This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft File: 28sc89PzzcNCb7SfCgwz3ATIaBw.mft (raw, json) Hash identifier: zKVThiEOBfl+etSA8Ari4MUONaxCtdvF7P9WkUjf2dk= Subject key identifier: 15:1A:B2:9B:50:CC:A6:67:B2:00:53:14:AA:65:0D:8C:56:B4:1C:38 Authority key identifier: DB:CB:1C:F3:D3:F3:CD:C3:42:6F:B4:9F:0A:0C:33:DC:04:C8:68:1C Certificate issuer: /CN=dbcb1cf3d3f3cdc3426fb49f0a0c33dc04c8681c Certificate serial: 019AF1D208D2CD6D8D8DE4A77BFD52F8DB2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft Manifest number: 10F7 Signing time: Sat 06 Dec 2025 04:01:05 +0000 Manifest this update: Sat 06 Dec 2025 04:01:05 +0000 Manifest next update: Sun 07 Dec 2025 04:01:05 +0000 Files and hashes: 1: 28sc89PzzcNCb7SfCgwz3ATIaBw.crl (hash: B0PX+eLSnPd3dPNUoZKgv7ICD7CWlQBTWzaBo8EffIY=) 2: I5ms-9-HDQyJVXC11lx_-uEpynE.roa (hash: +pNOsJjPZEu3zURh4NPSrLLV4Ki6TCXOgrQW5jhS4rs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:08:d2:cd:6d:8d:8d:e4:a7:7b:fd:52:f8:db:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbcb1cf3d3f3cdc3426fb49f0a0c33dc04c8681c Validity Not Before: Dec 6 04:01:05 2025 GMT Not After : Dec 7 04:01:05 2025 GMT Subject: CN=151ab29b50cca667b2005314aa650d8c56b41c38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:56:d5:17:7e:54:23:e6:0b:04:bf:6c:fe:e8: 4b:e3:0e:e1:e6:34:bf:75:53:c5:01:98:17:6e:7b: b6:0d:05:7d:a2:e8:93:fd:b5:5c:d3:38:ae:68:b2: a8:e0:70:f1:18:1e:00:c8:93:13:59:90:89:d8:95: cb:c3:58:7d:94:35:67:b4:b5:14:e9:20:4d:f9:9b: e8:98:af:2a:d8:f5:08:0c:45:f3:47:84:46:44:52: 24:49:e1:b2:aa:ed:46:a4:52:b6:e6:66:23:fb:fd: 3e:9f:f4:6b:c9:39:d4:77:9d:96:e4:aa:be:c2:97: 4f:59:59:d3:17:0a:53:93:5c:51:78:6b:d5:c7:24: d9:1e:5c:bc:4e:c1:96:b3:6d:0a:a9:e2:9f:b3:fb: a5:79:c7:50:f7:6e:f8:c8:f0:93:d5:d8:1d:6b:63: 01:d7:e5:00:45:6b:b2:fb:a0:25:ca:a4:5b:29:f7: 81:35:7c:62:df:9b:ae:92:bd:b7:b5:9e:84:d3:e5: 43:2e:76:39:72:42:6c:6a:71:a8:70:c5:73:7e:94: 72:1e:7f:24:3e:c6:fe:db:83:a0:26:96:b5:04:8d: 16:0d:3a:41:53:e1:02:2c:8e:6d:6b:03:38:37:43: 53:ee:5a:ad:e6:22:76:4b:48:15:b8:b1:fd:74:db: f7:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:1A:B2:9B:50:CC:A6:67:B2:00:53:14:AA:65:0D:8C:56:B4:1C:38 X509v3 Authority Key Identifier: keyid:DB:CB:1C:F3:D3:F3:CD:C3:42:6F:B4:9F:0A:0C:33:DC:04:C8:68:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28sc89PzzcNCb7SfCgwz3ATIaBw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a408fb-5c80-4dca-8428-73669ba63f7c/1/28sc89PzzcNCb7SfCgwz3ATIaBw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:4f:22:bf:6b:12:5c:ca:02:b8:05:7f:f2:d3:92:00:5e:ec: 98:0c:62:49:21:39:42:d4:a0:50:66:c6:07:c4:d9:38:bd:b4: cc:05:dd:99:03:4e:c7:b0:7c:73:25:46:1c:dc:90:8c:93:fe: 24:63:44:bb:d7:83:6b:7b:5b:cd:a5:da:f1:5e:9a:78:20:a9: 83:b9:a3:5c:f3:e1:ed:68:ff:31:21:fd:0a:5a:1b:ef:4e:88: 93:e7:c3:b9:cb:ff:7b:d7:dd:ad:93:20:fe:b0:b0:44:c7:9b: 72:5f:a6:46:a1:71:6d:92:f2:92:6e:8b:54:27:0d:30:eb:77: e0:f2:4f:b6:68:42:4f:8f:68:c7:28:70:46:ba:e4:3f:db:71: d3:de:35:c1:6b:75:1f:19:e5:23:8c:82:e8:a4:e3:94:8f:7d: 84:bb:a4:a8:84:25:53:96:f1:27:eb:23:4a:ab:0f:9b:0b:f7: 77:94:7a:92:aa:b9:fd:98:cd:5a:15:7a:53:b3:06:4c:9d:6a: 6d:0a:a0:a8:dc:bc:20:4a:34:a2:b2:ee:f5:76:90:11:e7:15: c4:89:63:0b:34:b4:99:8d:25:50:64:bd:1b:a5:40:9c:ac:36: cd:ce:13:71:ee:81:a5:e2:19:69:65:36:e8:45:f3:46:31:2f: 2a:cd:42:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0gjSzW2NjeSne/1S+NssMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiY2IxY2YzZDNmM2NkYzM0MjZmYjQ5ZjBhMGMzM2RjMDRj ODY4MWMwHhcNMjUxMjA2MDQwMTA1WhcNMjUxMjA3MDQwMTA1WjAzMTEwLwYDVQQD EygxNTFhYjI5YjUwY2NhNjY3YjIwMDUzMTRhYTY1MGQ4YzU2YjQxYzM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFbVF35UI+YLBL9s/uhL4w7h5jS/ dVPFAZgXbnu2DQV9ouiT/bVc0ziuaLKo4HDxGB4AyJMTWZCJ2JXLw1h9lDVntLUU 6SBN+ZvomK8q2PUIDEXzR4RGRFIkSeGyqu1GpFK25mYj+/0+n/RryTnUd52W5Kq+ wpdPWVnTFwpTk1xReGvVxyTZHly8TsGWs20KqeKfs/ulecdQ9274yPCT1dgda2MB 1+UARWuy+6AlyqRbKfeBNXxi35uukr23tZ6E0+VDLnY5ckJsanGocMVzfpRyHn8k Psb+24OgJpa1BI0WDTpBU+ECLI5tawM4N0NT7lqt5iJ2S0gVuLH9dNv3VQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBUasptQzKZnsgBTFKplDYxWtBw4MB8GA1UdIwQY MBaAFNvLHPPT883DQm+0nwoMM9wEyGgcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hNDA4ZmItNWM4MC00ZGNhLTg0Mjgt NzM2NjliYTYzZjdjLzEvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi9hNDA4ZmItNWM4MC00ZGNhLTg0MjgtNzM2NjliYTYzZjdj LzEvMjhzYzg5UHp6Y05DYjdTZkNnd3ozQVRJYUJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZk8iv2sS XMoCuAV/8tOSAF7smAxiSSE5QtSgUGbGB8TZOL20zAXdmQNOx7B8cyVGHNyQjJP+ JGNEu9eDa3tbzaXa8V6aeCCpg7mjXPPh7Wj/MSH9Clob706Ik+fDucv/e9fdrZMg /rCwRMebcl+mRqFxbZLykm6LVCcNMOt34PJPtmhCT49oxyhwRrrkP9tx0941wWt1 HxnlI4yC6KTjlI99hLukqIQlU5bxJ+sjSqsPmwv3d5R6kqq5/ZjNWhV6U7MGTJ1q bQqgqNy8IEo0orLu9XaQEecVxIljCzS0mY0lUGS9G6VAnKw2zc4Tce6BpeIZaWU2 6EXzRjEvKs1C7Q== -----END CERTIFICATE-----Generated at Sat Dec 6 08:26:49 2025 by rpki-client