This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft File: DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json) Hash identifier: LzzVU+cjEgPBn6XgWB4eoo8wLlVwcQGUb6mtxXKrzv8= Subject key identifier: 91:8E:B7:B3:83:D5:83:68:1E:5B:E6:BF:B8:7F:5F:E4:1A:D4:A5:4A Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B Certificate issuer: /CN=0f041e208682455a67942ce2a64858ca07047e8b Certificate serial: 019AF2766E1F5B37CD9DE5D2009E8D698113 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 07:00:38 +0000 Manifest this update: Sat 06 Dec 2025 07:00:38 +0000 Manifest next update: Sun 07 Dec 2025 07:00:38 +0000 Files and hashes: 1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: E4yw38tyPQu/a7TqnvkzF+YB43RgNcvnMqBXqAT5nX4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:6e:1f:5b:37:cd:9d:e5:d2:00:9e:8d:69:81:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b Validity Not Before: Dec 6 07:00:38 2025 GMT Not After : Dec 7 07:00:38 2025 GMT Subject: CN=918eb7b383d583681e5be6bfb87f5fe41ad4a54a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:0f:20:f1:33:09:b1:a5:9d:42:ad:8d:96:fd: db:d0:90:cb:54:ca:66:d4:32:77:6e:47:ca:52:e3: 63:d4:bb:c7:36:03:2c:09:bf:70:6b:e9:1f:10:1f: e9:82:cc:99:25:5a:df:27:1b:61:ec:4b:be:7e:ee: 23:73:83:c3:97:47:fd:ff:3d:ee:fb:2b:b1:89:80: db:39:4b:f6:4b:36:54:b8:5c:3b:f6:23:46:17:1c: f7:27:12:4b:25:b8:06:e5:b9:cb:8e:ea:9b:e6:b1: c6:2b:a3:13:87:30:6a:5f:cd:e3:55:61:1c:17:4c: ce:fe:fc:4b:d6:99:fb:03:e9:4a:bf:4d:8f:49:c7: 7a:84:04:90:18:18:4a:62:69:e6:35:11:d0:83:b3: ad:be:ce:e9:12:c7:a8:ec:fe:db:55:f6:16:e5:df: 8f:44:2f:46:53:6c:ff:44:3c:4a:98:4f:de:c3:f2: 23:52:f4:94:ef:97:f3:34:eb:5d:9b:ed:7f:c2:33: 13:9b:34:91:1b:ac:3b:33:99:9b:fd:b3:fc:55:a2: 31:81:b1:d0:87:90:4e:55:d5:9c:ba:a0:d5:f7:4f: 59:5a:f8:a9:8a:72:f9:93:d2:55:07:3a:55:5e:8c: 52:5a:22:c9:80:45:a1:ff:00:92:e7:10:45:4b:a3: 6c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:8E:B7:B3:83:D5:83:68:1E:5B:E6:BF:B8:7F:5F:E4:1A:D4:A5:4A X509v3 Authority Key Identifier: keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:2d:7f:e5:2f:24:f5:03:f3:84:ee:33:c7:01:13:3a:c6:60: a5:91:35:73:e4:50:de:d2:07:bb:b5:ff:3e:f1:c5:6d:cb:15: 7c:23:7d:d1:75:fd:39:4c:ad:e2:20:67:72:86:8c:ca:89:7b: cb:8a:a5:ab:08:77:9f:9b:86:0d:84:34:64:93:ca:62:91:22: 77:af:78:8c:0b:74:56:d3:f3:21:43:00:73:19:7f:72:3f:71: 56:5a:b5:3a:b3:5e:3f:29:c1:00:9b:7e:9a:1f:3b:2a:1d:15: f0:63:71:eb:53:a2:cd:2c:11:d4:31:80:1b:98:2a:8d:20:27: a4:d7:7a:4b:2b:7a:9f:58:66:db:9a:c3:9f:eb:89:a5:db:23: 54:10:4f:5c:5a:14:d7:ad:22:4d:ce:f5:05:fa:ef:92:1f:00: 17:4f:72:ba:88:2e:aa:b9:22:93:47:c0:7d:f5:c4:48:d8:06: 34:10:35:9f:b6:a6:ac:aa:37:23:7f:0b:5e:a5:56:6b:db:c3: 38:19:99:4b:aa:0d:a2:10:c4:e8:af:f5:b5:f4:f7:ab:e6:4e: 58:b7:a4:d6:b3:e1:31:f6:11:f3:3e:b7:2b:fc:0a:16:9b:14: 4d:bb:50:0a:a2:e8:7f:c0:bb:b3:43:12:84:27:e6:4e:65:fc: 23:02:29:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydm4fWzfNneXSAJ6NaYETMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw NDdlOGIwHhcNMjUxMjA2MDcwMDM4WhcNMjUxMjA3MDcwMDM4WjAzMTEwLwYDVQQD Eyg5MThlYjdiMzgzZDU4MzY4MWU1YmU2YmZiODdmNWZlNDFhZDRhNTRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ8g8TMJsaWdQq2Nlv3b0JDLVMpm 1DJ3bkfKUuNj1LvHNgMsCb9wa+kfEB/pgsyZJVrfJxth7Eu+fu4jc4PDl0f9/z3u +yuxiYDbOUv2SzZUuFw79iNGFxz3JxJLJbgG5bnLjuqb5rHGK6MThzBqX83jVWEc F0zO/vxL1pn7A+lKv02PScd6hASQGBhKYmnmNRHQg7Otvs7pEseo7P7bVfYW5d+P RC9GU2z/RDxKmE/ew/IjUvSU75fzNOtdm+1/wjMTmzSRG6w7M5mb/bP8VaIxgbHQ h5BOVdWcuqDV909ZWvipinL5k9JVBzpVXoxSWiLJgEWh/wCS5xBFS6NsoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJGOt7OD1YNoHlvmv7h/X+Qa1KVKMB8GA1UdIwQY MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgS1/5S8k 9QPzhO4zxwETOsZgpZE1c+RQ3tIHu7X/PvHFbcsVfCN90XX9OUyt4iBncoaMyol7 y4qlqwh3n5uGDYQ0ZJPKYpEid694jAt0VtPzIUMAcxl/cj9xVlq1OrNePynBAJt+ mh87Kh0V8GNx61OizSwR1DGAG5gqjSAnpNd6Syt6n1hm25rDn+uJpdsjVBBPXFoU 160iTc71Bfrvkh8AF09yuoguqrkik0fAffXESNgGNBA1n7amrKo3I38LXqVWa9vD OBmZS6oNohDE6K/1tfT3q+ZOWLek1rPhMfYR8z63K/wKFpsUTbtQCqLof8C7s0MS hCfmTmX8IwIpLQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:45:55 2025 by rpki-client