This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft File: D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json) Hash identifier: AUgvVik9DuzyEK65o+VGfH0/ZNVy+k6DPZczpBw2a6A= Subject key identifier: 1C:7E:54:AA:E5:8F:FE:2D:F5:28:B1:91:4C:E0:48:CA:FF:2E:AA:16 Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37 Certificate issuer: /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637 Certificate serial: 019AF19B899245F3ED33BFF35C2578C7F35E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft Manifest number: 02D0 Signing time: Sat 06 Dec 2025 03:01:33 +0000 Manifest this update: Sat 06 Dec 2025 03:01:33 +0000 Manifest next update: Sun 07 Dec 2025 03:01:33 +0000 Files and hashes: 1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: d8f1SaEk5rO6tzW24yOtvxHhZwUDzcOXMqptOMPfZZQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:89:92:45:f3:ed:33:bf:f3:5c:25:78:c7:f3:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637 Validity Not Before: Dec 6 03:01:33 2025 GMT Not After : Dec 7 03:01:33 2025 GMT Subject: CN=1c7e54aae58ffe2df528b1914ce048caff2eaa16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:dd:4c:ca:bb:77:8f:f5:38:8f:7a:8a:94:12: 98:03:eb:57:59:cd:5c:54:d0:3a:41:f5:52:99:e8: b1:5d:95:06:78:45:72:d0:f8:ee:94:84:9f:49:52: 22:3c:ea:e9:fa:f3:cd:ed:c8:21:c8:7d:53:2d:b3: 89:3d:74:bb:88:e8:f8:27:93:68:bc:c4:58:2d:48: 7e:44:35:74:c7:e3:a4:76:64:bd:a6:c6:d0:17:98: ff:b0:32:cd:67:46:56:9e:d2:be:1d:6d:6c:e4:52: 5c:ae:04:6d:4e:64:7d:ca:37:ed:b3:ae:6b:07:3a: c7:16:25:9b:c1:ee:da:92:20:dd:63:2b:f3:d0:57: 6d:83:bb:e6:b8:44:22:83:80:2c:c6:4c:17:d7:85: bf:3a:37:b7:77:f1:9a:0d:c1:3f:3c:0f:06:fa:84: ee:66:66:dd:bf:33:4c:ec:10:db:32:74:51:69:25: bf:e4:fb:66:1d:34:2b:65:86:44:20:01:50:ee:b1: 25:a5:3d:82:a1:9d:8e:34:3a:f8:16:b3:44:0f:a8: 65:1d:ca:39:37:49:df:1f:63:71:1b:c6:73:9d:a4: ed:b0:61:3b:38:1e:77:14:50:b7:3a:12:23:8a:91: 84:6c:cc:d8:2e:97:58:a4:0e:e9:d4:96:28:20:81: d1:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:7E:54:AA:E5:8F:FE:2D:F5:28:B1:91:4C:E0:48:CA:FF:2E:AA:16 X509v3 Authority Key Identifier: keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:06:e5:0f:f7:86:f6:1f:a5:b7:03:ec:05:e1:75:ae:c1:af: 69:c7:b8:19:32:ff:71:92:c9:1c:dc:ab:20:98:4c:6c:4b:07: 17:bc:87:04:e1:c7:b8:6b:20:5a:ac:9c:9e:1d:a4:24:f7:c2: 1f:85:74:7f:c7:78:6a:9a:8b:28:51:6c:41:40:bd:60:2a:1f: dc:f6:d4:64:62:f8:bc:11:e2:6f:49:cf:57:5d:be:a6:bd:0b: 0b:ab:09:ae:04:55:3f:b4:49:2d:c9:9d:d9:42:96:69:dc:ae: cd:d3:e3:18:f8:51:44:2d:d8:a5:00:10:26:88:c2:14:fd:4f: 7e:b8:aa:d2:46:aa:26:f5:16:94:79:b7:83:11:ed:cd:b0:3d: 5f:8d:6e:57:a5:5b:f6:52:1a:fb:03:e9:a2:d5:79:e8:70:76: c4:82:08:74:49:09:9d:2a:03:eb:fe:2f:c6:a9:53:46:4e:10: 7e:03:f4:2d:39:92:f1:b6:5c:a6:60:2b:d6:94:6c:12:33:d1: 4e:1e:3c:d4:fd:bd:7f:18:52:fc:95:a9:fa:da:ef:f3:02:cf: 92:63:3a:f6:11:ea:a6:5e:5f:91:04:a4:cc:d7:bc:f9:7d:a9: 06:eb:43:71:97:47:73:d4:74:3d:24:58:6e:61:56:41:fb:5d: 92:c3:19:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm4mSRfPtM7/zXCV4x/NeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy YjM2MzcwHhcNMjUxMjA2MDMwMTMzWhcNMjUxMjA3MDMwMTMzWjAzMTEwLwYDVQQD EygxYzdlNTRhYWU1OGZmZTJkZjUyOGIxOTE0Y2UwNDhjYWZmMmVhYTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN1Myrt3j/U4j3qKlBKYA+tXWc1c VNA6QfVSmeixXZUGeEVy0PjulISfSVIiPOrp+vPN7cghyH1TLbOJPXS7iOj4J5No vMRYLUh+RDV0x+OkdmS9psbQF5j/sDLNZ0ZWntK+HW1s5FJcrgRtTmR9yjfts65r BzrHFiWbwe7akiDdYyvz0Fdtg7vmuEQig4AsxkwX14W/Oje3d/GaDcE/PA8G+oTu ZmbdvzNM7BDbMnRRaSW/5PtmHTQrZYZEIAFQ7rElpT2CoZ2ONDr4FrNED6hlHco5 N0nfH2NxG8ZznaTtsGE7OB53FFC3OhIjipGEbMzYLpdYpA7p1JYoIIHRQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBx+VKrlj/4t9SixkUzgSMr/LqoWMB8GA1UdIwQY MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwblD/eG 9h+ltwPsBeF1rsGvace4GTL/cZLJHNyrIJhMbEsHF7yHBOHHuGsgWqycnh2kJPfC H4V0f8d4apqLKFFsQUC9YCof3PbUZGL4vBHib0nPV12+pr0LC6sJrgRVP7RJLcmd 2UKWadyuzdPjGPhRRC3YpQAQJojCFP1Pfriq0kaqJvUWlHm3gxHtzbA9X41uV6Vb 9lIa+wPpotV56HB2xIIIdEkJnSoD6/4vxqlTRk4QfgP0LTmS8bZcpmAr1pRsEjPR Th481P29fxhS/JWp+trv8wLPkmM69hHqpl5fkQSkzNe8+X2pButDcZdHc9R0PSRY bmFWQftdksMZMw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:12 2025 by rpki-client