This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft File: DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json) Hash identifier: FJ0RLrr7QkvqqQupWWbAK0R1dyiSqoAoPQmfDBEfwXA= Subject key identifier: 05:D6:69:C1:9F:5E:4F:49:1B:7A:EA:05:C8:39:C2:59:C4:E6:30:A2 Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B Certificate issuer: /CN=0f041e208682455a67942ce2a64858ca07047e8b Certificate serial: 019B2C66AB8B086573DEC624793658168D86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft Manifest number: 177E Signing time: Wed 17 Dec 2025 13:01:24 +0000 Manifest this update: Wed 17 Dec 2025 13:01:24 +0000 Manifest next update: Thu 18 Dec 2025 13:01:24 +0000 Files and hashes: 1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: MOTlnchDwDQe+G/z/o9LvqEGeZ6XMlA1BIyw13Njz/0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:66:ab:8b:08:65:73:de:c6:24:79:36:58:16:8d:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b Validity Not Before: Dec 17 13:01:24 2025 GMT Not After : Dec 18 13:01:24 2025 GMT Subject: CN=05d669c19f5e4f491b7aea05c839c259c4e630a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:34:cd:33:7a:40:93:28:99:6d:c4:88:6c:32: 53:fa:63:95:60:24:63:90:59:35:d7:b3:94:dd:7f: 05:15:ec:5d:5a:d7:7f:a3:2e:b1:83:82:d6:db:70: f4:4d:68:dc:ae:1b:0b:04:39:49:f0:73:2d:4c:51: 4a:e5:ed:28:89:b3:bb:30:fb:4e:1f:7c:11:21:8a: 94:0d:c2:a2:75:54:b7:4c:a2:d0:c7:04:b4:c2:71: 07:eb:38:c8:14:f6:45:dd:46:5a:ad:33:c7:be:ac: d0:3a:aa:0e:89:b1:82:94:33:77:e8:b7:f0:24:0b: ee:35:02:61:e9:7a:31:da:64:72:40:c0:44:9c:aa: b6:39:50:59:b3:cb:ae:42:56:fd:f7:f4:ab:20:df: 10:4e:bc:2b:65:ce:94:85:63:ca:18:3d:75:3c:87: 71:25:13:5b:4f:1d:7b:8a:3c:c0:ec:99:a3:d9:c6: 86:00:ee:a0:c0:7a:6c:de:a4:2e:aa:78:35:75:29: 7a:5b:db:f0:62:3c:84:3f:42:0a:ac:a9:7c:51:51: 8c:1b:63:61:c4:a3:57:58:af:47:91:cb:24:f8:f9: 44:b9:1d:c8:72:89:e0:fc:f8:44:12:dd:31:ae:2f: ee:26:a5:1f:3d:e3:af:f5:9f:37:cb:04:25:0b:ce: 14:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:D6:69:C1:9F:5E:4F:49:1B:7A:EA:05:C8:39:C2:59:C4:E6:30:A2 X509v3 Authority Key Identifier: keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:df:93:b1:bd:cf:6e:74:46:c2:d5:ad:a0:83:8a:cc:c6:df: 41:35:18:ca:45:17:7b:ae:78:fd:05:52:0c:75:d6:62:3c:25: 08:cf:5e:77:39:16:7f:c7:f3:c8:ce:f6:cd:80:ff:d7:8d:da: 06:18:ff:dd:4d:e5:a2:a0:cf:ec:a2:c9:17:9f:93:61:0b:8c: 44:c2:d5:e6:24:cd:e4:fd:49:8b:df:c0:d6:26:f7:ae:73:48: 3c:f4:03:d7:ca:bb:56:22:52:e5:ba:b7:f9:7e:82:fc:58:b0: 74:1e:52:45:0f:a7:a7:75:2e:a3:25:8f:bd:16:11:91:fb:90: fa:c9:c3:68:21:a2:7e:22:2d:17:c1:03:a5:41:9d:af:8f:8c: ec:c0:f6:0a:9d:4e:76:c6:66:82:e8:e7:c6:0f:0a:d1:51:37: dd:31:c2:8a:07:61:29:9c:a0:2e:7b:4d:7a:24:7b:4b:09:cd: 9a:df:6a:d3:d8:4d:a9:97:31:3a:3a:2e:27:51:f0:87:aa:15: 98:5b:10:e2:87:e3:9c:28:e5:02:71:3b:7a:bf:8e:ff:12:8a: 78:f1:8e:51:9a:cc:2e:22:98:fb:ed:0b:a9:15:a6:a7:21:bc: 0c:39:1f:f0:9a:f2:fe:ed:a6:c5:d1:b1:5a:81:2f:3b:c5:57: eb:a6:58:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZssZquLCGVz3sYkeTZYFo2GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw NDdlOGIwHhcNMjUxMjE3MTMwMTI0WhcNMjUxMjE4MTMwMTI0WjAzMTEwLwYDVQQD EygwNWQ2NjljMTlmNWU0ZjQ5MWI3YWVhMDVjODM5YzI1OWM0ZTYzMGEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTTNM3pAkyiZbcSIbDJT+mOVYCRj kFk117OU3X8FFexdWtd/oy6xg4LW23D0TWjcrhsLBDlJ8HMtTFFK5e0oibO7MPtO H3wRIYqUDcKidVS3TKLQxwS0wnEH6zjIFPZF3UZarTPHvqzQOqoOibGClDN36Lfw JAvuNQJh6Xox2mRyQMBEnKq2OVBZs8uuQlb99/SrIN8QTrwrZc6UhWPKGD11PIdx JRNbTx17ijzA7Jmj2caGAO6gwHps3qQuqng1dSl6W9vwYjyEP0IKrKl8UVGMG2Nh xKNXWK9Hkcsk+PlEuR3Icong/PhEEt0xri/uJqUfPeOv9Z83ywQlC84UCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAXWacGfXk9JG3rqBcg5wlnE5jCiMB8GA1UdIwQY MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABN+Tsb3P bnRGwtWtoIOKzMbfQTUYykUXe654/QVSDHXWYjwlCM9edzkWf8fzyM72zYD/143a Bhj/3U3loqDP7KLJF5+TYQuMRMLV5iTN5P1Ji9/A1ib3rnNIPPQD18q7ViJS5bq3 +X6C/FiwdB5SRQ+np3UuoyWPvRYRkfuQ+snDaCGifiItF8EDpUGdr4+M7MD2Cp1O dsZmgujnxg8K0VE33THCigdhKZygLntNeiR7SwnNmt9q09hNqZcxOjouJ1Hwh6oV mFsQ4ofjnCjlAnE7er+O/xKKePGOUZrMLiKY++0LqRWmpyG8DDkf8Jry/u2mxdGx WoEvO8VX66ZYyg== -----END CERTIFICATE-----Generated at Wed Dec 17 18:10:10 2025 by rpki-client