This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft File: dCnR70knCBDhAgzqhhmGQjORMaA.mft (raw, json) Hash identifier: JmmtTnb8WDypF0TeF/7TA7M2SgRc6Nw2qw11Du1CH4c= Subject key identifier: 39:76:18:3C:6D:15:5C:C0:C0:5A:CA:BA:07:53:BD:C9:37:BB:F5:F7 Authority key identifier: 74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0 Certificate issuer: /CN=7429d1ef49270810e1020cea86198642339131a0 Certificate serial: 019AF12E167064AC33DD6035A74704615B3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft Manifest number: 0C2D Signing time: Sat 06 Dec 2025 01:02:00 +0000 Manifest this update: Sat 06 Dec 2025 01:02:00 +0000 Manifest next update: Sun 07 Dec 2025 01:02:00 +0000 Files and hashes: 1: dCnR70knCBDhAgzqhhmGQjORMaA.crl (hash: vq9iXCr0n+vvYbObzi1yH1CFMGiSzq8+vBAo+QuscmE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:16:70:64:ac:33:dd:60:35:a7:47:04:61:5b:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7429d1ef49270810e1020cea86198642339131a0 Validity Not Before: Dec 6 01:02:00 2025 GMT Not After : Dec 7 01:02:00 2025 GMT Subject: CN=3976183c6d155cc0c05acaba0753bdc937bbf5f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e5:45:b2:38:25:81:04:c5:d6:29:f9:eb:e9: 67:28:0c:09:2f:49:52:60:bc:dc:02:c7:12:02:ab: 61:18:c1:b2:4d:d0:6a:26:ae:44:01:92:a1:28:f1: bf:5e:5b:52:47:19:e6:a8:66:b9:9a:2d:39:b3:c2: 39:90:4c:49:fc:81:ec:f6:c0:9c:5d:60:9a:51:1a: 74:4f:8c:c0:9b:09:e5:e7:cf:22:e8:60:2e:e5:59: 49:65:72:fc:ae:5b:70:72:d5:6f:ca:e5:4b:79:cd: 82:05:54:ea:93:d4:4e:79:06:c4:70:9a:40:16:9e: 8a:7a:37:69:28:42:0b:fa:ee:7a:40:42:b7:c6:8e: c2:1c:3a:2c:f4:e7:67:55:19:e9:82:43:3a:7f:06: 72:7e:7b:f1:97:4c:f5:c6:ff:4a:15:38:be:0d:e5: b4:c3:1a:a6:cf:ae:41:a5:20:0c:19:9b:35:13:7b: b1:10:ad:9a:79:11:04:cc:92:08:5e:4f:86:29:a9: b8:cc:03:af:23:a0:b7:45:c3:2b:d9:2b:08:19:ea: b4:21:b3:2c:ca:77:ac:87:51:94:af:4b:31:53:fb: 4a:1a:a5:16:0e:8c:d8:f2:7a:78:54:b6:87:1d:b0: 40:63:08:65:77:10:48:e0:c6:de:a3:d1:29:21:53: 5c:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:76:18:3C:6D:15:5C:C0:C0:5A:CA:BA:07:53:BD:C9:37:BB:F5:F7 X509v3 Authority Key Identifier: keyid:74:29:D1:EF:49:27:08:10:E1:02:0C:EA:86:19:86:42:33:91:31:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCnR70knCBDhAgzqhhmGQjORMaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/fc0d21-7f14-44ab-995c-e0bae8bae674/1/dCnR70knCBDhAgzqhhmGQjORMaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:4a:f0:9f:89:26:c5:f5:45:95:57:7b:11:cc:83:f4:3a:08: f6:36:a9:88:c6:9a:99:ad:77:31:70:e7:54:91:e7:81:ef:e1: 51:ee:72:fa:3f:98:87:b0:5f:e2:68:3c:06:c1:5d:bb:36:a8: f2:c5:34:0d:4f:65:b7:4e:32:f0:32:bd:c4:c1:35:fc:66:09: 61:65:7a:42:fd:36:a5:2a:1c:50:92:4e:b7:fe:a9:36:93:2e: 94:cc:f0:68:d7:37:7a:07:67:16:d2:7c:27:1c:52:2a:1b:c9: 26:47:95:95:eb:07:2f:84:c2:97:83:aa:1d:c6:e4:f8:94:30: 0f:c3:e6:10:71:c9:92:44:d4:3c:cb:67:9c:78:66:52:1e:8b: 4b:c1:4c:ae:3e:22:74:0a:c0:af:05:62:18:67:11:9b:91:03: aa:7a:6b:54:5b:f8:9f:72:9e:0e:13:1e:73:37:51:d3:59:7a: 91:5e:b0:fc:f5:19:cd:ba:eb:8d:f4:27:e8:5f:91:e4:16:85: ec:02:22:7c:ae:53:94:cd:4b:a5:f6:2b:54:d4:86:01:bd:85: 1f:ea:37:d5:ce:3d:96:1d:3d:a1:37:2a:ae:fa:8b:e1:74:f2: 2c:df:66:68:fd:74:86:77:a4:1e:24:75:70:af:b8:80:7f:6a: c8:6e:b1:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLhZwZKwz3WA1p0cEYVs+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0MjlkMWVmNDkyNzA4MTBlMTAyMGNlYTg2MTk4NjQyMzM5 MTMxYTAwHhcNMjUxMjA2MDEwMjAwWhcNMjUxMjA3MDEwMjAwWjAzMTEwLwYDVQQD EygzOTc2MTgzYzZkMTU1Y2MwYzA1YWNhYmEwNzUzYmRjOTM3YmJmNWY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuVFsjglgQTF1in56+lnKAwJL0lS YLzcAscSAqthGMGyTdBqJq5EAZKhKPG/XltSRxnmqGa5mi05s8I5kExJ/IHs9sCc XWCaURp0T4zAmwnl588i6GAu5VlJZXL8rltwctVvyuVLec2CBVTqk9ROeQbEcJpA Fp6KejdpKEIL+u56QEK3xo7CHDos9OdnVRnpgkM6fwZyfnvxl0z1xv9KFTi+DeW0 wxqmz65BpSAMGZs1E3uxEK2aeREEzJIIXk+GKam4zAOvI6C3RcMr2SsIGeq0IbMs ynesh1GUr0sxU/tKGqUWDozY8np4VLaHHbBAYwhldxBI4Mbeo9EpIVNcYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDl2GDxtFVzAwFrKugdTvck3u/X3MB8GA1UdIwQY MBaAFHQp0e9JJwgQ4QIM6oYZhkIzkTGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMt ZTBiYWU4YmFlNjc0LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy9mYzBkMjEtN2YxNC00NGFiLTk5NWMtZTBiYWU4YmFlNjc0 LzEvZENuUjcwa25DQkRoQWd6cWhobUdRak9STWFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARkrwn4km xfVFlVd7EcyD9DoI9japiMaama13MXDnVJHnge/hUe5y+j+Yh7Bf4mg8BsFduzao 8sU0DU9lt04y8DK9xME1/GYJYWV6Qv02pSocUJJOt/6pNpMulMzwaNc3egdnFtJ8 JxxSKhvJJkeVlesHL4TCl4OqHcbk+JQwD8PmEHHJkkTUPMtnnHhmUh6LS8FMrj4i dArArwViGGcRm5EDqnprVFv4n3KeDhMeczdR01l6kV6w/PUZzbrrjfQn6F+R5BaF 7AIifK5TlM1LpfYrVNSGAb2FH+o31c49lh09oTcqrvqL4XTyLN9maP10hnekHiR1 cK+4gH9qyG6xRw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:39:49 2025 by rpki-client