This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft File: l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json) Hash identifier: 3ACp6pQGOuLnJcEjpO1qQNy/rjgYWyfNFd70uHiV0Qk= Subject key identifier: 75:9D:2A:36:B9:45:1C:79:25:42:14:3F:EB:92:38:DD:BE:CE:B9:1D Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8 Certificate issuer: /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8 Certificate serial: 019AF19A97A59E2F9B8CBBCA93DFB8F2FE28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft Manifest number: 175C Signing time: Sat 06 Dec 2025 03:00:31 +0000 Manifest this update: Sat 06 Dec 2025 03:00:31 +0000 Manifest next update: Sun 07 Dec 2025 03:00:31 +0000 Files and hashes: 1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: Zly5yqGvDez9t9uRUPV+KDEKgkEa7r9pGa42lZ60Bqw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:97:a5:9e:2f:9b:8c:bb:ca:93:df:b8:f2:fe:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8 Validity Not Before: Dec 6 03:00:31 2025 GMT Not After : Dec 7 03:00:31 2025 GMT Subject: CN=759d2a36b9451c792542143feb9238ddbeceb91d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:45:84:14:df:e5:db:d7:aa:65:3a:8e:bc:90: 03:40:68:99:ce:aa:1c:cc:e6:39:b3:33:22:d7:df: 0d:77:4d:28:d5:b6:ef:42:cd:cd:b3:57:c4:cf:72: e1:bd:32:28:b4:00:2c:a3:80:38:b7:58:77:12:14: 51:3d:da:17:34:3c:bf:fb:db:fd:ca:e0:dc:b0:e8: d1:ef:ac:78:36:a9:30:58:ae:1a:e2:f8:44:a4:98: 6f:72:0b:64:5d:49:e4:45:85:ec:b5:ae:02:ab:89: ca:46:02:30:06:b2:90:ad:20:4c:8a:ce:ff:26:88: 33:65:30:a6:1b:9a:2f:4e:77:41:e9:76:47:e8:83: 26:a0:f8:f4:9a:51:f9:d0:db:35:ed:c6:33:9a:3e: 93:9a:ec:1a:eb:03:9b:46:93:23:85:61:af:2c:77: 8b:99:49:46:48:34:26:49:62:52:59:6d:1c:10:cf: da:8a:d8:31:57:83:53:e9:09:32:1d:60:87:66:da: 51:94:22:dd:2d:7d:a3:99:c6:b9:88:04:2a:b3:ff: bc:38:4b:3a:b2:bf:15:f9:1f:5b:a8:df:a7:ce:a3: b3:dc:2c:3e:d4:39:cf:7f:f0:1b:86:e4:89:35:05: 9f:b0:de:0e:ac:f8:8b:c6:bb:35:3a:60:08:af:3b: d8:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:9D:2A:36:B9:45:1C:79:25:42:14:3F:EB:92:38:DD:BE:CE:B9:1D X509v3 Authority Key Identifier: keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:b1:d4:5c:9a:23:55:b4:94:a8:db:50:f3:9d:8f:0a:f7:fe: b1:91:3f:4a:be:ce:d3:47:3a:72:eb:35:5e:69:5a:24:9a:16: e1:d1:f8:08:52:8d:a2:a3:57:92:19:06:64:19:f6:ec:bf:2d: d3:11:71:ac:5b:52:7c:b5:7b:57:ef:aa:2a:5b:ed:26:58:49: e0:73:de:cf:8c:2f:4c:5a:c1:c6:47:bb:4f:78:b4:4f:1f:f9: 61:4d:22:26:8e:4e:54:9d:59:2c:de:74:84:55:b2:c5:ff:49: 1f:4c:85:e1:13:63:bf:39:7d:d5:51:a1:d7:2f:b8:13:1d:98: 02:31:7f:b3:76:1d:a4:c1:9b:45:4b:d4:88:9f:f5:4f:b7:51: c0:18:9e:bb:78:68:90:3c:79:6a:1d:10:9c:e3:63:a4:db:68: ae:ae:cb:71:2e:76:f8:35:f4:47:10:7b:cb:e3:98:6e:e2:a3: 9e:5a:43:9b:ca:66:7f:0c:8d:a7:d0:ce:7a:d3:66:4d:82:c8: 7b:49:c1:be:88:c6:85:e0:52:56:6f:22:ca:0b:c1:97:69:dd: 5f:90:36:b7:56:8a:78:f8:a7:14:71:79:06:65:57:2f:79:0a: 09:a0:75:3d:eb:97:95:b2:9d:74:e9:53:2b:1d:ef:75:58:a2: 93:b4:80:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmpelni+bjLvKk9+48v4oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5 OTQ5YjgwHhcNMjUxMjA2MDMwMDMxWhcNMjUxMjA3MDMwMDMxWjAzMTEwLwYDVQQD Eyg3NTlkMmEzNmI5NDUxYzc5MjU0MjE0M2ZlYjkyMzhkZGJlY2ViOTFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40WEFN/l29eqZTqOvJADQGiZzqoc zOY5szMi198Nd00o1bbvQs3Ns1fEz3LhvTIotAAso4A4t1h3EhRRPdoXNDy/+9v9 yuDcsOjR76x4NqkwWK4a4vhEpJhvcgtkXUnkRYXsta4Cq4nKRgIwBrKQrSBMis7/ JogzZTCmG5ovTndB6XZH6IMmoPj0mlH50Ns17cYzmj6Tmuwa6wObRpMjhWGvLHeL mUlGSDQmSWJSWW0cEM/aitgxV4NT6QkyHWCHZtpRlCLdLX2jmca5iAQqs/+8OEs6 sr8V+R9bqN+nzqOz3Cw+1DnPf/AbhuSJNQWfsN4OrPiLxrs1OmAIrzvY0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHWdKja5RRx5JUIUP+uSON2+zrkdMB8GA1UdIwQY MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhLHUXJoj VbSUqNtQ852PCvf+sZE/Sr7O00c6cus1XmlaJJoW4dH4CFKNoqNXkhkGZBn27L8t 0xFxrFtSfLV7V++qKlvtJlhJ4HPez4wvTFrBxke7T3i0Tx/5YU0iJo5OVJ1ZLN50 hFWyxf9JH0yF4RNjvzl91VGh1y+4Ex2YAjF/s3YdpMGbRUvUiJ/1T7dRwBieu3ho kDx5ah0QnONjpNtorq7LcS52+DX0RxB7y+OYbuKjnlpDm8pmfwyNp9DOetNmTYLI e0nBvojGheBSVm8iygvBl2ndX5A2t1aKePinFHF5BmVXL3kKCaB1PeuXlbKddOlT Kx3vdViik7SAIA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:45 2025 by rpki-client