This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft File: De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft (raw, json) Hash identifier: mVdVZns+lXLr6HCvlYAA/T608jrBPuJ7MTpziPr2WyQ= Subject key identifier: A3:7C:79:47:FF:00:D4:78:2C:9A:B9:A9:B8:DF:6B:72:2D:28:F2:C8 Authority key identifier: 0D:ED:66:D2:C5:A4:93:A0:95:34:35:7E:5C:A2:6F:03:D1:A4:DD:D4 Certificate issuer: /CN=0ded66d2c5a493a09534357e5ca26f03d1a4ddd4 Certificate serial: 019B2D0C545CDF8EBBD67AFEF87D52E782CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft Manifest number: 0B6D Signing time: Wed 17 Dec 2025 16:02:21 +0000 Manifest this update: Wed 17 Dec 2025 16:02:21 +0000 Manifest next update: Thu 18 Dec 2025 16:02:21 +0000 Files and hashes: 1: 7XdSGfevcJJsevy7fOceWvja7nc.roa (hash: 738FMMf7Atyvq/JMYg2GIhaCbgWHQKUbxrDxkyANCA8=) 2: De1m0sWkk6CVNDV-XKJvA9Gk3dQ.crl (hash: auMHl1lHSRIa2np0P8D/poBqpGmMbHuMV5q5O2IUuZc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft rsync://rpki.ripe.net/repository/DEFAULT/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0c:54:5c:df:8e:bb:d6:7a:fe:f8:7d:52:e7:82:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ded66d2c5a493a09534357e5ca26f03d1a4ddd4 Validity Not Before: Dec 17 16:02:21 2025 GMT Not After : Dec 18 16:02:21 2025 GMT Subject: CN=a37c7947ff00d4782c9ab9a9b8df6b722d28f2c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:d1:0d:cc:42:56:1c:47:09:75:a1:91:23:2b: a8:88:cf:ae:3a:00:ef:5c:25:32:45:3c:12:60:b3: b1:5c:e3:d2:de:88:2c:33:f5:fb:e3:52:85:2f:5b: ae:a2:8f:f1:4f:39:fc:1b:9d:fb:73:ec:a9:f3:6f: 2a:cc:68:93:cb:d6:15:0d:a4:e9:17:bf:9f:1f:ae: 4d:ec:00:8d:9d:50:70:f5:86:c8:73:ba:b6:57:12: 07:7d:1f:e1:4b:96:f4:8f:fb:a7:d9:e3:b9:24:4a: ad:45:57:26:fb:f8:20:5a:b5:52:ca:ec:ab:cb:b4: 70:52:ec:9f:e5:64:a4:ad:05:fb:fb:48:b0:d2:b1: ae:22:2a:6f:c8:dd:9d:3e:69:26:e6:94:b3:ad:50: 42:f6:e1:34:35:9e:65:4d:9b:eb:1f:48:fa:60:d8: 63:08:f7:a2:23:e9:f3:f4:f2:fe:fe:56:cc:4c:f7: 56:ac:a8:20:51:00:5c:76:f4:51:56:14:eb:ec:62: 13:c5:b1:70:d9:81:e2:1f:39:b9:6a:ca:54:b4:48: 96:2d:71:00:7f:d1:d7:a1:9a:c8:64:54:8e:52:1d: c3:50:5f:85:a7:8c:3d:8f:c8:22:ed:fd:4b:0e:57: 2b:05:2e:a6:62:37:d2:c9:af:4c:d5:c2:7d:85:4d: 0c:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:7C:79:47:FF:00:D4:78:2C:9A:B9:A9:B8:DF:6B:72:2D:28:F2:C8 X509v3 Authority Key Identifier: keyid:0D:ED:66:D2:C5:A4:93:A0:95:34:35:7E:5C:A2:6F:03:D1:A4:DD:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d9cc5b-f868-43fe-9c5c-37b96ffba76a/1/De1m0sWkk6CVNDV-XKJvA9Gk3dQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:81:b9:bb:d2:4a:56:d8:38:1d:3e:42:3d:d2:0c:87:83:bb: fa:bc:93:4b:94:85:ee:80:ef:36:0a:5c:ba:e2:ce:b8:07:c2: 6d:d8:b2:19:28:88:71:7f:37:3d:da:0c:70:1d:28:cb:f3:dc: 3d:a3:f3:0a:c2:0d:10:1c:ca:a5:1d:e2:01:6d:80:7c:ff:e6: e4:2b:72:7d:3f:ac:4c:06:63:75:01:a6:66:90:bf:59:ce:5b: ef:a6:41:ce:61:92:da:7a:50:e6:34:e1:07:b4:2e:99:18:76: 08:22:9b:6c:b0:a4:97:57:13:c1:e8:88:95:cb:5a:e2:cd:06: 99:e2:0d:3b:4e:a5:d1:b6:7b:51:4a:07:44:0e:bf:83:ff:73: b3:7f:80:e9:ad:5b:0c:c1:82:3e:55:53:d2:a7:e7:db:67:1d: e3:68:ac:25:ed:9c:5b:a3:0e:d9:d0:f5:5e:54:f5:47:bc:36: 5a:0d:ed:67:83:4b:f2:7e:66:10:59:55:78:ef:b8:51:c7:10: 53:c6:cc:91:67:6c:3c:fa:80:d1:3b:36:e4:34:9a:f7:b4:44: d0:b3:94:b1:2d:fc:ef:01:bb:f4:34:2d:3a:a0:f2:19:d2:04: 39:32:67:6e:18:db:96:1c:8f:70:cf:09:c1:c7:5e:61:e9:b1: d9:45:43:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstDFRc34671nr++H1S54LLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkZWQ2NmQyYzVhNDkzYTA5NTM0MzU3ZTVjYTI2ZjAzZDFh NGRkZDQwHhcNMjUxMjE3MTYwMjIxWhcNMjUxMjE4MTYwMjIxWjAzMTEwLwYDVQQD EyhhMzdjNzk0N2ZmMDBkNDc4MmM5YWI5YTliOGRmNmI3MjJkMjhmMmM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tENzEJWHEcJdaGRIyuoiM+uOgDv XCUyRTwSYLOxXOPS3ogsM/X741KFL1uuoo/xTzn8G537c+yp828qzGiTy9YVDaTp F7+fH65N7ACNnVBw9YbIc7q2VxIHfR/hS5b0j/un2eO5JEqtRVcm+/ggWrVSyuyr y7RwUuyf5WSkrQX7+0iw0rGuIipvyN2dPmkm5pSzrVBC9uE0NZ5lTZvrH0j6YNhj CPeiI+nz9PL+/lbMTPdWrKggUQBcdvRRVhTr7GITxbFw2YHiHzm5aspUtEiWLXEA f9HXoZrIZFSOUh3DUF+Fp4w9j8gi7f1LDlcrBS6mYjfSya9M1cJ9hU0MqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKN8eUf/ANR4LJq5qbjfa3ItKPLIMB8GA1UdIwQY MBaAFA3tZtLFpJOglTQ1flyibwPRpN3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGUxbTBzV2trNkNWTkRWLVhLSnZBOUdrM2RRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kOWNjNWItZjg2OC00M2ZlLTljNWMt MzdiOTZmZmJhNzZhLzEvRGUxbTBzV2trNkNWTkRWLVhLSnZBOUdrM2RRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9kOWNjNWItZjg2OC00M2ZlLTljNWMtMzdiOTZmZmJhNzZh LzEvRGUxbTBzV2trNkNWTkRWLVhLSnZBOUdrM2RRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4G5u9JK Vtg4HT5CPdIMh4O7+ryTS5SF7oDvNgpcuuLOuAfCbdiyGSiIcX83PdoMcB0oy/Pc PaPzCsINEBzKpR3iAW2AfP/m5CtyfT+sTAZjdQGmZpC/Wc5b76ZBzmGS2npQ5jTh B7QumRh2CCKbbLCkl1cTweiIlcta4s0GmeINO06l0bZ7UUoHRA6/g/9zs3+A6a1b DMGCPlVT0qfn22cd42isJe2cW6MO2dD1XlT1R7w2Wg3tZ4NL8n5mEFlVeO+4UccQ U8bMkWdsPPqA0Ts25DSa97RE0LOUsS387wG79DQtOqDyGdIEOTJnbhjblhyPcM8J wcdeYemx2UVDPg== -----END CERTIFICATE-----Generated at Wed Dec 17 18:10:02 2025 by rpki-client