This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft File: d_M68l-VqylxEYjp_-pQzMshHXY.mft (raw, json) Hash identifier: qbUS0LTdZa6AizdHBIVM++vBwfkk5HL2ILh2Cpk+pZs= Subject key identifier: 86:82:2D:68:9D:8A:A3:82:A0:7F:1F:29:14:22:AE:06:F2:2E:56:C2 Authority key identifier: 77:F3:3A:F2:5F:95:AB:29:71:11:88:E9:FF:EA:50:CC:CB:21:1D:76 Certificate issuer: /CN=77f33af25f95ab29711188e9ffea50cccb211d76 Certificate serial: 019B24AC8789FC2C4C2E724703CF4C54EB83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft Manifest number: 0EF1 Signing time: Tue 16 Dec 2025 01:00:45 +0000 Manifest this update: Tue 16 Dec 2025 01:00:45 +0000 Manifest next update: Wed 17 Dec 2025 01:00:45 +0000 Files and hashes: 1: d_M68l-VqylxEYjp_-pQzMshHXY.crl (hash: 8uzqq9gWSo2RW86rBFUmStIlZU4NNuCh+r8JysjVEWg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:ac:87:89:fc:2c:4c:2e:72:47:03:cf:4c:54:eb:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77f33af25f95ab29711188e9ffea50cccb211d76 Validity Not Before: Dec 16 01:00:45 2025 GMT Not After : Dec 17 01:00:45 2025 GMT Subject: CN=86822d689d8aa382a07f1f291422ae06f22e56c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:10:76:67:60:29:d6:d1:ad:2c:7c:8b:d1:56: 0e:b3:40:a1:87:18:a7:d3:15:95:ee:05:1d:54:5b: 85:31:27:9e:1e:d3:c4:25:01:4b:26:cb:c5:3a:b9: ca:2a:f4:ab:09:47:cb:b8:4d:b7:7d:e8:09:d2:d8: 4b:1a:02:98:19:76:11:c3:a6:be:c2:98:09:96:4f: 09:ff:b5:98:af:6a:0d:81:61:4d:e1:2e:b5:99:80: ed:40:6d:32:ed:ee:fc:74:74:3c:f4:22:8d:ab:92: 3a:e0:f9:0a:b7:bf:d6:ad:54:c5:84:cc:7d:86:f9: 6d:5c:a7:91:5b:f4:d1:81:45:84:32:3f:1b:a6:b3: 33:49:83:be:3e:9e:b9:6c:3a:48:95:f4:51:e0:ef: fc:2e:41:22:23:c4:8f:ac:54:43:10:64:99:13:b2: 56:fe:d1:c0:96:aa:5e:c2:ab:08:12:c5:0a:70:fe: a1:1b:f7:d9:b0:e0:9d:61:fd:b5:dd:aa:f6:94:22: b6:20:1c:aa:db:20:4a:1e:74:27:04:50:fe:62:05: 4f:3e:53:e0:73:ae:b6:d6:55:aa:49:1f:f5:bb:2f: b1:5c:e4:0f:34:63:c2:44:59:ac:0e:59:49:83:50: b2:bd:a6:72:31:54:87:09:ba:f7:8d:b1:3b:96:24: 07:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:82:2D:68:9D:8A:A3:82:A0:7F:1F:29:14:22:AE:06:F2:2E:56:C2 X509v3 Authority Key Identifier: keyid:77:F3:3A:F2:5F:95:AB:29:71:11:88:E9:FF:EA:50:CC:CB:21:1D:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:e3:bd:f3:ac:e5:8f:79:7a:29:79:4a:bb:ce:b1:c7:00:35: da:76:c7:11:06:79:48:e3:0b:b2:07:22:2c:14:e2:02:5c:18: fb:62:01:90:c6:b7:4a:c5:56:c3:57:fc:2f:8e:6d:aa:24:cf: 2d:18:63:10:15:d6:4f:78:92:8b:6d:d2:f4:5e:ce:96:6a:1e: 49:b3:33:09:1d:70:85:50:50:b5:2e:4f:4d:e3:21:94:bf:4f: b8:91:7d:48:d4:ba:b1:a0:8e:5d:87:62:8e:af:d7:56:76:35: 74:6e:90:83:5c:b9:94:9f:56:05:e4:00:81:fc:34:4f:2b:26: 2f:ff:41:d9:e3:b2:9b:fd:61:4e:6b:be:41:c2:93:4a:ff:74: d0:85:22:c2:63:50:d9:56:4f:a5:74:02:1c:c3:84:b0:45:18: 70:24:28:18:33:af:10:c6:a5:69:c4:3d:1b:04:92:6d:90:29: b1:47:65:9f:80:92:ff:56:99:88:d6:be:92:5f:dc:f4:56:f3: 9a:84:2c:82:91:ae:af:0b:dc:bb:d0:02:3b:c4:4e:49:e3:98: c4:a6:f5:83:e9:13:7b:26:c4:ab:74:d4:2b:88:a9:75:83:ab: d1:ca:5f:81:d6:8d:ae:2c:ae:9e:d4:69:2a:da:b9:a3:63:93: d0:1f:6f:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskrIeJ/CxMLnJHA89MVOuDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3ZjMzYWYyNWY5NWFiMjk3MTExODhlOWZmZWE1MGNjY2Iy MTFkNzYwHhcNMjUxMjE2MDEwMDQ1WhcNMjUxMjE3MDEwMDQ1WjAzMTEwLwYDVQQD Eyg4NjgyMmQ2ODlkOGFhMzgyYTA3ZjFmMjkxNDIyYWUwNmYyMmU1NmMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhB2Z2Ap1tGtLHyL0VYOs0Chhxin 0xWV7gUdVFuFMSeeHtPEJQFLJsvFOrnKKvSrCUfLuE23fegJ0thLGgKYGXYRw6a+ wpgJlk8J/7WYr2oNgWFN4S61mYDtQG0y7e78dHQ89CKNq5I64PkKt7/WrVTFhMx9 hvltXKeRW/TRgUWEMj8bprMzSYO+Pp65bDpIlfRR4O/8LkEiI8SPrFRDEGSZE7JW /tHAlqpewqsIEsUKcP6hG/fZsOCdYf213ar2lCK2IByq2yBKHnQnBFD+YgVPPlPg c6621lWqSR/1uy+xXOQPNGPCRFmsDllJg1CyvaZyMVSHCbr3jbE7liQH8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIaCLWidiqOCoH8fKRQirgbyLlbCMB8GA1UdIwQY MBaAFHfzOvJflaspcRGI6f/qUMzLIR12MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNjQ2MmYtY2M3Mi00ZjY5LTk2ZjQt OGJjYTA1NjFiNzJkLzEvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9iNjQ2MmYtY2M3Mi00ZjY5LTk2ZjQtOGJjYTA1NjFiNzJk LzEvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmeO986zl j3l6KXlKu86xxwA12nbHEQZ5SOMLsgciLBTiAlwY+2IBkMa3SsVWw1f8L45tqiTP LRhjEBXWT3iSi23S9F7OlmoeSbMzCR1whVBQtS5PTeMhlL9PuJF9SNS6saCOXYdi jq/XVnY1dG6Qg1y5lJ9WBeQAgfw0TysmL/9B2eOym/1hTmu+QcKTSv900IUiwmNQ 2VZPpXQCHMOEsEUYcCQoGDOvEMalacQ9GwSSbZApsUdln4CS/1aZiNa+kl/c9Fbz moQsgpGurwvcu9ACO8ROSeOYxKb1g+kTeybEq3TUK4ipdYOr0cpfgdaNriyuntRp Ktq5o2OT0B9vpw== -----END CERTIFICATE-----Generated at Tue Dec 16 07:04:21 2025 by rpki-client