This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft File: d9LZKEIxBOXDSA4htKPtFJiyon4.mft (raw, json) Hash identifier: 1w2bxPKBf1TA+C4mKm6Pv3oAqgmm3mPrB+29SFHOV+Q= Subject key identifier: 67:48:F2:1E:F8:A9:1B:EF:76:1F:FD:DA:46:09:23:28:4D:E8:EE:35 Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e Certificate serial: 019B4814AC4992423DD8E0B79142EE3C9D66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft Manifest number: 0D06 Signing time: Mon 22 Dec 2025 22:01:12 +0000 Manifest this update: Mon 22 Dec 2025 22:01:12 +0000 Manifest next update: Tue 23 Dec 2025 22:01:12 +0000 Files and hashes: 1: HX3f5FZnDXBVPEnE5bxp-46XcDI.roa (hash: Cn4L/fOgVlSahDb0v8tdmodjivbISS4FJEJArlg0b+Y=) 2: d9LZKEIxBOXDSA4htKPtFJiyon4.crl (hash: lG6s7kPIYVSZF8RExT3rwtpKQSk9nn0EH5TaYAkQlIM=) 3: jKFJgU1IkNXTMlJ4fb3SLPhpIEs.roa (hash: gVNSWZlrE4CqYnhrjWkiPYyY6GBkTGDHd/hL4ezDiUs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:14:ac:49:92:42:3d:d8:e0:b7:91:42:ee:3c:9d:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e Validity Not Before: Dec 22 22:01:12 2025 GMT Not After : Dec 23 22:01:12 2025 GMT Subject: CN=6748f21ef8a91bef761ffdda460923284de8ee35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c5:b6:9f:84:26:28:2c:4e:e6:c6:7b:e5:12: 18:5b:db:8d:62:12:bf:a3:e0:5f:da:23:4f:bd:a9: 50:a2:b4:bb:a3:21:7e:85:5b:59:93:4b:e1:26:59: 79:c8:c3:29:6a:20:49:54:9d:c4:1c:2b:5d:51:26: 07:c1:9c:e8:5a:51:f3:d0:9f:c7:ff:4f:25:23:46: 18:37:4f:bf:72:29:c8:f2:9c:92:c5:35:09:d8:38: d6:2a:a1:4f:2c:68:24:f1:ef:c7:48:8b:92:49:ee: 50:b9:69:ad:21:c6:73:f9:f1:d8:36:0e:76:37:47: 1a:c8:e1:8a:23:62:e5:cf:b7:77:26:1f:8e:9c:8d: f1:76:db:0f:23:ef:8e:c7:38:98:be:03:9f:64:cd: 9f:7e:4d:0d:11:64:a0:9a:aa:f3:bd:21:3b:d1:c4: e0:11:c6:fb:a2:5b:99:2d:20:3f:e1:7b:ea:81:e5: 54:dc:c8:d8:c2:69:43:01:a5:4b:fc:a0:60:2e:54: 03:08:05:7f:fc:8a:e0:84:f0:58:bb:1d:12:fe:a2: d6:6e:02:d5:bd:d5:12:68:06:11:a1:a0:a6:b3:0b: a5:91:62:77:4d:42:18:43:39:a1:60:fe:99:e5:27: ac:2e:69:4f:4a:7c:b4:e4:de:6d:12:4a:2c:56:1b: f8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:48:F2:1E:F8:A9:1B:EF:76:1F:FD:DA:46:09:23:28:4D:E8:EE:35 X509v3 Authority Key Identifier: keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:7e:c0:1d:bb:ce:61:88:88:8e:2f:5d:2a:78:2e:0e:fd:22: c1:a1:8b:47:19:3e:21:69:86:19:3b:08:0c:88:ed:16:63:94: 26:d4:e1:c7:62:58:88:8e:4e:65:ba:6b:8f:c3:70:19:39:18: 57:2f:5e:81:77:36:f8:8c:2b:43:e2:62:60:c0:b2:ee:8b:ea: 00:4a:6b:1b:6c:8e:c8:b0:ec:53:d0:a7:62:38:e1:f8:10:75: 33:86:53:fb:b8:0d:9a:5f:ff:01:ae:ea:ba:57:6a:f1:64:49: 2b:ae:9c:2a:ce:c7:ad:39:70:71:00:c2:e6:32:a9:5f:a5:82: e6:ae:23:59:2b:74:59:f0:4f:29:27:08:41:a1:26:cd:64:ce: 69:ea:2c:5c:a7:fe:34:91:7a:9a:28:f3:41:f7:0d:90:5f:99: 7f:1c:77:40:81:9f:f4:8f:e8:dc:16:6d:e4:7e:7b:89:e3:b2: 9b:f1:4b:ac:9c:30:1c:df:7c:a0:58:ca:93:65:ec:b6:54:c7: f2:5f:9a:25:9a:c0:a7:79:59:b4:09:38:8c:ea:e4:28:27:9d: 5c:36:ef:c4:ac:d3:1c:a9:19:bd:22:89:61:15:9e:4b:59:75: ae:cd:a8:ff:86:56:6a:e9:fe:a4:fe:19:84:22:ec:1f:b1:62: cf:0f:18:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFKxJkkI92OC3kULuPJ1mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi MmEyN2UwHhcNMjUxMjIyMjIwMTEyWhcNMjUxMjIzMjIwMTEyWjAzMTEwLwYDVQQD Eyg2NzQ4ZjIxZWY4YTkxYmVmNzYxZmZkZGE0NjA5MjMyODRkZThlZTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMW2n4QmKCxO5sZ75RIYW9uNYhK/ o+Bf2iNPvalQorS7oyF+hVtZk0vhJll5yMMpaiBJVJ3EHCtdUSYHwZzoWlHz0J/H /08lI0YYN0+/cinI8pySxTUJ2DjWKqFPLGgk8e/HSIuSSe5QuWmtIcZz+fHYNg52 N0cayOGKI2Llz7d3Jh+OnI3xdtsPI++OxziYvgOfZM2ffk0NEWSgmqrzvSE70cTg Ecb7oluZLSA/4XvqgeVU3MjYwmlDAaVL/KBgLlQDCAV//IrghPBYux0S/qLWbgLV vdUSaAYRoaCmswulkWJ3TUIYQzmhYP6Z5SesLmlPSny05N5tEkosVhv4JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGdI8h74qRvvdh/92kYJIyhN6O41MB8GA1UdIwQY MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt NDg4NzkyMzg4ZTViLzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAn7AHbvO YYiIji9dKnguDv0iwaGLRxk+IWmGGTsIDIjtFmOUJtThx2JYiI5OZbprj8NwGTkY Vy9egXc2+IwrQ+JiYMCy7ovqAEprG2yOyLDsU9CnYjjh+BB1M4ZT+7gNml//Aa7q uldq8WRJK66cKs7HrTlwcQDC5jKpX6WC5q4jWSt0WfBPKScIQaEmzWTOaeosXKf+ NJF6mijzQfcNkF+Zfxx3QIGf9I/o3BZt5H57ieOym/FLrJwwHN98oFjKk2XstlTH 8l+aJZrAp3lZtAk4jOrkKCedXDbvxKzTHKkZvSKJYRWeS1l1rs2o/4ZWaun+pP4Z hCLsH7Fizw8Y7Q== -----END CERTIFICATE-----Generated at Tue Dec 23 07:54:41 2025 by rpki-client