This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft File: 29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json) Hash identifier: 4b5+hbNBulY6pgdVM63e2cS+j0dcp9JHL9aDtcCaNjc= Subject key identifier: 46:71:6D:EB:96:A2:48:D6:C4:4A:6E:C9:19:53:ED:DA:B9:1D:B6:B9 Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3 Certificate issuer: /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3 Certificate serial: 019AF31B27DC8E5C6A0759BB59809A19E251 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft Manifest number: 1017 Signing time: Sat 06 Dec 2025 10:00:34 +0000 Manifest this update: Sat 06 Dec 2025 10:00:34 +0000 Manifest next update: Sun 07 Dec 2025 10:00:34 +0000 Files and hashes: 1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: WZMrJZM7bTwZObe55XeRrjFg4uL7eIRLzvBHXNWs3Y8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:27:dc:8e:5c:6a:07:59:bb:59:80:9a:19:e2:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3 Validity Not Before: Dec 6 10:00:34 2025 GMT Not After : Dec 7 10:00:34 2025 GMT Subject: CN=46716deb96a248d6c44a6ec91953eddab91db6b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:7f:5c:36:50:27:e5:db:2b:c6:12:6d:ba:f4: 22:0c:62:04:5e:ca:8c:cc:a7:d1:49:96:a6:5c:d4: 41:90:7a:2f:12:64:65:15:2f:bc:e3:fb:3f:91:ef: 00:db:9c:6b:cf:51:dc:95:b5:a7:a7:7c:cc:48:f7: 76:9d:6c:7d:b7:dd:f8:77:b3:11:32:be:6e:40:65: c0:79:66:60:ca:41:ef:5b:02:39:00:1e:c2:cf:d1: f9:08:e4:05:9a:91:52:1e:85:47:66:44:a3:2e:a5: ab:b3:22:fe:b4:79:0b:1a:9e:e6:c8:88:3e:5d:82: 2e:36:cd:f6:6a:2d:89:82:39:ab:9f:b9:6b:b1:0f: 7d:bd:97:51:fc:c4:48:57:a9:0c:34:cb:37:ed:0f: 8d:d0:b1:c7:43:29:d4:f3:88:5d:f7:6d:75:f0:60: b0:86:9f:a3:e6:8a:b2:d3:59:7b:f8:d9:35:19:6a: e7:f6:09:23:dd:de:d1:25:3a:30:08:09:4c:c5:c6: 5a:34:94:db:dd:99:d8:8c:ab:95:07:3f:2d:e7:ac: ac:fc:cf:96:0e:b2:b7:55:49:8d:5e:76:50:d7:8d: a8:f6:c2:bb:b9:76:3c:5f:13:cd:28:97:1f:33:4c: f8:a2:4e:62:f5:11:49:4b:d6:66:85:2f:1e:b5:99: df:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:71:6D:EB:96:A2:48:D6:C4:4A:6E:C9:19:53:ED:DA:B9:1D:B6:B9 X509v3 Authority Key Identifier: keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:e1:1d:15:c2:83:c4:ff:86:78:2b:1b:7b:b6:48:a9:7a:79: f6:d6:2e:76:61:94:b1:a8:5e:f5:49:c4:57:e7:6a:06:71:f1: 80:ea:0a:f7:64:b6:b7:fc:38:74:a8:a7:ab:9d:db:e7:36:a8: 54:43:0a:34:89:cf:75:22:65:9e:3d:d0:92:b0:4b:f0:89:94: 8c:1e:5e:3d:6c:b7:92:50:c5:31:59:6c:00:30:81:ad:da:c5: 83:52:c0:5b:0b:3b:89:ab:56:2b:5e:94:50:02:4a:e6:98:11: 64:ff:4e:52:24:57:e6:81:0e:13:3f:36:b6:85:2f:cb:a1:8e: 3c:7d:78:c0:c8:d3:12:ec:4f:01:c0:0f:74:1c:3d:4e:99:4f: 01:e7:84:b2:47:c2:08:1a:1c:cc:f9:9c:eb:47:e0:40:58:ec: 45:11:58:a9:5f:1c:0f:46:1e:b1:bb:43:1e:30:60:8a:ae:62: fd:57:c2:63:a0:6e:66:25:cb:59:4a:aa:82:b3:0e:34:e3:06: 9a:42:a5:8b:3d:21:a9:12:82:70:89:23:fc:00:e7:5c:de:e8: aa:84:80:00:30:67:ba:70:24:11:9e:42:9a:aa:a3:8d:5e:3e: 7a:8b:d6:0f:21:a1:98:25:ab:b5:86:a9:08:67:b1:20:03:9b: f2:d1:10:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGyfcjlxqB1m7WYCaGeJRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk YmU3YzMwHhcNMjUxMjA2MTAwMDM0WhcNMjUxMjA3MTAwMDM0WjAzMTEwLwYDVQQD Eyg0NjcxNmRlYjk2YTI0OGQ2YzQ0YTZlYzkxOTUzZWRkYWI5MWRiNmI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH9cNlAn5dsrxhJtuvQiDGIEXsqM zKfRSZamXNRBkHovEmRlFS+84/s/ke8A25xrz1HclbWnp3zMSPd2nWx9t934d7MR Mr5uQGXAeWZgykHvWwI5AB7Cz9H5COQFmpFSHoVHZkSjLqWrsyL+tHkLGp7myIg+ XYIuNs32ai2Jgjmrn7lrsQ99vZdR/MRIV6kMNMs37Q+N0LHHQynU84hd92118GCw hp+j5oqy01l7+Nk1GWrn9gkj3d7RJTowCAlMxcZaNJTb3ZnYjKuVBz8t56ys/M+W DrK3VUmNXnZQ142o9sK7uXY8XxPNKJcfM0z4ok5i9RFJS9ZmhS8etZnf2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEZxbeuWokjWxEpuyRlT7dq5Hba5MB8GA1UdIwQY MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHOEdFcKD xP+GeCsbe7ZIqXp59tYudmGUsahe9UnEV+dqBnHxgOoK92S2t/w4dKinq53b5zao VEMKNInPdSJlnj3QkrBL8ImUjB5ePWy3klDFMVlsADCBrdrFg1LAWws7iatWK16U UAJK5pgRZP9OUiRX5oEOEz82toUvy6GOPH14wMjTEuxPAcAPdBw9TplPAeeEskfC CBoczPmc60fgQFjsRRFYqV8cD0YesbtDHjBgiq5i/VfCY6BuZiXLWUqqgrMONOMG mkKliz0hqRKCcIkj/ADnXN7oqoSAADBnunAkEZ5CmqqjjV4+eovWDyGhmCWrtYap CGexIAOb8tEQaA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:47:51 2025 by rpki-client