This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft File: DoMf1wxr03oqddeg6sAxyS2o4YU.mft (raw, json) Hash identifier: qtHAhxY065kcIG5YLk+bWfcSPIEbNdA7kv81scQ7Sc0= Subject key identifier: 4E:7F:9E:B7:DE:AE:F1:F5:5D:97:81:6A:07:66:D6:47:C0:FB:5E:6D Authority key identifier: 0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85 Certificate issuer: /CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185 Certificate serial: 019AF509DD2EDC35E6E906543B0CC29D9F00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft Manifest number: 13E5 Signing time: Sat 06 Dec 2025 19:00:55 +0000 Manifest this update: Sat 06 Dec 2025 19:00:55 +0000 Manifest next update: Sun 07 Dec 2025 19:00:55 +0000 Files and hashes: 1: AbAz97rI6RXbeaGg0ju1UGvv4xM.roa (hash: 6SJubAUNhK59Bg5EEa587Nx4giyrDXi2DFXXzhtFznQ=) 2: DoMf1wxr03oqddeg6sAxyS2o4YU.crl (hash: hQIZA/ttGMOErlIMm8M/0SklkUX9hCbe9ztMCxCikFQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:dd:2e:dc:35:e6:e9:06:54:3b:0c:c2:9d:9f:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185 Validity Not Before: Dec 6 19:00:55 2025 GMT Not After : Dec 7 19:00:55 2025 GMT Subject: CN=4e7f9eb7deaef1f55d97816a0766d647c0fb5e6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ad:2b:cc:92:c8:2a:39:a6:be:f1:dc:26:68: 10:83:5f:cb:93:cf:a2:8b:b9:21:59:fe:75:46:91: 7c:69:f0:07:49:83:80:18:a2:91:54:e9:86:47:be: a0:b5:c5:75:7f:5d:9b:8f:b0:9b:f3:a0:a8:2a:bc: b9:69:a0:68:ba:40:43:41:4e:2c:bf:cd:5d:c5:2d: 3c:bc:27:b6:5f:ac:8d:59:0d:cd:5d:98:d4:14:d8: 8c:23:a3:f7:b0:51:e0:30:17:a2:cb:20:6b:0f:0c: 57:31:14:f1:73:fd:83:bf:93:2d:27:23:e5:54:36: 20:3c:4d:bf:0f:e8:10:3e:fd:21:d6:96:b7:0b:12: 27:59:52:97:85:65:d2:74:1b:80:5c:80:99:9e:2f: 3c:6a:61:67:8e:bc:07:f3:ef:6e:d6:38:ae:32:90: 16:49:a6:17:64:6a:a2:3f:49:3f:3f:04:ad:05:c6: fd:37:f2:e6:bc:92:78:d8:6e:36:3d:35:7d:94:25: df:34:e3:0d:d6:76:5d:9f:28:cc:5d:3d:23:e2:90: 76:2a:93:2e:65:e9:38:7e:fa:6c:8b:a4:f4:d0:31: 76:f2:10:f1:a9:7f:47:c5:a2:ce:2f:8f:08:73:8c: 58:35:49:86:76:e4:b4:90:a3:79:6c:61:99:9e:ec: 2a:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:7F:9E:B7:DE:AE:F1:F5:5D:97:81:6A:07:66:D6:47:C0:FB:5E:6D X509v3 Authority Key Identifier: keyid:0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:73:dc:d0:f6:f5:de:08:cf:23:4c:6e:94:20:c6:ca:bd:24: 37:2a:b5:4b:12:c3:8c:ff:bf:91:1c:b6:96:20:ed:7e:e2:89: 08:08:2b:4f:d1:a9:93:b6:51:03:04:db:50:03:a6:6b:25:62: 36:34:a3:d9:d4:21:88:68:42:53:70:94:57:83:2b:a3:79:bf: 75:03:d2:2a:b1:95:2e:43:da:4c:61:dd:e9:e0:ef:8c:5a:03: 76:33:17:4f:90:1a:45:05:ea:70:9c:b9:7f:03:e6:8c:63:bc: 27:de:38:ed:1d:61:04:57:c2:fe:93:6a:86:1d:c4:93:05:4f: 93:19:4e:ac:ce:2f:dc:c1:06:c1:47:27:80:9b:58:1a:f4:78: 98:8e:e7:83:01:fe:fa:e5:7c:61:9c:56:8b:14:e4:30:be:1f: 7f:e8:a4:f4:7d:43:18:2e:a2:90:8d:82:62:78:0d:3b:25:10: 0d:17:c9:1d:40:34:10:fe:8e:bd:16:e8:09:82:5b:f7:8e:22: f7:f7:81:20:4e:64:49:08:92:53:87:d0:c5:a4:18:f1:cf:37: 8b:c1:fa:26:9f:f2:2f:75:d5:a3:33:bb:cf:22:fa:74:8c:0e: b4:04:16:59:bf:c0:7a:ce:54:d4:ac:53:a5:cb:4b:70:92:56: 06:2c:38:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cd0u3DXm6QZUOwzCnZ8AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlODMxZmQ3MGM2YmQzN2EyYTc1ZDdhMGVhYzAzMWM5MmRh OGUxODUwHhcNMjUxMjA2MTkwMDU1WhcNMjUxMjA3MTkwMDU1WjAzMTEwLwYDVQQD Eyg0ZTdmOWViN2RlYWVmMWY1NWQ5NzgxNmEwNzY2ZDY0N2MwZmI1ZTZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva0rzJLIKjmmvvHcJmgQg1/Lk8+i i7khWf51RpF8afAHSYOAGKKRVOmGR76gtcV1f12bj7Cb86CoKry5aaBoukBDQU4s v81dxS08vCe2X6yNWQ3NXZjUFNiMI6P3sFHgMBeiyyBrDwxXMRTxc/2Dv5MtJyPl VDYgPE2/D+gQPv0h1pa3CxInWVKXhWXSdBuAXICZni88amFnjrwH8+9u1jiuMpAW SaYXZGqiP0k/PwStBcb9N/LmvJJ42G42PTV9lCXfNOMN1nZdnyjMXT0j4pB2KpMu Zek4fvpsi6T00DF28hDxqX9HxaLOL48Ic4xYNUmGduS0kKN5bGGZnuwqlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE5/nrfervH1XZeBagdm1kfA+15tMB8GA1UdIwQY MBaAFA6DH9cMa9N6KnXXoOrAMcktqOGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEt ZTY3NTgyZjIzMDk3LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEtZTY3NTgyZjIzMDk3 LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAHPc0Pb1 3gjPI0xulCDGyr0kNyq1SxLDjP+/kRy2liDtfuKJCAgrT9Gpk7ZRAwTbUAOmayVi NjSj2dQhiGhCU3CUV4Mro3m/dQPSKrGVLkPaTGHd6eDvjFoDdjMXT5AaRQXqcJy5 fwPmjGO8J9447R1hBFfC/pNqhh3EkwVPkxlOrM4v3MEGwUcngJtYGvR4mI7ngwH+ +uV8YZxWixTkML4ff+ik9H1DGC6ikI2CYngNOyUQDRfJHUA0EP6OvRboCYJb944i 9/eBIE5kSQiSU4fQxaQY8c83i8H6Jp/yL3XVozO7zyL6dIwOtAQWWb/Aes5U1KxT pctLcJJWBiw4Rw== -----END CERTIFICATE-----Generated at Sun Dec 7 02:58:52 2025 by rpki-client