This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft File: dCadQgSZl1rpNPNM45WTgRTJuns.mft (raw, json) Hash identifier: 0reqeSAbzFW44dqI7zSF+u5W6Luxw3EkHhiPo4oIqFE= Subject key identifier: F4:0F:3B:45:A6:C9:CF:61:D7:EA:E9:D9:FD:6D:0B:19:5C:3B:D2:B8 Authority key identifier: 74:26:9D:42:04:99:97:5A:E9:34:F3:4C:E3:95:93:81:14:C9:BA:7B Certificate issuer: /CN=74269d420499975ae934f34ce395938114c9ba7b Certificate serial: 019AF12D5F780683DC0444FDABA13AD88193 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCadQgSZl1rpNPNM45WTgRTJuns.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft Manifest number: 12B5 Signing time: Sat 06 Dec 2025 01:01:13 +0000 Manifest this update: Sat 06 Dec 2025 01:01:13 +0000 Manifest next update: Sun 07 Dec 2025 01:01:13 +0000 Files and hashes: 1: dCadQgSZl1rpNPNM45WTgRTJuns.crl (hash: a75PirvuMfkLCn1dBTE7lgvydE8jimL5YdWHauKT4AY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft rsync://rpki.ripe.net/repository/DEFAULT/dCadQgSZl1rpNPNM45WTgRTJuns.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:5f:78:06:83:dc:04:44:fd:ab:a1:3a:d8:81:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74269d420499975ae934f34ce395938114c9ba7b Validity Not Before: Dec 6 01:01:13 2025 GMT Not After : Dec 7 01:01:13 2025 GMT Subject: CN=f40f3b45a6c9cf61d7eae9d9fd6d0b195c3bd2b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f4:15:4a:6c:95:9b:a2:d9:c0:38:28:c8:52: 30:ea:af:76:de:e2:8d:8d:aa:cd:94:55:9d:0e:ae: fd:dc:ad:a6:1c:20:38:ec:fc:19:c6:56:37:f3:e8: 3d:ea:ab:73:f6:e0:c6:d0:e3:6a:98:6b:a2:da:cb: 87:05:3b:50:0d:78:66:c1:25:3b:5c:b9:a9:24:84: 1a:d7:3b:92:22:12:fe:75:99:25:4a:75:32:b4:74: 79:0a:ca:ed:c6:4f:b7:b3:6f:d5:31:6b:e1:c5:f0: 59:8a:da:32:2e:91:68:32:d0:be:d8:32:50:4d:98: cd:13:8b:74:8e:53:b3:75:92:58:77:c9:ce:9a:9c: 86:7f:7d:29:d7:fa:22:8b:db:ac:ac:4b:db:ce:f2: 0d:a4:52:60:d8:f5:81:b8:57:62:b3:1a:db:07:cb: 57:92:23:6b:32:f9:76:43:7d:63:cc:0f:db:2e:62: 1d:a2:84:84:e2:1f:ce:62:97:72:21:96:04:61:67: f0:ee:bc:d2:ad:90:d6:d6:86:d7:ae:b3:e7:55:71: 2f:98:35:6f:25:da:05:8c:55:cd:c6:51:7f:c3:74: 02:12:03:2a:d6:13:ef:39:88:fb:56:d7:0f:87:db: 9c:c0:d6:f1:31:c2:8f:07:79:fc:43:85:17:78:d5: 55:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:0F:3B:45:A6:C9:CF:61:D7:EA:E9:D9:FD:6D:0B:19:5C:3B:D2:B8 X509v3 Authority Key Identifier: keyid:74:26:9D:42:04:99:97:5A:E9:34:F3:4C:E3:95:93:81:14:C9:BA:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCadQgSZl1rpNPNM45WTgRTJuns.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:71:e3:7c:12:16:04:a0:bf:95:3a:69:44:25:bb:f6:88:f4: d6:f3:41:e6:98:bf:48:d9:2c:bf:8e:01:34:2b:36:32:f8:f8: 87:bf:7c:51:b9:e7:c2:fc:84:cd:d3:26:46:13:bc:78:0a:0e: 94:39:1b:09:5f:6c:59:61:75:71:31:13:5b:2e:5d:12:54:0a: 53:b7:ba:4a:2e:17:86:87:0e:c4:7a:56:84:30:82:af:17:e0: b8:4a:75:e7:79:f2:41:9f:a1:60:20:c6:b7:ef:4e:18:e4:13: 87:6e:3f:d6:16:6d:c8:b7:93:48:3e:26:93:10:79:0c:e3:01: f7:d7:c0:81:b4:15:f2:57:cc:93:ad:69:03:3b:6f:ab:c8:2c: 2f:a8:88:a2:3d:cc:8d:78:5e:3b:80:7a:c8:77:ed:65:07:f9: 44:c4:4c:ab:12:2e:78:f6:f2:81:b7:9a:4b:31:93:8f:60:9f: 77:54:25:6b:cf:52:e6:65:91:f4:60:c2:f7:86:0f:df:b2:be: 82:e0:73:d3:64:79:9a:86:de:23:02:0b:fc:e7:fc:d7:75:81: 3a:af:00:dd:e7:1d:f1:66:fa:d5:7c:b6:05:2d:63:b7:39:82: 2a:22:c5:17:b5:04:10:25:72:6d:4c:68:28:56:5b:72:35:c3: 6e:5f:51:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLV94BoPcBET9q6E62IGTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0MjY5ZDQyMDQ5OTk3NWFlOTM0ZjM0Y2UzOTU5MzgxMTRj OWJhN2IwHhcNMjUxMjA2MDEwMTEzWhcNMjUxMjA3MDEwMTEzWjAzMTEwLwYDVQQD EyhmNDBmM2I0NWE2YzljZjYxZDdlYWU5ZDlmZDZkMGIxOTVjM2JkMmI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvQVSmyVm6LZwDgoyFIw6q923uKN jarNlFWdDq793K2mHCA47PwZxlY38+g96qtz9uDG0ONqmGui2suHBTtQDXhmwSU7 XLmpJIQa1zuSIhL+dZklSnUytHR5Csrtxk+3s2/VMWvhxfBZitoyLpFoMtC+2DJQ TZjNE4t0jlOzdZJYd8nOmpyGf30p1/oii9usrEvbzvINpFJg2PWBuFdisxrbB8tX kiNrMvl2Q31jzA/bLmIdooSE4h/OYpdyIZYEYWfw7rzSrZDW1obXrrPnVXEvmDVv JdoFjFXNxlF/w3QCEgMq1hPvOYj7VtcPh9ucwNbxMcKPB3n8Q4UXeNVVrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPQPO0Wmyc9h1+rp2f1tCxlcO9K4MB8GA1UdIwQY MBaAFHQmnUIEmZda6TTzTOOVk4EUybp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZENhZFFnU1psMXJwTlBOTTQ1V1RnUlRKdW5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80OWQ4MTMtMmQ5ZS00NGI2LTk3YmEt ZWE5YzJjNTIyMmZiLzEvZENhZFFnU1psMXJwTlBOTTQ1V1RnUlRKdW5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC80OWQ4MTMtMmQ5ZS00NGI2LTk3YmEtZWE5YzJjNTIyMmZi LzEvZENhZFFnU1psMXJwTlBOTTQ1V1RnUlRKdW5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANnHjfBIW BKC/lTppRCW79oj01vNB5pi/SNksv44BNCs2Mvj4h798UbnnwvyEzdMmRhO8eAoO lDkbCV9sWWF1cTETWy5dElQKU7e6Si4XhocOxHpWhDCCrxfguEp153nyQZ+hYCDG t+9OGOQTh24/1hZtyLeTSD4mkxB5DOMB99fAgbQV8lfMk61pAztvq8gsL6iIoj3M jXheO4B6yHftZQf5RMRMqxIuePbygbeaSzGTj2Cfd1Qla89S5mWR9GDC94YP37K+ guBz02R5mobeIwIL/Of813WBOq8A3ecd8Wb61Xy2BS1jtzmCKiLFF7UEECVybUxo KFZbcjXDbl9Ryg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:23 2025 by rpki-client