This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/353282-53e2-46a2-8fc4-41d49a8ffc81/1/DZ40sUlHfVXvC1lipeXgDN-1hIk.mft File: DZ40sUlHfVXvC1lipeXgDN-1hIk.mft (raw, json) Hash identifier: U7z0gw+dOEw3KeCOCL6++ygzQP7ZiF/jHtayiE4m8zQ= Subject key identifier: E7:06:9A:4D:D2:43:0D:18:DC:D2:D0:AB:A5:7A:AF:A9:72:7F:D0:FE Authority key identifier: 0D:9E:34:B1:49:47:7D:55:EF:0B:59:62:A5:E5:E0:0C:DF:B5:84:89 Certificate issuer: /CN=0d9e34b149477d55ef0b5962a5e5e00cdfb58489 Certificate serial: 019AF12DC07CCB87F9C89BAFA177E4C1FB84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZ40sUlHfVXvC1lipeXgDN-1hIk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/353282-53e2-46a2-8fc4-41d49a8ffc81/1/DZ40sUlHfVXvC1lipeXgDN-1hIk.mft Manifest number: 149D Signing time: Sat 06 Dec 2025 01:01:38 +0000 Manifest this update: Sat 06 Dec 2025 01:01:38 +0000 Manifest next update: Sun 07 Dec 2025 01:01:38 +0000 Files and hashes: 1: DZ40sUlHfVXvC1lipeXgDN-1hIk.crl (hash: A/Sd6ymMgk3rua7ra6hOn4wDsLLRRRqwPmwbIzW71Kg=) 2: WGiFR-bGPm6J5ZNuq_i5kJB6Nzw.roa (hash: 74v2TFsnggZrqZFnVMwJ7ZEDqgCLlK+dkXL3Ua1EXV4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/353282-53e2-46a2-8fc4-41d49a8ffc81/1/DZ40sUlHfVXvC1lipeXgDN-1hIk.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/353282-53e2-46a2-8fc4-41d49a8ffc81/1/DZ40sUlHfVXvC1lipeXgDN-1hIk.mft rsync://rpki.ripe.net/repository/DEFAULT/DZ40sUlHfVXvC1lipeXgDN-1hIk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:c0:7c:cb:87:f9:c8:9b:af:a1:77:e4:c1:fb:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d9e34b149477d55ef0b5962a5e5e00cdfb58489 Validity Not Before: Dec 6 01:01:38 2025 GMT Not After : Dec 7 01:01:38 2025 GMT Subject: CN=e7069a4dd2430d18dcd2d0aba57aafa9727fd0fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:84:ad:d5:17:e3:cf:4a:f0:a0:c8:5f:ce:42: 3b:2c:98:41:97:89:29:db:76:0c:84:f4:f0:08:b1: a6:a7:dd:a9:fa:99:20:55:48:1e:87:d4:8c:fd:60: 7b:f1:3d:a1:28:28:67:46:82:26:b8:e9:6e:ed:07: 53:7b:70:2d:1e:1f:b0:d0:e2:89:e7:13:ad:fd:80: 7b:f6:e3:a5:6c:08:da:d4:84:0e:80:77:41:5f:67: ed:d4:26:b6:a4:65:4a:95:bd:55:82:a7:1e:30:78: b0:f8:cd:22:10:8b:ce:7e:04:28:96:67:f9:cd:22: 98:be:71:93:05:32:9a:bd:7a:54:dc:49:9c:e9:62: ed:e0:5f:bf:b2:83:c4:c1:7d:20:ed:d8:03:10:9e: ca:31:20:4e:43:c2:73:39:5d:64:72:33:6d:26:af: 0c:c8:90:e6:4a:b8:a8:b0:cf:3b:59:25:48:7e:59: 63:f6:ef:e4:33:99:76:b7:92:81:00:a2:7b:d5:7e: cd:de:e4:cd:2c:e8:7d:1a:b4:43:2f:2d:ec:8c:65: 48:b1:00:ea:ec:f1:27:6f:53:fa:13:ef:f4:d5:41: c0:ed:af:d3:5c:3b:3e:22:11:94:fd:b7:2a:d8:9a: b3:9a:a4:8f:22:21:27:4b:76:81:db:20:78:bf:fb: f7:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:06:9A:4D:D2:43:0D:18:DC:D2:D0:AB:A5:7A:AF:A9:72:7F:D0:FE X509v3 Authority Key Identifier: keyid:0D:9E:34:B1:49:47:7D:55:EF:0B:59:62:A5:E5:E0:0C:DF:B5:84:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZ40sUlHfVXvC1lipeXgDN-1hIk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/353282-53e2-46a2-8fc4-41d49a8ffc81/1/DZ40sUlHfVXvC1lipeXgDN-1hIk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/353282-53e2-46a2-8fc4-41d49a8ffc81/1/DZ40sUlHfVXvC1lipeXgDN-1hIk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:49:7e:0e:5d:9b:50:b2:e5:83:92:8f:ba:5f:86:85:7e:4b: 81:b0:a5:5d:99:24:56:76:10:57:37:16:ed:72:52:53:b1:1e: 6e:f5:cc:71:31:bf:eb:f4:ff:48:6e:8c:fb:ad:34:d4:27:87: a1:5e:45:4e:16:25:c2:51:1c:7d:6a:2a:22:16:16:22:90:36: 10:ae:c0:d9:35:74:1f:0c:f4:cd:72:f7:27:dc:cb:1f:cb:71: d9:56:b0:08:37:e9:73:98:84:c4:90:98:92:ec:61:12:d9:3e: e2:5c:77:54:5b:da:7e:81:a6:dd:f0:5d:3f:29:f7:67:dd:96: ed:ec:86:f6:10:ef:1c:d5:e0:78:4d:04:54:41:1e:99:66:cf: d0:33:1f:9e:6f:7b:fc:7a:87:84:77:47:a0:2e:a9:fc:d8:91: bb:36:8e:76:15:0d:89:d4:4a:11:35:9f:88:ee:9c:9a:2f:b9: 3c:02:dc:8f:c0:d1:ea:5d:e0:ba:c0:23:59:ad:1d:85:4d:3c: de:2c:89:6e:3d:62:8a:7c:78:e3:38:ec:64:23:04:10:2c:b2: eb:ca:ea:98:b2:5f:59:b3:17:57:96:c7:27:88:ad:53:e6:3a: f1:ea:e2:bc:67:e0:03:db:c7:0e:45:9b:58:29:7d:46:b6:29: af:c0:58:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLcB8y4f5yJuvoXfkwfuEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkOWUzNGIxNDk0NzdkNTVlZjBiNTk2MmE1ZTVlMDBjZGZi NTg0ODkwHhcNMjUxMjA2MDEwMTM4WhcNMjUxMjA3MDEwMTM4WjAzMTEwLwYDVQQD EyhlNzA2OWE0ZGQyNDMwZDE4ZGNkMmQwYWJhNTdhYWZhOTcyN2ZkMGZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoSt1Rfjz0rwoMhfzkI7LJhBl4kp 23YMhPTwCLGmp92p+pkgVUgeh9SM/WB78T2hKChnRoImuOlu7QdTe3AtHh+w0OKJ 5xOt/YB79uOlbAja1IQOgHdBX2ft1Ca2pGVKlb1VgqceMHiw+M0iEIvOfgQolmf5 zSKYvnGTBTKavXpU3Emc6WLt4F+/soPEwX0g7dgDEJ7KMSBOQ8JzOV1kcjNtJq8M yJDmSriosM87WSVIfllj9u/kM5l2t5KBAKJ71X7N3uTNLOh9GrRDLy3sjGVIsQDq 7PEnb1P6E+/01UHA7a/TXDs+IhGU/bcq2JqzmqSPIiEnS3aB2yB4v/v3GQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOcGmk3SQw0Y3NLQq6V6r6lyf9D+MB8GA1UdIwQY MBaAFA2eNLFJR31V7wtZYqXl4AzftYSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFo0MHNVbEhmVlh2QzFsaXBlWGdETi0xaElrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTMyODItNTNlMi00NmEyLThmYzQt NDFkNDlhOGZmYzgxLzEvRFo0MHNVbEhmVlh2QzFsaXBlWGdETi0xaElrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi8zNTMyODItNTNlMi00NmEyLThmYzQtNDFkNDlhOGZmYzgx LzEvRFo0MHNVbEhmVlh2QzFsaXBlWGdETi0xaElrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEl+Dl2b ULLlg5KPul+GhX5LgbClXZkkVnYQVzcW7XJSU7EebvXMcTG/6/T/SG6M+6001CeH oV5FThYlwlEcfWoqIhYWIpA2EK7A2TV0Hwz0zXL3J9zLH8tx2VawCDfpc5iExJCY kuxhEtk+4lx3VFvafoGm3fBdPyn3Z92W7eyG9hDvHNXgeE0EVEEemWbP0DMfnm97 /HqHhHdHoC6p/NiRuzaOdhUNidRKETWfiO6cmi+5PALcj8DR6l3gusAjWa0dhU08 3iyJbj1iinx44zjsZCMEECyy68rqmLJfWbMXV5bHJ4itU+Y68erivGfgA9vHDkWb WCl9RrYpr8BYpQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:59:57 2025 by rpki-client