This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft File: Dkbx623dT_7-GDgAMCvmNs_pZTc.mft (raw, json) Hash identifier: EfE3+ar+KFc6BdLszvASmF7w/Bydl5FQx66+pL6YtI0= Subject key identifier: C8:53:81:16:34:89:82:50:03:67:63:AD:2D:4C:36:2C:82:C6:61:20 Authority key identifier: 0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37 Certificate issuer: /CN=0e46f1eb6ddd4ffefe183800302be636cfe96537 Certificate serial: 019AF12E15FFF13FED3C3A6F4EA2F998C113 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 01:02:00 +0000 Manifest this update: Sat 06 Dec 2025 01:02:00 +0000 Manifest next update: Sun 07 Dec 2025 01:02:00 +0000 Files and hashes: 1: Dkbx623dT_7-GDgAMCvmNs_pZTc.crl (hash: fW7miPnDjk+7p+Gw4mtLC1f/x8i8KD789CUCJhetbaM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:15:ff:f1:3f:ed:3c:3a:6f:4e:a2:f9:98:c1:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e46f1eb6ddd4ffefe183800302be636cfe96537 Validity Not Before: Dec 6 01:02:00 2025 GMT Not After : Dec 7 01:02:00 2025 GMT Subject: CN=c853811634898250036763ad2d4c362c82c66120 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:59:7e:a8:2e:0a:6d:92:21:4f:bd:93:0c:c0: a0:da:c6:30:54:7a:5a:c8:a8:85:a7:08:1a:07:cd: 0c:50:4d:72:47:59:2b:1f:70:a2:ba:78:ad:82:0e: 76:03:e7:4d:b5:5a:83:37:c8:28:08:ca:fd:04:17: c1:53:05:2b:88:86:bd:69:65:f6:d1:cb:2b:c1:50: 46:47:0d:10:fc:b5:dd:8d:c8:dd:39:c4:81:dd:d0: 07:4b:c1:c5:fa:9d:0a:54:b3:e1:99:48:b6:26:f6: b8:7d:79:38:b9:4b:a4:b2:63:f5:92:0a:82:cb:e5: ae:64:c5:49:56:d4:04:db:c7:8f:de:43:3c:1e:d1: 9f:03:93:87:5b:a7:d4:42:9f:9e:91:8d:41:03:96: ec:84:fe:c8:fd:c2:3d:77:33:7b:77:2e:0d:c3:d4: 4d:b3:fb:c5:8e:6b:7f:0f:a3:39:99:bf:dd:fa:96: 8b:b3:e3:9a:58:b2:b3:41:15:c7:e8:46:0c:b7:a3: 86:70:16:02:0f:02:e5:70:45:db:80:4d:86:4e:69: 89:e7:fb:ff:b6:3b:b6:fb:5b:e5:e4:32:e8:f1:74: d2:62:88:14:81:bc:a4:2c:8e:d1:f4:4d:e5:49:97: aa:86:54:15:3e:12:9d:9a:bc:d0:98:02:59:a9:c1: ba:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:53:81:16:34:89:82:50:03:67:63:AD:2D:4C:36:2C:82:C6:61:20 X509v3 Authority Key Identifier: keyid:0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:7f:10:02:e3:2b:c4:5f:74:15:b7:f1:42:a7:12:cb:4d:59: e5:95:24:95:13:7f:59:f2:44:57:48:d6:5f:df:95:91:83:94: 38:0a:1e:78:a2:9a:77:06:5d:12:99:3f:d2:75:57:95:07:b4: 4d:d7:08:3c:4a:12:02:41:46:9b:05:60:a5:59:a1:80:69:15: f0:66:9d:41:e0:83:67:42:aa:cc:62:db:93:fc:fe:7f:bd:e5: b1:d7:58:cf:0c:46:93:e4:21:f3:c0:0d:bf:61:d2:fa:78:36: 57:6f:65:56:ac:84:f1:78:dc:b8:55:1a:9d:7d:1d:42:fe:bc: 67:55:e4:16:37:ab:97:95:f9:37:43:c4:df:65:d9:55:62:88: f2:fc:ad:74:2a:5a:4d:07:d9:9a:79:72:df:b9:28:32:08:b6: 95:0b:3b:87:ca:8a:06:7f:b6:04:ea:a0:43:4c:94:c5:06:18: 20:2b:96:cd:83:fa:9f:c0:fc:43:eb:8a:69:9f:b9:7a:89:1f: 02:df:f2:e3:9a:7b:52:cc:4f:d2:10:42:16:54:e3:96:01:b3: 7e:f8:5c:c4:5f:dd:23:8d:ce:b4:86:43:68:0a:a5:39:a1:f1: 27:63:d3:8d:32:e3:c9:20:c1:8e:99:c1:ed:3f:88:43:92:a5: 95:48:9c:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLhX/8T/tPDpvTqL5mMETMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNDZmMWViNmRkZDRmZmVmZTE4MzgwMDMwMmJlNjM2Y2Zl OTY1MzcwHhcNMjUxMjA2MDEwMjAwWhcNMjUxMjA3MDEwMjAwWjAzMTEwLwYDVQQD EyhjODUzODExNjM0ODk4MjUwMDM2NzYzYWQyZDRjMzYyYzgyYzY2MTIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVl+qC4KbZIhT72TDMCg2sYwVHpa yKiFpwgaB80MUE1yR1krH3Ciunitgg52A+dNtVqDN8goCMr9BBfBUwUriIa9aWX2 0csrwVBGRw0Q/LXdjcjdOcSB3dAHS8HF+p0KVLPhmUi2Jva4fXk4uUuksmP1kgqC y+WuZMVJVtQE28eP3kM8HtGfA5OHW6fUQp+ekY1BA5bshP7I/cI9dzN7dy4Nw9RN s/vFjmt/D6M5mb/d+paLs+OaWLKzQRXH6EYMt6OGcBYCDwLlcEXbgE2GTmmJ5/v/ tju2+1vl5DLo8XTSYogUgbykLI7R9E3lSZeqhlQVPhKdmrzQmAJZqcG6dQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMhTgRY0iYJQA2djrS1MNiyCxmEgMB8GA1UdIwQY MBaAFA5G8ett3U/+/hg4ADAr5jbP6WU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzct ZjRmY2VkMzViMzUyLzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzctZjRmY2VkMzViMzUy LzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjn8QAuMr xF90FbfxQqcSy01Z5ZUklRN/WfJEV0jWX9+VkYOUOAoeeKKadwZdEpk/0nVXlQe0 TdcIPEoSAkFGmwVgpVmhgGkV8GadQeCDZ0KqzGLbk/z+f73lsddYzwxGk+Qh88AN v2HS+ng2V29lVqyE8XjcuFUanX0dQv68Z1XkFjerl5X5N0PE32XZVWKI8vytdCpa TQfZmnly37koMgi2lQs7h8qKBn+2BOqgQ0yUxQYYICuWzYP6n8D8Q+uKaZ+5eokf At/y45p7UsxP0hBCFlTjlgGzfvhcxF/dI43OtIZDaAqlOaHxJ2PTjTLjySDBjpnB 7T+IQ5KllUicfg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:52:20 2025 by rpki-client