This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft File: DlNS2UQbZcIBbtjrfi8jWVRDT10.mft (raw, json) Hash identifier: tI0Eg9dYXCdjds75VMOzWJoMcFXKnkr3MzKDUT6h4Lw= Subject key identifier: CB:96:51:3B:02:DF:32:60:A7:34:F0:3B:6E:DD:2D:8A:93:16:DE:65 Authority key identifier: 0E:53:52:D9:44:1B:65:C2:01:6E:D8:EB:7E:2F:23:59:54:43:4F:5D Certificate issuer: /CN=0e5352d9441b65c2016ed8eb7e2f235954434f5d Certificate serial: 019B390F4EEB5161B87CA90BEA5A5D871C82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DlNS2UQbZcIBbtjrfi8jWVRDT10.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft Manifest number: 032D Signing time: Sat 20 Dec 2025 00:01:03 +0000 Manifest this update: Sat 20 Dec 2025 00:01:03 +0000 Manifest next update: Sun 21 Dec 2025 00:01:03 +0000 Files and hashes: 1: DlNS2UQbZcIBbtjrfi8jWVRDT10.crl (hash: Gf5YPgJgq0ZYTybVS3shSbohbEpExzDZOb8FOElBDvU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft rsync://rpki.ripe.net/repository/DEFAULT/DlNS2UQbZcIBbtjrfi8jWVRDT10.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:0f:4e:eb:51:61:b8:7c:a9:0b:ea:5a:5d:87:1c:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e5352d9441b65c2016ed8eb7e2f235954434f5d Validity Not Before: Dec 20 00:01:03 2025 GMT Not After : Dec 21 00:01:03 2025 GMT Subject: CN=cb96513b02df3260a734f03b6edd2d8a9316de65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:da:22:be:72:a9:fe:b6:0a:ce:e3:8b:42:cd: aa:a4:1c:7c:3d:0a:1e:69:d8:12:7b:a3:96:0c:18: 07:49:d8:10:16:3a:24:f9:92:e2:aa:b7:00:a0:08: 8f:98:93:6f:9b:11:89:f2:52:33:66:56:2e:a8:81: 55:46:32:bd:13:34:98:9f:75:6f:4c:b0:d8:a7:91: 08:7b:d9:3d:8f:8b:a6:ae:70:25:55:d2:72:8f:2e: 70:dd:68:9a:65:76:91:2d:3e:77:a2:c7:80:fd:67: 19:d1:1d:97:07:98:5d:4c:c0:d4:6b:83:e7:7c:2c: 1f:9c:0b:92:06:45:b7:94:9d:a6:fb:c9:83:8f:6b: 35:b4:b5:5d:ef:0b:e0:c7:37:38:fe:d2:ef:78:f7: b0:98:f4:63:3d:e0:62:15:b4:74:c7:53:88:03:e0: 2f:f8:6b:1a:d0:a2:34:28:47:68:5b:eb:9d:a0:c8: c0:43:60:2d:4d:88:c2:4d:c7:33:7d:6f:bb:b6:f4: cf:52:2c:8b:8d:4d:f2:e7:59:e4:65:d3:63:fb:5d: db:09:27:7a:4d:53:ca:87:14:a4:fe:d6:bb:f4:f3: 39:a5:52:8a:cf:db:92:e1:94:ab:bd:02:ac:99:28: 3d:0c:c5:0c:9c:59:5f:4c:5e:3e:ed:c2:86:8b:65: 54:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:96:51:3B:02:DF:32:60:A7:34:F0:3B:6E:DD:2D:8A:93:16:DE:65 X509v3 Authority Key Identifier: keyid:0E:53:52:D9:44:1B:65:C2:01:6E:D8:EB:7E:2F:23:59:54:43:4F:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DlNS2UQbZcIBbtjrfi8jWVRDT10.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:39:ff:8b:d6:3d:df:ab:9a:73:06:78:77:83:fc:91:a5:3f: dd:e8:92:37:f5:71:27:f6:19:fd:2d:0a:4d:06:79:59:a5:f0: 57:f8:b9:95:92:7d:59:86:4c:ec:45:c5:0b:e4:04:39:93:22: 95:41:58:6f:47:c6:c1:fa:27:3d:cd:e2:8f:68:54:41:29:a9: af:42:23:6f:7f:31:00:e1:bf:c9:d1:d1:eb:2d:bb:c5:b8:f9: da:f7:3b:55:8d:12:d1:89:86:e6:1a:e7:8c:df:ca:90:9d:b7: 69:4a:0d:30:13:80:e7:fd:29:c3:3d:b5:e6:8e:75:e8:9e:3f: e4:a7:24:5e:52:66:7d:bd:bc:c5:df:63:4e:75:37:a8:43:df: d2:ef:c0:9d:ec:16:43:79:95:9b:ac:76:a9:32:5d:bf:b1:43: 9b:7e:df:5d:45:e2:be:f7:52:64:5b:db:3f:61:0e:8b:b0:f0: 67:04:af:10:b3:19:2e:34:ca:7e:44:14:61:52:ee:d9:94:53: 82:fb:0c:46:5f:c1:21:ce:7d:68:4a:43:90:f0:74:f8:28:ee: eb:e6:02:0e:3b:23:03:71:28:7b:2f:0f:f7:c1:f8:27:c2:d9: 65:e2:d2:35:8b:b8:5a:46:7f:9f:d9:4f:bc:af:49:41:38:72: 98:89:b2:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5D07rUWG4fKkL6lpdhxyCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNTM1MmQ5NDQxYjY1YzIwMTZlZDhlYjdlMmYyMzU5NTQ0 MzRmNWQwHhcNMjUxMjIwMDAwMTAzWhcNMjUxMjIxMDAwMTAzWjAzMTEwLwYDVQQD EyhjYjk2NTEzYjAyZGYzMjYwYTczNGYwM2I2ZWRkMmQ4YTkzMTZkZTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NoivnKp/rYKzuOLQs2qpBx8PQoe adgSe6OWDBgHSdgQFjok+ZLiqrcAoAiPmJNvmxGJ8lIzZlYuqIFVRjK9EzSYn3Vv TLDYp5EIe9k9j4umrnAlVdJyjy5w3WiaZXaRLT53oseA/WcZ0R2XB5hdTMDUa4Pn fCwfnAuSBkW3lJ2m+8mDj2s1tLVd7wvgxzc4/tLvePewmPRjPeBiFbR0x1OIA+Av +Gsa0KI0KEdoW+udoMjAQ2AtTYjCTcczfW+7tvTPUiyLjU3y51nkZdNj+13bCSd6 TVPKhxSk/ta79PM5pVKKz9uS4ZSrvQKsmSg9DMUMnFlfTF4+7cKGi2VUHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMuWUTsC3zJgpzTwO27dLYqTFt5lMB8GA1UdIwQY MBaAFA5TUtlEG2XCAW7Y634vI1lUQ09dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGxOUzJVUWJaY0lCYnRqcmZpOGpXVlJEVDEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xZjU2ODEtYjEwNS00ZmYxLTliZjQt YWRjNTZkNDNlMGM0LzEvRGxOUzJVUWJaY0lCYnRqcmZpOGpXVlJEVDEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS8xZjU2ODEtYjEwNS00ZmYxLTliZjQtYWRjNTZkNDNlMGM0 LzEvRGxOUzJVUWJaY0lCYnRqcmZpOGpXVlJEVDEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXTn/i9Y9 36uacwZ4d4P8kaU/3eiSN/VxJ/YZ/S0KTQZ5WaXwV/i5lZJ9WYZM7EXFC+QEOZMi lUFYb0fGwfonPc3ij2hUQSmpr0Ijb38xAOG/ydHR6y27xbj52vc7VY0S0YmG5hrn jN/KkJ23aUoNMBOA5/0pwz215o516J4/5KckXlJmfb28xd9jTnU3qEPf0u/AnewW Q3mVm6x2qTJdv7FDm37fXUXivvdSZFvbP2EOi7DwZwSvELMZLjTKfkQUYVLu2ZRT gvsMRl/BIc59aEpDkPB0+Cju6+YCDjsjA3Eoey8P98H4J8LZZeLSNYu4WkZ/n9lP vK9JQThymImyJw== -----END CERTIFICATE-----Generated at Sat Dec 20 01:54:23 2025 by rpki-client