This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft File: D3Tlry-nIVykabJ8EHnx_9X8rvg.mft (raw, json) Hash identifier: 0ZI0HCMWmQ5nEDy/i6hhTMOsk6nCKqW4XEE4ToaIPcs= Subject key identifier: FB:2D:55:E2:31:8B:6A:67:4E:31:7C:70:0E:8E:AF:CB:91:6B:FD:5F Authority key identifier: 0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8 Certificate issuer: /CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8 Certificate serial: 019B40C873B6394374C69FE7E24CDB67335B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft Manifest number: 0619 Signing time: Sun 21 Dec 2025 12:00:37 +0000 Manifest this update: Sun 21 Dec 2025 12:00:37 +0000 Manifest next update: Mon 22 Dec 2025 12:00:37 +0000 Files and hashes: 1: D3Tlry-nIVykabJ8EHnx_9X8rvg.crl (hash: l0orWGcS9PSMaYPxQKb1+pfp9yaOG+nySlFo/wh6CWg=) 2: VDPfxaZNYgN6f0mgtDD2wmc6NUg.roa (hash: 0dxJ0L7unUdYddqR9bLGYECF59D15vEhelIex1V/ecQ=) 3: sllzpkHFh9mOLjlCML4tbQK0pwU.roa (hash: E6feljoCdpMR0hz/J2bpGEFeQDlLz1z/a780M0tQTGM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.crl rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:73:b6:39:43:74:c6:9f:e7:e2:4c:db:67:33:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8 Validity Not Before: Dec 21 12:00:37 2025 GMT Not After : Dec 22 12:00:37 2025 GMT Subject: CN=fb2d55e2318b6a674e317c700e8eafcb916bfd5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:80:af:ae:63:be:72:6e:9e:c4:6f:7a:e3:38: b5:45:54:72:ab:68:60:86:31:ad:ff:f6:c8:09:ea: 44:7b:95:31:6e:39:21:1b:38:29:3b:93:3e:fb:82: 49:88:ab:10:4a:2c:10:d4:94:5f:6b:70:dd:f5:9f: e2:18:66:5c:ff:47:ac:0b:6a:49:d1:8e:00:1c:28: 19:7d:23:ab:9d:0c:23:25:e2:72:29:8d:f5:c0:47: 60:6e:3e:5f:f5:ee:96:98:9c:f5:7e:b8:72:bf:05: 18:78:ec:56:76:5d:ad:d1:21:9a:e3:8e:a0:fc:72: 90:86:8b:5b:78:11:f5:3e:c4:6d:b1:66:17:85:8f: 7d:9a:91:ee:a4:13:b4:0a:2e:9e:32:44:4b:64:52: b8:48:de:6d:71:e5:b9:20:fe:8b:1c:13:34:10:54: 6e:6d:1c:db:2d:0d:02:1c:7a:55:50:9b:03:84:9d: de:ec:2d:90:6b:bd:bf:02:45:01:16:9b:c0:5d:eb: fc:94:d0:de:1b:79:5a:7a:74:f9:53:f0:a7:7c:65: 64:e8:07:47:d3:84:5c:71:47:fd:50:8e:d9:0f:af: b8:2e:cb:25:8a:98:55:f7:1e:ca:b0:1a:6c:4f:47: 58:fe:94:86:9a:e7:cd:6b:77:d1:30:dc:27:5f:ac: 52:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:2D:55:E2:31:8B:6A:67:4E:31:7C:70:0E:8E:AF:CB:91:6B:FD:5F X509v3 Authority Key Identifier: keyid:0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:bc:ce:ab:3e:2c:fa:5a:62:d6:af:ed:1a:60:f4:f8:62:61: 8f:57:9d:d5:af:99:4f:8b:4f:ae:24:93:16:39:63:df:75:29: 38:89:f7:77:29:6a:f2:36:e4:44:19:d1:d9:d6:fb:95:55:03: 19:4e:aa:0a:54:c7:a3:38:74:c4:69:82:68:9e:34:a5:97:98: 77:90:d7:0d:4d:c1:3e:c2:f5:f2:bb:a6:3b:7e:d2:01:f2:99: a8:f8:d3:8b:f2:56:0f:93:f0:49:f7:0d:33:cd:36:2b:b0:c2: 28:1e:38:4f:9a:a1:7d:c5:64:c2:ba:bc:90:4c:d2:72:79:2a: 42:72:69:fe:6c:89:aa:f2:e1:64:32:2f:09:f7:6c:66:78:6a: a4:02:f1:f4:69:29:5b:d4:98:4b:cb:d2:9f:6a:b6:37:e9:d1: fa:d1:88:50:c3:b1:58:0a:1c:4a:97:ca:5d:2f:ff:95:8f:e0: e1:80:d8:3b:8d:36:33:6f:d2:52:be:28:2c:70:fd:31:c9:f9: f6:94:f9:58:bd:53:55:42:05:ef:a9:72:d8:64:13:2a:ff:1f: df:72:6f:e2:6d:d9:05:87:a4:be:12:34:6e:00:0a:05:9d:ed: b1:d7:56:54:6a:12:44:2f:62:ee:cf:5e:fd:bb:08:87:e4:61: 61:11:21:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyHO2OUN0xp/n4kzbZzNbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNzRlNWFmMmZhNzIxNWNhNDY5YjI3YzEwNzlmMWZmZDVm Y2FlZjgwHhcNMjUxMjIxMTIwMDM3WhcNMjUxMjIyMTIwMDM3WjAzMTEwLwYDVQQD EyhmYjJkNTVlMjMxOGI2YTY3NGUzMTdjNzAwZThlYWZjYjkxNmJmZDVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwICvrmO+cm6exG964zi1RVRyq2hg hjGt//bICepEe5UxbjkhGzgpO5M++4JJiKsQSiwQ1JRfa3Dd9Z/iGGZc/0esC2pJ 0Y4AHCgZfSOrnQwjJeJyKY31wEdgbj5f9e6WmJz1frhyvwUYeOxWdl2t0SGa446g /HKQhotbeBH1PsRtsWYXhY99mpHupBO0Ci6eMkRLZFK4SN5tceW5IP6LHBM0EFRu bRzbLQ0CHHpVUJsDhJ3e7C2Qa72/AkUBFpvAXev8lNDeG3laenT5U/CnfGVk6AdH 04RccUf9UI7ZD6+4LssliphV9x7KsBpsT0dY/pSGmufNa3fRMNwnX6xS/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPstVeIxi2pnTjF8cA6Or8uRa/1fMB8GA1UdIwQY MBaAFA905a8vpyFcpGmyfBB58f/V/K74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUt ZWFiY2JjMDgzZjliLzEvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUtZWFiY2JjMDgzZjli LzEvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7zOqz4s +lpi1q/tGmD0+GJhj1ed1a+ZT4tPriSTFjlj33UpOIn3dylq8jbkRBnR2db7lVUD GU6qClTHozh0xGmCaJ40pZeYd5DXDU3BPsL18rumO37SAfKZqPjTi/JWD5PwSfcN M802K7DCKB44T5qhfcVkwrq8kEzScnkqQnJp/myJqvLhZDIvCfdsZnhqpALx9Gkp W9SYS8vSn2q2N+nR+tGIUMOxWAocSpfKXS//lY/g4YDYO402M2/SUr4oLHD9Mcn5 9pT5WL1TVUIF76ly2GQTKv8f33Jv4m3ZBYekvhI0bgAKBZ3tsddWVGoSRC9i7s9e /bsIh+RhYREhlQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:27:14 2025 by rpki-client