This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft File: 28lQCYQ2KBzuVCoedFRlUeHlUoM.mft (raw, json) Hash identifier: 8+qrYig9yQMUbcME4iU0iA3EnwmPm4z+JJhoLZt6hdA= Subject key identifier: B6:2A:9B:D6:5E:67:81:68:B0:30:11:B0:4D:45:1E:C2:C9:CC:DB:A2 Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83 Certificate issuer: /CN=dbc950098436281cee542a1e74546551e1e55283 Certificate serial: 019B0D8092A03AC5F07E0A1D83D4D36A050E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft Manifest number: 1772 Signing time: Thu 11 Dec 2025 13:01:28 +0000 Manifest this update: Thu 11 Dec 2025 13:01:28 +0000 Manifest next update: Fri 12 Dec 2025 13:01:28 +0000 Files and hashes: 1: 28lQCYQ2KBzuVCoedFRlUeHlUoM.crl (hash: IKIDPYWfaHIRB/h64+BxydN6e8Lr9s2GBaeYQNgu55c=) 2: 5OG6iGTbUMv4yreuCzltBDVdDTU.roa (hash: B8Cg7jxvmm1JBGJPeKqbsREjncwII7bdGdlW3Ml3/PA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 13:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:80:92:a0:3a:c5:f0:7e:0a:1d:83:d4:d3:6a:05:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dbc950098436281cee542a1e74546551e1e55283 Validity Not Before: Dec 11 13:01:28 2025 GMT Not After : Dec 12 13:01:28 2025 GMT Subject: CN=b62a9bd65e678168b03011b04d451ec2c9ccdba2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:79:c7:d0:7f:62:35:40:1e:b0:a8:28:a9:01: 98:5a:8e:0c:d8:92:fa:6b:87:c3:87:3b:b2:32:3e: fd:b0:f1:1a:fc:1e:9e:fc:0c:32:26:a0:c5:3a:68: e9:3d:01:f6:4f:f4:c2:cf:47:27:3a:af:8a:7c:b2: c2:22:3d:de:c2:be:93:7f:f2:41:63:d0:7a:45:ba: b7:5f:92:3e:2e:4d:df:6c:ae:ed:f0:6c:e9:e7:13: 36:f2:32:de:13:93:44:07:3b:2d:ee:6b:e3:39:0f: 60:56:f4:ef:36:e9:35:89:d8:90:64:0f:e0:2a:d9: 54:10:36:25:07:7b:2c:ab:27:c4:f1:ae:cc:0b:2b: bc:72:71:99:f9:ba:1e:86:a9:a2:21:2c:03:0d:9a: 26:68:66:e1:a6:9c:01:f7:8a:ac:71:20:28:33:96: 63:c4:b3:5d:45:eb:32:37:79:ed:e8:dd:6f:ae:fc: 6b:c9:f6:df:ba:e9:cd:ce:6f:e0:73:47:6f:df:dd: 61:8c:66:00:af:32:32:ce:88:cc:df:d5:44:65:37: 11:99:2c:36:8c:c9:10:89:02:d0:3e:ac:36:58:0f: 7e:7d:ec:26:ad:e9:97:5a:14:47:1c:b2:7e:fb:42: 42:e4:f2:a2:18:df:d0:2d:da:42:44:63:a7:59:38: 6e:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:2A:9B:D6:5E:67:81:68:B0:30:11:B0:4D:45:1E:C2:C9:CC:DB:A2 X509v3 Authority Key Identifier: keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:5b:3b:c5:b9:5e:13:68:ef:0f:63:d9:ce:47:ea:23:f0:66: 6e:8b:6a:60:78:41:75:55:03:70:d4:1d:57:12:94:35:ae:44: 82:06:f9:b7:3f:82:c7:51:2d:4e:7e:8c:27:2e:00:cb:25:33: e1:85:2b:8a:c0:dc:5b:b5:cf:a5:1a:f3:4e:f4:dd:4c:69:d1: c6:d2:b7:83:e3:fc:b1:c6:aa:c4:f5:e7:5c:01:ae:16:44:96: 30:c3:83:15:1f:61:b7:b8:27:24:07:0e:a1:3f:3a:a8:df:0d: 3a:57:ce:a8:b2:9a:19:72:0c:9e:bb:1b:a8:79:48:c0:4d:4b: ca:45:42:4e:5c:76:52:b5:df:f6:b0:af:ea:92:54:94:9f:7f: 56:52:fe:6e:47:b1:8c:4a:c0:a1:01:9d:db:00:de:ee:26:52: ec:bb:4f:1b:52:76:fa:05:f6:f5:e4:bb:1b:fe:f2:ea:a0:13: 23:91:0a:58:ea:06:b6:d5:34:fb:d0:db:e5:f1:de:2e:d7:bf: e3:62:76:93:40:12:be:e3:0a:2b:3d:11:a7:cf:c5:11:2b:36: 5c:c1:30:15:cf:10:45:42:9a:21:da:52:43:82:00:a9:a1:a1: 43:84:e1:cb:83:12:5e:4e:89:ae:35:f1:47:46:22:1a:d0:ba: db:13:c9:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsNgJKgOsXwfgodg9TTagUOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl NTUyODMwHhcNMjUxMjExMTMwMTI4WhcNMjUxMjEyMTMwMTI4WjAzMTEwLwYDVQQD EyhiNjJhOWJkNjVlNjc4MTY4YjAzMDExYjA0ZDQ1MWVjMmM5Y2NkYmEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXnH0H9iNUAesKgoqQGYWo4M2JL6 a4fDhzuyMj79sPEa/B6e/AwyJqDFOmjpPQH2T/TCz0cnOq+KfLLCIj3ewr6Tf/JB Y9B6Rbq3X5I+Lk3fbK7t8Gzp5xM28jLeE5NEBzst7mvjOQ9gVvTvNuk1idiQZA/g KtlUEDYlB3ssqyfE8a7MCyu8cnGZ+boehqmiISwDDZomaGbhppwB94qscSAoM5Zj xLNdResyN3nt6N1vrvxryfbfuunNzm/gc0dv391hjGYArzIyzojM39VEZTcRmSw2 jMkQiQLQPqw2WA9+fewmremXWhRHHLJ++0JC5PKiGN/QLdpCRGOnWThueQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLYqm9ZeZ4FosDARsE1FHsLJzNuiMB8GA1UdIwQY MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt ZjQ3ZTE2OTI2NmMyLzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGls7xble E2jvD2PZzkfqI/BmbotqYHhBdVUDcNQdVxKUNa5Eggb5tz+Cx1EtTn6MJy4AyyUz 4YUrisDcW7XPpRrzTvTdTGnRxtK3g+P8scaqxPXnXAGuFkSWMMODFR9ht7gnJAcO oT86qN8NOlfOqLKaGXIMnrsbqHlIwE1LykVCTlx2UrXf9rCv6pJUlJ9/VlL+bkex jErAoQGd2wDe7iZS7LtPG1J2+gX29eS7G/7y6qATI5EKWOoGttU0+9Db5fHeLte/ 42J2k0ASvuMKKz0Rp8/FESs2XMEwFc8QRUKaIdpSQ4IAqaGhQ4Thy4MSXk6JrjXx R0YiGtC62xPJCg== -----END CERTIFICATE-----Generated at Thu Dec 11 23:06:35 2025 by rpki-client