This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft File: dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft (raw, json) Hash identifier: X4sSbpgC8jrFDXL6KY5AaxoQZ8sO2SClZs0Frw2yTRs= Subject key identifier: 0C:6A:9B:25:A1:1C:5C:68:33:22:A1:A2:45:72:99:4C:CE:FF:D4:22 Authority key identifier: 76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66 Certificate issuer: /CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366 Certificate serial: 019AF31C246E0EE342AFE64ADBD510FA0A28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft Manifest number: 058D Signing time: Sat 06 Dec 2025 10:01:38 +0000 Manifest this update: Sat 06 Dec 2025 10:01:38 +0000 Manifest next update: Sun 07 Dec 2025 10:01:38 +0000 Files and hashes: 1: dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl (hash: +Fr4SF1/a9ZekBEFr6CvGbIzIPFilo1H4WqgBWdpsq0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:24:6e:0e:e3:42:af:e6:4a:db:d5:10:fa:0a:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366 Validity Not Before: Dec 6 10:01:38 2025 GMT Not After : Dec 7 10:01:38 2025 GMT Subject: CN=0c6a9b25a11c5c683322a1a24572994cceffd422 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:eb:53:a2:dd:92:4d:4d:2c:92:2e:21:39:bc: 8c:9f:48:dd:b6:a2:a0:b8:3d:1a:a1:77:bc:75:ee: da:c0:db:e6:fb:b5:20:5e:51:c9:a9:6f:94:20:9f: 91:f7:08:dc:c9:f5:3a:6c:67:d5:a9:13:45:23:ab: 98:10:59:e5:dd:9d:98:9b:46:53:77:5b:bd:b2:2e: cb:4c:d4:70:15:8c:cc:39:7e:d5:25:5f:7a:a3:bd: 48:6d:61:12:fd:39:40:96:b1:40:a6:25:15:90:21: bb:43:c1:e1:00:2e:53:64:31:e4:59:dc:13:39:62: 86:de:37:c5:41:9d:2f:f0:2d:ae:9c:d4:66:29:79: 94:25:b0:c1:9b:27:f7:39:b8:af:2b:8d:f4:32:df: 70:d6:7d:32:74:e3:6f:db:ff:85:05:d8:1c:8c:38: 8b:d7:30:17:8a:50:9c:ab:70:e9:e1:4e:ce:78:de: 37:b9:95:2e:95:e2:a6:98:d7:1f:a3:d8:61:23:81: fe:37:ac:d9:1a:41:31:eb:7c:1c:9d:49:a1:06:6d: 2e:02:72:8c:e5:33:53:6c:69:2f:99:ef:be:49:29: 4b:64:89:67:ec:2f:1e:9d:1e:3f:76:b4:7e:90:52: 62:07:25:16:1f:00:d7:d3:a8:84:94:6a:f1:37:26: eb:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:6A:9B:25:A1:1C:5C:68:33:22:A1:A2:45:72:99:4C:CE:FF:D4:22 X509v3 Authority Key Identifier: keyid:76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:e0:9b:21:37:25:61:2e:ee:bf:1c:19:3a:d1:12:a1:07:e1: 84:61:04:c3:53:ba:a2:74:1b:71:ac:60:b9:ef:16:6d:c0:62: 2e:c9:79:47:34:1f:0d:28:6e:5f:9d:c8:ff:aa:dd:85:7a:2b: 09:9f:0e:ef:2e:af:75:7c:0c:19:19:de:81:da:55:86:78:73: 18:17:b7:b4:5a:d6:58:48:52:1f:98:b7:e0:64:10:dd:28:ff: ed:b9:2b:78:1f:23:7e:db:7a:82:99:61:cb:a6:74:51:a3:23: bc:1a:90:e6:92:e5:0a:29:44:b6:87:e0:92:f5:5a:08:17:ee: 3a:ee:2a:1b:17:1d:73:e9:89:01:16:2a:91:99:40:e0:c3:6a: 95:04:02:ec:6a:0a:d5:86:4b:43:2e:ab:c2:6b:21:81:2e:c7: 3f:e7:dd:13:a2:73:6e:56:1f:ae:3a:ca:8d:d4:3f:04:dc:7d: 14:7a:b2:75:04:c2:b4:ab:5f:90:93:d1:b9:af:34:4f:06:7c: 18:e0:7b:12:4a:3f:86:b2:38:93:34:45:13:a9:f3:ac:0f:dc: 24:cb:a6:6b:c9:b2:48:f2:55:2d:05:4a:9d:38:e7:82:5a:6a: df:23:7b:34:62:cf:d0:18:69:fe:8c:24:31:f7:0d:c2:82:11: 10:67:6b:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHCRuDuNCr+ZK29UQ+gooMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2MDdmNjlkZWU0M2FjMDFkN2RmZWFjYTliNzZhMjQwZWE2 ZWYzNjYwHhcNMjUxMjA2MTAwMTM4WhcNMjUxMjA3MTAwMTM4WjAzMTEwLwYDVQQD EygwYzZhOWIyNWExMWM1YzY4MzMyMmExYTI0NTcyOTk0Y2NlZmZkNDIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOtTot2STU0ski4hObyMn0jdtqKg uD0aoXe8de7awNvm+7UgXlHJqW+UIJ+R9wjcyfU6bGfVqRNFI6uYEFnl3Z2Ym0ZT d1u9si7LTNRwFYzMOX7VJV96o71IbWES/TlAlrFApiUVkCG7Q8HhAC5TZDHkWdwT OWKG3jfFQZ0v8C2unNRmKXmUJbDBmyf3ObivK430Mt9w1n0ydONv2/+FBdgcjDiL 1zAXilCcq3Dp4U7OeN43uZUuleKmmNcfo9hhI4H+N6zZGkEx63wcnUmhBm0uAnKM 5TNTbGkvme++SSlLZIln7C8enR4/drR+kFJiByUWHwDX06iElGrxNybrDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAxqmyWhHFxoMyKhokVymUzO/9QiMB8GA1UdIwQY MBaAFHYH9p3uQ6wB19/qypt2okDqbvNmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTct YzAyNDNhM2JkYWZiLzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTctYzAyNDNhM2JkYWZi LzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+CbITcl YS7uvxwZOtESoQfhhGEEw1O6onQbcaxgue8WbcBiLsl5RzQfDShuX53I/6rdhXor CZ8O7y6vdXwMGRnegdpVhnhzGBe3tFrWWEhSH5i34GQQ3Sj/7bkreB8jftt6gplh y6Z0UaMjvBqQ5pLlCilEtofgkvVaCBfuOu4qGxcdc+mJARYqkZlA4MNqlQQC7GoK 1YZLQy6rwmshgS7HP+fdE6JzblYfrjrKjdQ/BNx9FHqydQTCtKtfkJPRua80TwZ8 GOB7Eko/hrI4kzRFE6nzrA/cJMuma8mySPJVLQVKnTjnglpq3yN7NGLP0Bhp/owk MfcNwoIREGdrsg== -----END CERTIFICATE-----Generated at Sat Dec 6 17:27:53 2025 by rpki-client