This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft File: dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft (raw, json) Hash identifier: TKF143p3ju9NhXYSeoypdo/UgZ21/7fe6ONdxWn4A6g= Subject key identifier: B4:88:A1:9B:A5:D8:2B:29:F4:B0:2C:B2:BF:09:98:85:60:1F:E6:69 Authority key identifier: 74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C Certificate issuer: /CN=74f675a1679816793d5b30ad2f253f56c8e2445c Certificate serial: 019AF464E4FB89651D8D6BE371F840617444 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 16:00:44 +0000 Manifest this update: Sat 06 Dec 2025 16:00:44 +0000 Manifest next update: Sun 07 Dec 2025 16:00:44 +0000 Files and hashes: 1: dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl (hash: oOYWQ+LDH27HqVrC/w38v0WDtQnDU6FHUSaQJGDsj58=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:e4:fb:89:65:1d:8d:6b:e3:71:f8:40:61:74:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74f675a1679816793d5b30ad2f253f56c8e2445c Validity Not Before: Dec 6 16:00:44 2025 GMT Not After : Dec 7 16:00:44 2025 GMT Subject: CN=b488a19ba5d82b29f4b02cb2bf099885601fe669 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:f9:76:33:32:ba:c7:4e:08:9a:e6:83:c1:b1: 10:61:79:70:8e:54:2a:ec:a2:6c:ca:9a:97:eb:33: 82:12:60:d9:3a:3e:74:6f:c9:dc:86:f0:ec:27:a9: 9f:e0:ed:25:7c:85:5a:a2:7b:2b:12:18:e7:52:b7: 1e:38:95:e2:6d:6c:58:5a:a0:7a:d2:d0:d6:7e:e4: 38:56:1f:92:f7:71:ae:20:f2:0b:b6:31:f7:75:46: 34:7a:2c:dc:6d:f3:fa:08:de:ae:a0:03:d5:bb:58: ac:b7:e8:d2:ff:be:ce:b0:ff:af:bb:1b:14:a3:c1: a5:00:7e:5a:bf:a6:8b:36:d6:04:9b:61:59:8d:4d: aa:2a:00:8e:aa:73:e9:a1:b2:16:22:bc:ed:38:95: 9a:a4:29:ea:ae:08:e3:2b:f9:7d:44:0f:20:7b:cc: 53:c9:38:5b:24:66:b0:65:ef:aa:5d:15:d1:e9:23: 37:88:ab:a0:2f:f9:a1:24:4e:d3:9c:7e:f0:63:92: e8:d5:87:46:39:5d:6e:be:3c:35:f9:c3:5e:31:90: 6c:0d:b1:cc:64:e5:aa:72:37:5a:8a:2e:e7:1d:bb: 15:30:74:17:7b:8d:c1:9d:f6:b5:de:e9:f4:a8:f2: ef:32:ac:42:cc:e3:24:39:60:b5:f9:52:61:84:78: 96:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:88:A1:9B:A5:D8:2B:29:F4:B0:2C:B2:BF:09:98:85:60:1F:E6:69 X509v3 Authority Key Identifier: keyid:74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:52:67:5c:b5:20:b5:e8:88:28:e2:f9:15:df:74:07:ae:ee: d5:8d:a5:63:ae:9f:c1:e6:d4:98:47:2f:37:1a:8b:ec:80:47: f1:02:ac:8e:ab:a9:20:05:6d:80:a3:ad:8a:a2:cd:30:fc:60: c1:6d:4e:ad:d1:c3:02:d1:2a:aa:5d:ee:76:73:c1:8b:48:95: 3f:3a:98:2a:4e:2e:d2:04:32:26:64:85:50:aa:91:fe:c7:06: d4:17:b0:54:8b:d3:a3:c3:9b:d5:be:1d:6f:ca:9f:54:9b:9c: 66:11:0e:29:29:c7:d3:10:38:a4:33:a1:61:3b:6e:61:1d:48: 72:2e:87:ef:1e:43:9f:94:79:da:16:2b:67:dc:e0:3a:e2:39: 8d:8f:09:44:14:4b:7a:57:52:dd:92:7c:57:91:89:b8:d0:ec: 05:20:b0:f1:c0:e2:c2:f6:0a:b0:a2:43:62:15:0c:74:30:a9: f7:d5:55:d3:39:b8:37:53:10:39:7c:6b:c9:03:5a:37:02:77: b2:ac:c3:ee:f1:6e:1f:b9:d8:59:bc:71:c2:3c:37:f7:3f:98: 15:10:c8:d2:7c:e8:d0:ec:68:fa:1f:0f:dd:99:61:7c:fc:e6: dd:4e:7f:ab:9b:12:04:e9:fa:4e:ad:de:eb:56:10:41:d0:4e: 21:86:d7:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZOT7iWUdjWvjcfhAYXREMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0ZjY3NWExNjc5ODE2NzkzZDViMzBhZDJmMjUzZjU2Yzhl MjQ0NWMwHhcNMjUxMjA2MTYwMDQ0WhcNMjUxMjA3MTYwMDQ0WjAzMTEwLwYDVQQD EyhiNDg4YTE5YmE1ZDgyYjI5ZjRiMDJjYjJiZjA5OTg4NTYwMWZlNjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Pl2MzK6x04ImuaDwbEQYXlwjlQq 7KJsypqX6zOCEmDZOj50b8nchvDsJ6mf4O0lfIVaonsrEhjnUrceOJXibWxYWqB6 0tDWfuQ4Vh+S93GuIPILtjH3dUY0eizcbfP6CN6uoAPVu1ist+jS/77OsP+vuxsU o8GlAH5av6aLNtYEm2FZjU2qKgCOqnPpobIWIrztOJWapCnqrgjjK/l9RA8ge8xT yThbJGawZe+qXRXR6SM3iKugL/mhJE7TnH7wY5Lo1YdGOV1uvjw1+cNeMZBsDbHM ZOWqcjdaii7nHbsVMHQXe43Bnfa13un0qPLvMqxCzOMkOWC1+VJhhHiWfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLSIoZul2Csp9LAssr8JmIVgH+ZpMB8GA1UdIwQY MBaAFHT2daFnmBZ5PVswrS8lP1bI4kRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTIt MzM2MjkzNzM0NTA3LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTItMzM2MjkzNzM0NTA3 LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclJnXLUg teiIKOL5Fd90B67u1Y2lY66fwebUmEcvNxqL7IBH8QKsjqupIAVtgKOtiqLNMPxg wW1OrdHDAtEqql3udnPBi0iVPzqYKk4u0gQyJmSFUKqR/scG1BewVIvTo8Ob1b4d b8qfVJucZhEOKSnH0xA4pDOhYTtuYR1Ici6H7x5Dn5R52hYrZ9zgOuI5jY8JRBRL eldS3ZJ8V5GJuNDsBSCw8cDiwvYKsKJDYhUMdDCp99VV0zm4N1MQOXxryQNaNwJ3 sqzD7vFuH7nYWbxxwjw39z+YFRDI0nzo0Oxo+h8P3ZlhfPzm3U5/q5sSBOn6Tq3e 61YQQdBOIYbXCQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:02:22 2025 by rpki-client