This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft File: d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json) Hash identifier: tuZNXJGJ4m2Gp+g4p9/81G8JcBQFTBUy3mAgfc93JWk= Subject key identifier: 23:DC:91:CB:A8:BE:43:63:5A:36:32:C7:0E:82:96:9B:AC:B3:82:11 Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31 Certificate issuer: /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031 Certificate serial: 019AF19B0145E8CE6689F640054A93F91500 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft Manifest number: 072A Signing time: Sat 06 Dec 2025 03:00:58 +0000 Manifest this update: Sat 06 Dec 2025 03:00:58 +0000 Manifest next update: Sun 07 Dec 2025 03:00:58 +0000 Files and hashes: 1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: GqbMBUgGFcqyqtJjs9E2zEbSk1fJ+X3tsdpCL42gmsc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:01:45:e8:ce:66:89:f6:40:05:4a:93:f9:15:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031 Validity Not Before: Dec 6 03:00:58 2025 GMT Not After : Dec 7 03:00:58 2025 GMT Subject: CN=23dc91cba8be43635a3632c70e82969bacb38211 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:64:e3:a4:5f:8b:d3:10:1d:54:6c:dc:02:4a: 53:27:bb:5c:d0:87:15:1f:c7:13:7a:0f:18:c5:37: eb:75:e7:ea:81:63:02:11:07:72:0a:4f:38:e7:5d: 27:66:4a:e5:53:e2:74:01:99:de:3b:f4:b7:38:64: 45:47:80:d2:50:8d:1c:58:c2:45:3c:55:b7:cb:f9: 2e:0c:a2:2a:c5:2a:17:6f:74:5f:56:3e:93:d9:81: 38:01:94:a0:1b:0c:20:12:d4:f7:d4:68:a7:2b:24: d7:4e:b2:a3:6b:f8:76:5f:9c:0e:c2:2c:6f:eb:ae: 0d:c6:3a:ea:dd:9f:f0:12:47:97:a8:8a:a3:3c:e9: ff:cd:01:54:62:c4:74:11:13:3e:b5:89:b5:aa:95: 81:79:19:87:1d:c8:e1:14:3b:4b:51:37:4d:6f:a8: da:f0:8f:c8:0e:20:58:01:76:dd:57:25:13:a5:13: b3:3a:34:4c:b0:04:ec:bb:ff:ac:68:d8:1d:02:46: 4e:4d:e5:26:7f:1b:bf:78:e6:6f:a8:ec:e9:65:1f: 9a:e9:6a:0b:65:eb:eb:b9:19:6b:50:f3:8f:f7:6b: 92:dd:90:85:68:20:69:8f:de:22:74:1f:f5:65:c9: 3a:6f:c7:fe:fd:f6:a3:0f:84:1f:6b:32:c6:60:29: 36:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:DC:91:CB:A8:BE:43:63:5A:36:32:C7:0E:82:96:9B:AC:B3:82:11 X509v3 Authority Key Identifier: keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:59:cf:e0:2c:e8:fa:e0:18:14:ad:6d:fb:e4:d8:7b:98:b9: c3:e7:10:11:43:d7:21:7d:f4:f8:01:9c:97:f3:12:e1:30:fd: 42:5c:b2:52:0e:5a:fc:b2:2a:f8:11:6b:b8:50:f7:ec:8e:55: 64:9a:8c:cd:c8:ee:4a:2a:cc:3d:dd:d1:93:4a:4c:7f:91:2b: df:ff:53:a5:f6:0a:c4:8b:e5:de:ee:31:7b:9d:2c:74:70:38: 0b:6e:ae:aa:01:85:42:ef:ab:38:1d:d7:8e:b2:c9:50:07:82: 46:89:2c:31:64:7e:55:2b:b4:9a:e4:34:c6:bc:36:0f:03:eb: 94:14:87:9e:40:d7:bb:b5:3f:81:29:77:90:69:dd:d2:4c:58: 12:63:7b:49:60:d7:86:9b:2b:0d:20:e8:74:c8:dd:b7:ac:ac: 2a:33:ba:21:70:7c:a2:d6:89:46:a0:96:7a:af:77:7d:31:20: 23:15:98:d6:e0:48:13:93:63:97:48:07:81:74:88:1c:dd:1b: b8:7e:c7:13:bd:82:29:4e:73:a7:fb:3c:d8:7d:e2:e2:c8:62: 2e:c8:01:01:32:b1:2a:08:e1:f0:cb:ce:6f:86:0b:c3:50:8f: 02:12:32:50:20:e1:ab:90:16:77:c3:a6:02:59:b9:bc:3b:7a: 54:12:9d:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmwFF6M5mifZABUqT+RUAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy MTYwMzEwHhcNMjUxMjA2MDMwMDU4WhcNMjUxMjA3MDMwMDU4WjAzMTEwLwYDVQQD EygyM2RjOTFjYmE4YmU0MzYzNWEzNjMyYzcwZTgyOTY5YmFjYjM4MjExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumTjpF+L0xAdVGzcAkpTJ7tc0IcV H8cTeg8YxTfrdefqgWMCEQdyCk84510nZkrlU+J0AZneO/S3OGRFR4DSUI0cWMJF PFW3y/kuDKIqxSoXb3RfVj6T2YE4AZSgGwwgEtT31GinKyTXTrKja/h2X5wOwixv 664Nxjrq3Z/wEkeXqIqjPOn/zQFUYsR0ERM+tYm1qpWBeRmHHcjhFDtLUTdNb6ja 8I/IDiBYAXbdVyUTpROzOjRMsATsu/+saNgdAkZOTeUmfxu/eOZvqOzpZR+a6WoL ZevruRlrUPOP92uS3ZCFaCBpj94idB/1Zck6b8f+/fajD4QfazLGYCk2vQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCPckcuovkNjWjYyxw6Clpuss4IRMB8GA1UdIwQY MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFnP4Czo +uAYFK1t++TYe5i5w+cQEUPXIX30+AGcl/MS4TD9QlyyUg5a/LIq+BFruFD37I5V ZJqMzcjuSirMPd3Rk0pMf5Er3/9TpfYKxIvl3u4xe50sdHA4C26uqgGFQu+rOB3X jrLJUAeCRoksMWR+VSu0muQ0xrw2DwPrlBSHnkDXu7U/gSl3kGnd0kxYEmN7SWDX hpsrDSDodMjdt6ysKjO6IXB8otaJRqCWeq93fTEgIxWY1uBIE5Njl0gHgXSIHN0b uH7HE72CKU5zp/s82H3i4shiLsgBATKxKgjh8MvOb4YLw1CPAhIyUCDhq5AWd8Om Alm5vDt6VBKdyw== -----END CERTIFICATE-----Generated at Sat Dec 6 13:47:24 2025 by rpki-client