This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft File: dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft (raw, json) Hash identifier: S3ExZxiBKbp1t8ZJ+nx0y5ZE8A3xNzpo2KqtBXUSAUE= Subject key identifier: A5:76:7C:11:8E:9B:27:57:75:6D:E7:83:02:A8:38:85:F0:D7:A4:BE Authority key identifier: 74:B9:75:89:8D:10:F1:A5:05:21:33:E1:E2:50:36:C6:11:4D:88:76 Certificate issuer: /CN=74b975898d10f1a5052133e1e25036c6114d8876 Certificate serial: 019B4249B13887B1957351C0E03EAA1111B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLl1iY0Q8aUFITPh4lA2xhFNiHY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft Manifest number: 1425 Signing time: Sun 21 Dec 2025 19:01:24 +0000 Manifest this update: Sun 21 Dec 2025 19:01:24 +0000 Manifest next update: Mon 22 Dec 2025 19:01:24 +0000 Files and hashes: 1: dLl1iY0Q8aUFITPh4lA2xhFNiHY.crl (hash: Ky5HU5/3zee3uoxg3ZMvHC8isCBymdJTMpiP/BoNDfY=) 2: z_2rtoFCvPkDkADqibZPjoJmwkw.roa (hash: q/SzHtsnHuDBpVkpEWhHESnMoXOnwPbEJuDNiDhbwHs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.crl rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft rsync://rpki.ripe.net/repository/DEFAULT/dLl1iY0Q8aUFITPh4lA2xhFNiHY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:49:b1:38:87:b1:95:73:51:c0:e0:3e:aa:11:11:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74b975898d10f1a5052133e1e25036c6114d8876 Validity Not Before: Dec 21 19:01:24 2025 GMT Not After : Dec 22 19:01:24 2025 GMT Subject: CN=a5767c118e9b2757756de78302a83885f0d7a4be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:8d:82:6f:e9:d3:e6:d6:5f:f3:6d:68:09:c8: 39:a5:cf:e2:49:6a:49:a9:6e:82:57:95:b0:d5:8a: c6:a5:71:d7:3f:e2:cd:be:ba:d6:32:37:f8:5a:31: 83:1b:da:d4:67:b9:bb:f7:80:56:60:64:ab:83:7a: e2:db:d3:74:96:c8:13:b9:72:1b:be:2f:00:1d:b7: 6b:88:01:94:30:8c:1a:04:6c:9e:1e:73:30:62:24: aa:d4:2b:56:8c:3f:e6:99:cb:38:6a:a0:22:55:4c: 86:df:c7:5c:b8:c7:d3:5c:81:f2:70:f9:46:7f:81: 45:5f:3c:ff:a1:bd:71:75:37:0f:78:ec:21:44:f0: 4b:2d:c3:26:f0:fe:6a:b2:17:a1:05:3e:14:96:2d: f5:9d:de:e6:fb:f4:ff:a7:16:34:88:3a:65:49:a1: 1a:e8:7c:5b:86:6f:23:aa:b2:52:7c:71:3d:48:d9: 84:a7:a4:74:b4:1c:18:67:7f:ad:f9:a2:cc:71:df: 86:03:62:aa:aa:5a:cf:7e:ca:f9:ac:40:83:6e:29: ae:75:b9:db:ec:4e:11:6d:b9:85:0e:e4:a0:bc:a2: 2b:a2:8e:80:2d:10:47:ad:18:f6:39:ae:de:2c:b8: c7:9e:61:c8:c2:9c:8b:c7:a3:aa:be:c4:0e:15:1e: f6:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:76:7C:11:8E:9B:27:57:75:6D:E7:83:02:A8:38:85:F0:D7:A4:BE X509v3 Authority Key Identifier: keyid:74:B9:75:89:8D:10:F1:A5:05:21:33:E1:E2:50:36:C6:11:4D:88:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLl1iY0Q8aUFITPh4lA2xhFNiHY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:40:c3:9f:d3:a1:50:2c:e3:ba:09:c3:a1:af:9c:c3:95:b6: 3b:f2:e9:cc:29:75:9a:68:4c:2f:34:66:68:c0:51:c4:0e:78: fe:b5:7f:47:48:b8:0c:37:ed:2e:38:6e:e5:49:5c:5b:5d:43: 3e:51:3f:04:d6:9f:cd:64:b9:0a:92:41:d6:dc:52:cb:79:ec: a5:c3:c6:7d:44:c4:5c:36:1d:70:ca:ab:69:f3:e1:66:63:4b: 60:59:a6:a5:f8:d7:97:72:f4:83:7a:cd:36:e0:9e:e3:1d:1e: e1:cf:9c:84:ad:23:e4:cc:6a:c7:9c:44:24:a6:11:d3:cd:5a: d3:b2:25:e6:70:d9:3d:0c:8a:11:78:c6:13:c9:a8:58:11:04: c6:76:fe:f7:cd:49:7f:f2:64:13:e7:bc:7a:8c:8a:3d:3d:8d: ba:c6:18:97:d7:22:85:47:f2:c3:c4:1c:a9:f1:4a:42:22:e5: 4b:31:bb:e4:02:2f:8f:a5:b5:aa:d6:8f:39:f9:74:b7:76:96: 58:17:59:b0:dd:6b:9e:92:e9:01:e1:a7:73:96:3d:3a:3f:84: 0e:5b:c1:52:d0:68:7e:7c:a8:7d:a7:4e:63:16:ed:ef:13:04: 85:a4:88:d4:50:f8:23:f7:ca:cb:f6:ad:ae:c7:d9:e6:21:11: db:dd:23:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSbE4h7GVc1HA4D6qERGxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0Yjk3NTg5OGQxMGYxYTUwNTIxMzNlMWUyNTAzNmM2MTE0 ZDg4NzYwHhcNMjUxMjIxMTkwMTI0WhcNMjUxMjIyMTkwMTI0WjAzMTEwLwYDVQQD EyhhNTc2N2MxMThlOWIyNzU3NzU2ZGU3ODMwMmE4Mzg4NWYwZDdhNGJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo2Cb+nT5tZf821oCcg5pc/iSWpJ qW6CV5Ww1YrGpXHXP+LNvrrWMjf4WjGDG9rUZ7m794BWYGSrg3ri29N0lsgTuXIb vi8AHbdriAGUMIwaBGyeHnMwYiSq1CtWjD/mmcs4aqAiVUyG38dcuMfTXIHycPlG f4FFXzz/ob1xdTcPeOwhRPBLLcMm8P5qshehBT4Uli31nd7m+/T/pxY0iDplSaEa 6Hxbhm8jqrJSfHE9SNmEp6R0tBwYZ3+t+aLMcd+GA2KqqlrPfsr5rECDbimudbnb 7E4RbbmFDuSgvKIroo6ALRBHrRj2Oa7eLLjHnmHIwpyLx6OqvsQOFR72swIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKV2fBGOmydXdW3ngwKoOIXw16S+MB8GA1UdIwQY MBaAFHS5dYmNEPGlBSEz4eJQNsYRTYh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZExsMWlZMFE4YVVGSVRQaDRsQTJ4aEZOaUhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZGNkMGUtZjMxOS00NDAzLWIxNjQt YjdjODcyZGQ5Njc1LzEvZExsMWlZMFE4YVVGSVRQaDRsQTJ4aEZOaUhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC85ZGNkMGUtZjMxOS00NDAzLWIxNjQtYjdjODcyZGQ5Njc1 LzEvZExsMWlZMFE4YVVGSVRQaDRsQTJ4aEZOaUhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbEDDn9Oh UCzjugnDoa+cw5W2O/LpzCl1mmhMLzRmaMBRxA54/rV/R0i4DDftLjhu5UlcW11D PlE/BNafzWS5CpJB1txSy3nspcPGfUTEXDYdcMqrafPhZmNLYFmmpfjXl3L0g3rN NuCe4x0e4c+chK0j5Mxqx5xEJKYR081a07Il5nDZPQyKEXjGE8moWBEExnb+981J f/JkE+e8eoyKPT2NusYYl9cihUfyw8QcqfFKQiLlSzG75AIvj6W1qtaPOfl0t3aW WBdZsN1rnpLpAeGnc5Y9Oj+EDlvBUtBofnyofadOYxbt7xMEhaSI1FD4I/fKy/at rsfZ5iER290jmQ== -----END CERTIFICATE-----Generated at Sun Dec 21 22:40:12 2025 by rpki-client