This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft File: dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json) Hash identifier: D4rJblOcp5C1FcR2igWlHzswsyHkigk9n5hC3fqJbfM= Subject key identifier: EE:A1:1B:A0:3E:54:45:1B:E3:E8:67:B2:89:DF:2E:1B:88:21:F6:42 Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16 Certificate issuer: /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316 Certificate serial: 019AF12DFA69624576347584FE171E0039CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 01:01:53 +0000 Manifest this update: Sat 06 Dec 2025 01:01:53 +0000 Manifest next update: Sun 07 Dec 2025 01:01:53 +0000 Files and hashes: 1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: oGRni/vHJvzAwsJcCD0MMg7ZV4WCK6iz5ulhex5dh0Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:fa:69:62:45:76:34:75:84:fe:17:1e:00:39:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316 Validity Not Before: Dec 6 01:01:53 2025 GMT Not After : Dec 7 01:01:53 2025 GMT Subject: CN=eea11ba03e54451be3e867b289df2e1b8821f642 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:fc:b1:75:13:c2:21:b6:33:d7:86:44:c3:5a: 1a:b1:61:76:cf:d9:4d:26:93:ac:7c:02:ff:bc:6d: 19:3b:5a:36:6a:0e:87:2f:0f:ef:d1:5b:bc:fc:0d: 3b:f9:44:91:a4:81:13:25:4e:ee:ac:70:54:fe:90: 2a:88:6c:ad:8f:62:cc:e8:2d:fd:4d:b7:84:bd:fa: 51:15:3e:a1:c1:c0:82:95:37:b8:3a:2d:8b:9f:21: bd:94:48:71:dc:b5:72:c7:7f:ad:c8:b3:09:79:30: 7f:8e:69:24:af:bd:97:fc:04:20:61:af:d3:b3:bc: b9:61:31:a7:79:fc:07:43:e8:d0:c1:60:42:e9:1b: 18:fa:48:54:e4:f3:91:69:55:c4:28:76:3c:70:ef: e7:35:68:88:94:a2:dc:22:46:77:17:35:28:da:bf: 4a:48:88:87:7a:32:5c:bf:67:9f:be:6f:89:50:30: 32:d1:82:f4:dc:57:57:47:d5:93:61:a1:01:9f:d2: 66:04:36:b9:22:51:92:d4:1f:ef:ee:86:40:a4:3e: d1:03:2e:47:bf:f6:1d:41:10:b9:00:a8:cb:83:55: ec:67:1a:54:ce:e6:6d:1a:18:21:97:8b:21:c0:61: 93:95:16:18:b0:46:2b:7c:24:99:75:9c:0d:8d:32: 01:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:A1:1B:A0:3E:54:45:1B:E3:E8:67:B2:89:DF:2E:1B:88:21:F6:42 X509v3 Authority Key Identifier: keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:6d:9e:70:cf:d5:3a:ca:c5:d9:05:48:9d:b0:62:76:38:29: 10:f0:e1:b7:92:cb:25:4c:7a:9e:87:6e:e3:99:65:7f:a6:01: 88:a9:a4:a9:da:8b:ca:cd:da:9c:1b:41:55:b5:c1:77:f9:eb: d5:f6:9d:f2:6d:62:cf:75:1b:94:8d:87:48:6e:31:c2:e4:f8: 74:b2:af:88:d6:c3:1a:9e:c7:17:4b:84:83:e6:90:e9:63:45: b7:77:fc:02:85:c3:07:01:8f:2f:a5:dc:e8:90:66:76:21:b7: 3a:e2:0c:aa:50:58:01:20:d7:ff:99:41:ae:dd:dc:12:fc:ec: 8e:96:bd:6e:65:49:1a:ba:a5:36:d4:78:03:14:5f:b4:4c:31: 4d:f1:e0:15:04:ad:09:f2:df:19:98:ce:97:88:f0:ea:b2:67: 0e:8b:b0:45:c1:88:fe:e1:36:e2:f1:91:e1:1e:8e:61:c2:0a: 26:3d:0c:73:e2:2d:6d:ab:7e:72:67:62:65:70:ba:66:38:b8: 62:8b:e2:c9:8f:c1:d5:75:cb:58:2c:9c:ec:49:6e:41:c2:43: c7:b3:49:3b:bd:e3:f4:33:af:cf:aa:1a:73:ff:65:3f:78:69: 6b:f7:bc:90:5e:9b:f8:be:a3:76:d8:96:a0:e2:80:63:a2:b7: dc:61:30:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLfppYkV2NHWE/hceADnNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy YzczMTYwHhcNMjUxMjA2MDEwMTUzWhcNMjUxMjA3MDEwMTUzWjAzMTEwLwYDVQQD EyhlZWExMWJhMDNlNTQ0NTFiZTNlODY3YjI4OWRmMmUxYjg4MjFmNjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/yxdRPCIbYz14ZEw1oasWF2z9lN JpOsfAL/vG0ZO1o2ag6HLw/v0Vu8/A07+USRpIETJU7urHBU/pAqiGytj2LM6C39 TbeEvfpRFT6hwcCClTe4Oi2LnyG9lEhx3LVyx3+tyLMJeTB/jmkkr72X/AQgYa/T s7y5YTGnefwHQ+jQwWBC6RsY+khU5PORaVXEKHY8cO/nNWiIlKLcIkZ3FzUo2r9K SIiHejJcv2efvm+JUDAy0YL03FdXR9WTYaEBn9JmBDa5IlGS1B/v7oZApD7RAy5H v/YdQRC5AKjLg1XsZxpUzuZtGhghl4shwGGTlRYYsEYrfCSZdZwNjTIBZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO6hG6A+VEUb4+hnsonfLhuIIfZCMB8GA1UdIwQY MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5 LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQG2ecM/V OsrF2QVInbBidjgpEPDht5LLJUx6nodu45llf6YBiKmkqdqLys3anBtBVbXBd/nr 1fad8m1iz3UblI2HSG4xwuT4dLKviNbDGp7HF0uEg+aQ6WNFt3f8AoXDBwGPL6Xc 6JBmdiG3OuIMqlBYASDX/5lBrt3cEvzsjpa9bmVJGrqlNtR4AxRftEwxTfHgFQSt CfLfGZjOl4jw6rJnDouwRcGI/uE24vGR4R6OYcIKJj0Mc+Itbat+cmdiZXC6Zji4 YoviyY/B1XXLWCyc7EluQcJDx7NJO73j9DOvz6oac/9lP3hpa/e8kF6b+L6jdtiW oOKAY6K33GEwUA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:25:10 2025 by rpki-client