This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft File: ddl3qipMEMe0evKt2WgESH4idKk.mft (raw, json) Hash identifier: Xagw+TR3bqd+0Dj+PnTkpz3jokfWnzp/JD+me5kwWf4= Subject key identifier: 30:A2:23:07:6D:EF:2C:F1:49:16:42:B9:96:DD:A7:7F:94:E6:BE:3C Authority key identifier: 75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9 Certificate issuer: /CN=75d977aa2a4c10c7b47af2add96804487e2274a9 Certificate serial: 019AF19B330EDCB47891E05A9B809080B74B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 03:01:11 +0000 Manifest this update: Sat 06 Dec 2025 03:01:11 +0000 Manifest next update: Sun 07 Dec 2025 03:01:11 +0000 Files and hashes: 1: d1djO8IkOk-DAQF-B5CVMX1fEOA.roa (hash: ObQ/agHgncZ7LWNprlr11FO8JEBhRFid61XXKnLc8Hc=) 2: ddl3qipMEMe0evKt2WgESH4idKk.crl (hash: JCMKJJWnhPFFj4i2nF/wadRKzdvtHH9nDGI16sIyHAI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.crl rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:33:0e:dc:b4:78:91:e0:5a:9b:80:90:80:b7:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75d977aa2a4c10c7b47af2add96804487e2274a9 Validity Not Before: Dec 6 03:01:11 2025 GMT Not After : Dec 7 03:01:11 2025 GMT Subject: CN=30a223076def2cf1491642b996dda77f94e6be3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:5a:a2:68:22:18:91:72:d5:82:b3:20:63:77: db:ec:a6:93:0c:a2:fa:26:68:e4:5f:64:c5:82:e4: ab:d9:41:a4:a6:db:7b:de:e3:e9:ba:33:6a:0f:1d: af:90:04:cc:26:2c:c1:2e:d8:b0:3e:bd:10:65:77: 3f:af:1a:e2:9f:7a:5c:33:9c:f6:81:68:51:03:72: a6:72:b2:4b:fc:ec:81:da:fc:dc:72:51:fe:a2:e7: 64:91:e9:67:c6:6e:01:d6:ec:32:b8:1b:38:94:ec: 10:dd:45:41:ad:19:e2:c8:92:c7:72:51:a2:26:ed: 28:51:94:37:5c:52:81:6d:b5:03:e7:33:b3:66:27: 6d:ac:b3:89:2d:c1:ea:b5:31:5c:1d:76:74:9c:20: e3:96:f2:5e:bf:89:b1:8c:79:d9:6d:f5:f2:72:7d: 0e:69:0f:a4:d5:36:84:82:68:92:1d:6b:8a:06:d9: 08:2b:47:27:47:44:e9:e4:46:11:c4:ee:82:b8:9a: 68:ce:80:13:bc:90:43:44:8d:b2:75:e1:2e:e9:ff: 69:6d:2f:6d:dd:3b:43:2f:33:14:89:05:95:5b:af: bb:68:bb:57:b9:28:5f:02:2f:60:1d:ba:57:2e:a0: 73:04:44:c3:e5:15:eb:76:22:a6:18:ea:e5:e0:74: f0:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:A2:23:07:6D:EF:2C:F1:49:16:42:B9:96:DD:A7:7F:94:E6:BE:3C X509v3 Authority Key Identifier: keyid:75:D9:77:AA:2A:4C:10:C7:B4:7A:F2:AD:D9:68:04:48:7E:22:74:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddl3qipMEMe0evKt2WgESH4idKk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8038fe-a9de-4a2c-adc7-126df5446de9/1/ddl3qipMEMe0evKt2WgESH4idKk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:95:cb:64:35:e6:c8:79:d0:4c:02:95:4c:ed:9a:e4:2c:d3: 55:a3:a4:59:e8:e3:0d:64:5b:56:9a:03:05:b2:cb:a3:18:38: 54:39:6f:92:e9:b7:71:be:fb:e8:0b:15:af:af:f1:38:61:31: e9:2f:3d:d8:ce:31:46:5d:d3:a1:d0:48:91:de:ab:aa:c3:f6: 9a:fd:18:dc:89:ac:69:2c:4a:bc:d4:ff:75:e7:7f:49:56:1f: a4:b1:ba:f9:91:5a:dd:52:6f:81:d4:8f:3f:1e:d3:11:98:a6: fb:e4:50:fc:52:b4:93:24:c6:c2:e6:26:46:fd:c2:94:c3:ce: fa:43:21:9a:b7:a7:7b:2b:c9:91:b6:c6:c7:51:b8:05:ee:a0: 4e:89:c7:9c:4e:e3:8c:b7:85:db:27:98:40:96:e6:14:b3:94: 1c:c6:7a:95:7f:60:7d:e3:13:6e:d9:8d:88:de:21:30:78:a4: 0c:92:77:fb:17:fe:01:c5:60:36:b3:b2:a9:77:3e:42:42:e2: 6c:9d:a3:44:38:a7:f0:50:1d:d1:da:cf:64:bb:43:81:13:e2: 11:43:51:77:af:01:4b:a3:15:a7:9f:75:2f:e7:31:51:d2:5c: 58:56:8a:39:ba:b8:26:dc:f8:81:bb:6c:e9:75:82:d3:91:1f: 65:d8:5d:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmzMO3LR4keBam4CQgLdLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1ZDk3N2FhMmE0YzEwYzdiNDdhZjJhZGQ5NjgwNDQ4N2Uy Mjc0YTkwHhcNMjUxMjA2MDMwMTExWhcNMjUxMjA3MDMwMTExWjAzMTEwLwYDVQQD EygzMGEyMjMwNzZkZWYyY2YxNDkxNjQyYjk5NmRkYTc3Zjk0ZTZiZTNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VqiaCIYkXLVgrMgY3fb7KaTDKL6 JmjkX2TFguSr2UGkptt73uPpujNqDx2vkATMJizBLtiwPr0QZXc/rxrin3pcM5z2 gWhRA3KmcrJL/OyB2vzcclH+oudkkelnxm4B1uwyuBs4lOwQ3UVBrRniyJLHclGi Ju0oUZQ3XFKBbbUD5zOzZidtrLOJLcHqtTFcHXZ0nCDjlvJev4mxjHnZbfXycn0O aQ+k1TaEgmiSHWuKBtkIK0cnR0Tp5EYRxO6CuJpozoATvJBDRI2ydeEu6f9pbS9t 3TtDLzMUiQWVW6+7aLtXuShfAi9gHbpXLqBzBETD5RXrdiKmGOrl4HTwPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDCiIwdt7yzxSRZCuZbdp3+U5r48MB8GA1UdIwQY MBaAFHXZd6oqTBDHtHryrdloBEh+InSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzct MTI2ZGY1NDQ2ZGU5LzEvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC84MDM4ZmUtYTlkZS00YTJjLWFkYzctMTI2ZGY1NDQ2ZGU5 LzEvZGRsM3FpcE1FTWUwZXZLdDJXZ0VTSDRpZEtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg5XLZDXm yHnQTAKVTO2a5CzTVaOkWejjDWRbVpoDBbLLoxg4VDlvkum3cb776AsVr6/xOGEx 6S892M4xRl3TodBIkd6rqsP2mv0Y3ImsaSxKvNT/ded/SVYfpLG6+ZFa3VJvgdSP Px7TEZim++RQ/FK0kyTGwuYmRv3ClMPO+kMhmreneyvJkbbGx1G4Be6gTonHnE7j jLeF2yeYQJbmFLOUHMZ6lX9gfeMTbtmNiN4hMHikDJJ3+xf+AcVgNrOyqXc+QkLi bJ2jRDin8FAd0drPZLtDgRPiEUNRd68BS6MVp591L+cxUdJcWFaKObq4Jtz4gbts 6XWC05EfZdhdxQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:43 2025 by rpki-client