b:04:5e:d0:94:fe:87:87:1e:0e:28:74:54:31: 0c:54:aa:fe:5e:0b:66:32:fc:39:83:0d:30:0d:04:24:34:90: 19:fb:ec:7d:f7:8d:72:8f:44:14:41:a8:5d:2e:ca:a1:c5:92: ec:8c:37:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG6dITBjl49UCpKElj59cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVk MTZkYjMwHhcNMjUxMjA2MTAwMTA3WhcNMjUxMjA3MTAwMTA3WjAzMTEwLwYDVQQD Eyg0ZWE4ZjU3ZDZkNWQ3MmZhMzhiYjhkM2RhN2UxZGYzOWFiMDliYzBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXYRxZJbCDBAFcM0ogiZuz2aoUT3 mEG5Ug+cAKccDtDYhSQmA82do2yFr6wuOWFsBIVra67J0ITQniULrJpspQXrTlpk QGlln3UC1APlLwpHBndPdfLeqsOifL1lMVXvzAhVvXDJEEDRIfpXa7oFa/BmGyua FfcV2wdWF61j21dgaKV8FOYy4rUUgnKZ6HAqiIpePfzfouP4sn6/Efb3GDkyfHXh 0f4ITiCuRxu3GaZo4MSY96Sfkn3GJ+Ru4btAcmIlVC46P+zADeqzDsM69ANyzyCz f8vxukxvgYlGJSWrmBtUOsInDBC5NDeoAYPL/s7oq0xWT4edbACAVMyO1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE6o9X1tXXL6OLuNPafh3zmrCbwPMB8GA1UdIwQY MBaAFA9nH+w48AxALzBm8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTIt OTc3MzA1YzcwMDUxLzEvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUx LzEvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyS992E8 ewxByc1mJGkCq5dvnMiZvjCyli9rZB0LA+cGHPF1VGQEGoPh9HXvK1fJZGqYnS5P LW+0OanZ0FK4o+CaL+odt8PFMQDO1gx+ar31ABkk8okVETSIBWrUInpbccedsoLz 2ZZ7qEP6O1kVz+LESF1KHTY6YewNeFR9CZtov40Rh4ro6wXKLu9HIsZhHnVZPm41 jAZSBGPF40JKYJ/E3GpXhsgPFIqJ+VjelOleGzKisCay5K0Zpts6qk7xw4me3Z2H Ui/y8JsEXtCU/oeHHg4odFQxDFSq/l4LZjL8OYMNMA0EJDSQGfvsffeNco9EFEGo XS7KocWS7Iw3KA== -----END CERTIFICATE-----Generated at Sat Dec 6 16:53:44 2025 by rpki-client