This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft File: dbzZGxsvmvS3QhSm1njOBxlo4c8.mft (raw, json) Hash identifier: PDD4Apj1AY/Q7YbBOVUeB8hFi5dNfBq/J/LaJgsblDM= Subject key identifier: 3E:95:21:B8:59:65:89:DC:6E:FC:4B:3E:7F:F2:0F:E7:E4:01:2F:51 Authority key identifier: 75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF Certificate issuer: /CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf Certificate serial: 019AF50AA4B57D387838A9A29AF9DDFB8FDB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft Manifest number: 098C Signing time: Sat 06 Dec 2025 19:01:46 +0000 Manifest this update: Sat 06 Dec 2025 19:01:46 +0000 Manifest next update: Sun 07 Dec 2025 19:01:46 +0000 Files and hashes: 1: dbzZGxsvmvS3QhSm1njOBxlo4c8.crl (hash: TYCRIFRqqFYkSEl/BDRI0xSSJWdG6zLcu+WN9cSMu9g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:a4:b5:7d:38:78:38:a9:a2:9a:f9:dd:fb:8f:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75bcd91b1b2f9af4b74214a6d678ce071968e1cf Validity Not Before: Dec 6 19:01:46 2025 GMT Not After : Dec 7 19:01:46 2025 GMT Subject: CN=3e9521b8596589dc6efc4b3e7ff20fe7e4012f51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0c:77:d0:b6:7d:76:c2:e3:d7:1c:22:63:3b: 5c:d6:a9:84:c0:0a:0d:23:a6:1f:11:32:1f:cf:2a: 7e:1d:87:91:22:20:de:10:e9:0d:21:0a:a4:1b:fe: 96:f1:24:b4:c2:8e:d2:8f:e6:65:07:17:e5:c8:38: a2:46:b4:a4:0c:a8:17:a6:97:ef:41:1f:d4:c0:80: b1:b6:b1:28:36:db:8d:7d:8c:f0:70:b8:a5:73:0e: 19:57:ca:67:52:bd:83:d1:b3:10:e0:e7:3d:96:5c: 2f:45:58:87:fc:24:7d:bf:ec:11:3e:85:ab:e9:59: 21:c6:a3:f8:e1:2f:3d:2f:6b:ae:d6:07:22:be:30: 30:c6:10:78:16:6f:9b:88:91:23:fe:4f:f5:42:ce: b4:39:e0:a5:83:1d:8b:0a:72:8a:36:b0:26:c8:2b: f2:c7:7e:5e:65:71:2e:01:4a:24:ad:fd:44:34:f6: 94:94:a3:e4:b0:2f:8e:40:84:4a:15:05:e7:15:d0: c5:41:84:1c:4f:a9:03:7d:25:23:70:55:48:18:97: db:b2:f8:52:cd:1e:80:67:04:32:39:30:e6:c7:8c: 0b:d4:33:95:8e:52:44:9f:d3:41:b7:30:25:cc:ad: 4b:ed:2d:c6:56:cc:3d:93:e4:1a:b6:e3:38:07:8c: b9:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:95:21:B8:59:65:89:DC:6E:FC:4B:3E:7F:F2:0F:E7:E4:01:2F:51 X509v3 Authority Key Identifier: keyid:75:BC:D9:1B:1B:2F:9A:F4:B7:42:14:A6:D6:78:CE:07:19:68:E1:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzZGxsvmvS3QhSm1njOBxlo4c8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c9c030-553e-430a-987d-1c057552691e/1/dbzZGxsvmvS3QhSm1njOBxlo4c8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:32:08:74:a7:9b:92:d0:4b:f2:7f:18:1d:79:6f:cb:25:df: f5:51:d6:73:27:9e:00:f4:fe:fd:10:ed:70:68:0f:d1:12:a4: 4c:8c:58:cd:20:c9:c2:69:a1:34:be:14:0d:b9:df:0c:fd:6e: f3:9b:3d:7e:37:61:59:8d:12:0d:1c:5f:e5:a0:9a:86:fe:1b: f3:c4:e2:cb:e4:bc:aa:a7:77:31:b7:2d:7a:c8:ff:0d:02:d0: d3:72:8e:7a:2b:49:ee:a0:a2:a5:f3:97:ad:7a:ee:f5:de:33: 3c:a9:03:ce:36:6a:3d:b0:cc:9e:c8:31:c3:ed:0f:ac:c3:d6: 2d:92:1e:f7:72:cb:f2:a5:6c:31:72:04:7f:1e:20:29:0f:5d: 40:a9:78:6f:e3:10:c8:0f:0a:b5:81:90:62:83:da:14:4f:51: c2:33:88:c4:f3:07:e5:69:87:21:d8:ca:78:be:d1:ac:09:1a: 81:4c:d3:ce:40:e9:d3:5f:5a:5f:07:e9:d8:98:eb:17:b6:99: 7b:8e:14:c9:01:7f:da:3b:50:25:16:b3:5a:1c:7e:24:95:4b: ed:2f:96:c5:35:cc:00:64:48:41:68:68:07:93:e1:a4:d2:27: 7e:97:19:bb:bc:63:fb:f0:bf:3d:f2:58:25:1a:88:9e:f7:8a: 59:62:ca:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CqS1fTh4OKmimvnd+4/bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1YmNkOTFiMWIyZjlhZjRiNzQyMTRhNmQ2NzhjZTA3MTk2 OGUxY2YwHhcNMjUxMjA2MTkwMTQ2WhcNMjUxMjA3MTkwMTQ2WjAzMTEwLwYDVQQD EygzZTk1MjFiODU5NjU4OWRjNmVmYzRiM2U3ZmYyMGZlN2U0MDEyZjUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQx30LZ9dsLj1xwiYztc1qmEwAoN I6YfETIfzyp+HYeRIiDeEOkNIQqkG/6W8SS0wo7Sj+ZlBxflyDiiRrSkDKgXppfv QR/UwICxtrEoNtuNfYzwcLilcw4ZV8pnUr2D0bMQ4Oc9llwvRViH/CR9v+wRPoWr 6VkhxqP44S89L2uu1gcivjAwxhB4Fm+biJEj/k/1Qs60OeClgx2LCnKKNrAmyCvy x35eZXEuAUokrf1ENPaUlKPksC+OQIRKFQXnFdDFQYQcT6kDfSUjcFVIGJfbsvhS zR6AZwQyOTDmx4wL1DOVjlJEn9NBtzAlzK1L7S3GVsw9k+QatuM4B4y5MwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD6VIbhZZYncbvxLPn/yD+fkAS9RMB8GA1UdIwQY MBaAFHW82RsbL5r0t0IUptZ4zgcZaOHPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2Qt MWMwNTc1NTI2OTFlLzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9jOWMwMzAtNTUzZS00MzBhLTk4N2QtMWMwNTc1NTI2OTFl LzEvZGJ6Wkd4c3ZtdlMzUWhTbTFuak9CeGxvNGM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABDIIdKeb ktBL8n8YHXlvyyXf9VHWcyeeAPT+/RDtcGgP0RKkTIxYzSDJwmmhNL4UDbnfDP1u 85s9fjdhWY0SDRxf5aCahv4b88Tiy+S8qqd3Mbctesj/DQLQ03KOeitJ7qCipfOX rXru9d4zPKkDzjZqPbDMnsgxw+0PrMPWLZIe93LL8qVsMXIEfx4gKQ9dQKl4b+MQ yA8KtYGQYoPaFE9RwjOIxPMH5WmHIdjKeL7RrAkagUzTzkDp019aXwfp2JjrF7aZ e44UyQF/2jtQJRazWhx+JJVL7S+WxTXMAGRIQWhoB5PhpNInfpcZu7xj+/C/PfJY JRqInveKWWLKtg== -----END CERTIFICATE-----Generated at Sat Dec 6 23:20:50 2025 by rpki-client