This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft File: D4jGhrHhIvzcFlwCN6D149mQvwE.mft (raw, json) Hash identifier: lshfm1eoIqi76uJ/3ZG+ID47ECL8EF7YQL8EZVtDXlQ= Subject key identifier: E8:7C:A7:02:A1:D3:68:98:F1:74:FA:6C:AF:1A:F0:7F:A3:01:56:AF Authority key identifier: 0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01 Certificate issuer: /CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01 Certificate serial: 019AF12CFBE63F002758B81A93ACEF5C56D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft Manifest number: 0D0E Signing time: Sat 06 Dec 2025 01:00:48 +0000 Manifest this update: Sat 06 Dec 2025 01:00:48 +0000 Manifest next update: Sun 07 Dec 2025 01:00:48 +0000 Files and hashes: 1: D4jGhrHhIvzcFlwCN6D149mQvwE.crl (hash: DlnBTzIinzgt0JXeDV+mJi/wDlQKWRk6tTJacf+O7UQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:fb:e6:3f:00:27:58:b8:1a:93:ac:ef:5c:56:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01 Validity Not Before: Dec 6 01:00:48 2025 GMT Not After : Dec 7 01:00:48 2025 GMT Subject: CN=e87ca702a1d36898f174fa6caf1af07fa30156af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:b9:c2:0d:4d:30:99:4f:4f:01:8a:f6:a1:83: 5b:52:60:84:8d:c1:96:6c:90:08:0c:fc:51:41:d6: d7:ae:ec:44:9a:de:90:c4:82:7e:85:a8:a6:8a:e4: 7e:87:b2:38:18:fa:b8:74:6d:12:54:e9:ea:5a:83: eb:68:f8:f2:d4:41:ca:dc:b8:8b:bb:9f:71:7e:cf: 99:c6:64:81:95:2a:41:66:8c:98:65:1d:7c:9a:8f: ac:10:6f:fa:c8:f1:c3:73:81:4d:06:e5:5c:0a:a3: 09:9d:ab:f0:21:32:c0:18:1e:e3:70:81:26:70:c6: d7:44:ca:c8:8e:3b:83:50:78:b6:35:1d:9e:a0:4f: 7e:fc:57:a8:dc:9d:a3:ca:9b:df:8b:b9:97:a8:c0: 50:0c:11:b7:93:bd:64:3e:73:77:e3:d4:32:61:09: ef:89:d4:ed:b8:f2:ae:1b:98:ce:ad:73:13:e7:a4: 35:c4:02:e5:37:a0:95:81:f8:1a:c6:36:0a:eb:9b: 24:0c:26:7d:63:d6:f2:ff:0b:d7:e3:a0:3a:ec:94: 07:d2:c6:6d:c5:9d:0d:1f:4b:b1:80:ba:8b:49:e3: 8e:0c:d8:4d:db:28:c1:62:85:98:2e:e9:0a:f1:92: 63:25:8b:b5:fa:0a:43:4d:a8:11:c9:58:e2:44:80: d1:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:7C:A7:02:A1:D3:68:98:F1:74:FA:6C:AF:1A:F0:7F:A3:01:56:AF X509v3 Authority Key Identifier: keyid:0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:88:97:f0:74:29:39:65:5c:e9:45:1f:b1:16:ce:d7:bd:df: 91:f5:b7:00:da:08:bd:9b:bb:a2:cd:aa:24:74:76:5d:7a:b8: 21:e6:fd:21:bb:d2:52:2d:7f:4b:d6:52:7e:d6:e7:cd:a9:cf: 5d:1a:5a:35:e0:ec:d0:6f:7b:14:da:fc:93:c0:2d:10:a5:9d: d3:c4:db:3c:25:33:a9:fa:76:6e:0c:69:9d:49:37:c1:45:23: 36:c1:fd:90:9d:52:c4:30:c7:a6:85:a4:c1:ab:ce:3a:13:57: c5:96:bc:c9:8e:a4:f6:87:48:8a:03:9d:07:14:b7:b9:1b:85: 0f:99:c6:4b:5e:7a:b4:04:43:2e:31:69:62:40:99:ad:68:dd: 85:aa:fd:43:1f:d3:64:f7:7e:71:dc:40:ca:0c:ec:e6:4a:fb: b4:61:ac:fc:03:3e:8b:23:61:91:ff:9c:c9:69:d3:5b:4e:af: a6:23:56:1f:f9:47:68:5b:69:d0:58:80:c5:64:fa:52:69:e8: a6:fe:09:6b:8a:d8:21:3a:84:61:25:55:a7:83:38:1f:d8:a2: a2:aa:22:ff:af:55:d0:b8:1e:cd:cb:3b:f9:7a:93:a7:ec:d2: 7b:0b:57:40:5a:d8:62:af:0c:8a:18:00:4c:75:33:bc:45:dd: 6e:c0:27:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLPvmPwAnWLgak6zvXFbWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmODhjNjg2YjFlMTIyZmNkYzE2NWMwMjM3YTBmNWUzZDk5 MGJmMDEwHhcNMjUxMjA2MDEwMDQ4WhcNMjUxMjA3MDEwMDQ4WjAzMTEwLwYDVQQD EyhlODdjYTcwMmExZDM2ODk4ZjE3NGZhNmNhZjFhZjA3ZmEzMDE1NmFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLnCDU0wmU9PAYr2oYNbUmCEjcGW bJAIDPxRQdbXruxEmt6QxIJ+haimiuR+h7I4GPq4dG0SVOnqWoPraPjy1EHK3LiL u59xfs+ZxmSBlSpBZoyYZR18mo+sEG/6yPHDc4FNBuVcCqMJnavwITLAGB7jcIEm cMbXRMrIjjuDUHi2NR2eoE9+/Feo3J2jypvfi7mXqMBQDBG3k71kPnN349QyYQnv idTtuPKuG5jOrXMT56Q1xALlN6CVgfgaxjYK65skDCZ9Y9by/wvX46A67JQH0sZt xZ0NH0uxgLqLSeOODNhN2yjBYoWYLukK8ZJjJYu1+gpDTagRyVjiRIDR9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOh8pwKh02iY8XT6bK8a8H+jAVavMB8GA1UdIwQY MBaAFA+Ixoax4SL83BZcAjeg9ePZkL8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2It YjQyMjVkZTI3MjNhLzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2ItYjQyMjVkZTI3MjNh LzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4iX8HQp OWVc6UUfsRbO173fkfW3ANoIvZu7os2qJHR2XXq4Ieb9IbvSUi1/S9ZSftbnzanP XRpaNeDs0G97FNr8k8AtEKWd08TbPCUzqfp2bgxpnUk3wUUjNsH9kJ1SxDDHpoWk wavOOhNXxZa8yY6k9odIigOdBxS3uRuFD5nGS156tARDLjFpYkCZrWjdhar9Qx/T ZPd+cdxAygzs5kr7tGGs/AM+iyNhkf+cyWnTW06vpiNWH/lHaFtp0FiAxWT6Umno pv4Ja4rYITqEYSVVp4M4H9iioqoi/69V0Lgezcs7+XqTp+zSewtXQFrYYq8MihgA THUzvEXdbsAn7w== -----END CERTIFICATE-----Generated at Sat Dec 6 07:22:27 2025 by rpki-client