This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft File: DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json) Hash identifier: WPX1PNvKHU6NLfT3QAbU0Yu8BRttATCeo18yF/qVWD4= Subject key identifier: D0:27:B5:29:0C:CE:F3:54:6B:1F:41:C2:69:5F:2F:18:BD:E1:BA:61 Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90 Certificate issuer: /CN=0e85fd3c9f9558b218022ff409fc554faee79090 Certificate serial: 019B35693F0F4858B0DB8C6E3C28A5F37C72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft Manifest number: 1781 Signing time: Fri 19 Dec 2025 07:00:48 +0000 Manifest this update: Fri 19 Dec 2025 07:00:48 +0000 Manifest next update: Sat 20 Dec 2025 07:00:48 +0000 Files and hashes: 1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: Ury7JlpAR6gHg/o6k1eZzuB+MDyRnUoRUdu4LN7sbE0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:3f:0f:48:58:b0:db:8c:6e:3c:28:a5:f3:7c:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090 Validity Not Before: Dec 19 07:00:48 2025 GMT Not After : Dec 20 07:00:48 2025 GMT Subject: CN=d027b5290ccef3546b1f41c2695f2f18bde1ba61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:52:09:bc:1b:1e:d8:ce:46:13:69:e8:a3:26: 54:75:76:20:91:cd:c7:70:2c:6b:18:5e:58:af:88: dd:84:9c:19:5e:49:fd:a3:5d:b7:6d:57:bb:56:d9: d8:b3:46:8c:e3:c3:19:e6:19:d9:b2:39:59:d8:4f: cc:8d:1f:bf:9c:e7:83:e9:da:b2:a1:d5:2a:1c:85: 05:0a:92:79:18:60:20:fc:04:12:4a:e3:b8:fb:91: f1:b5:72:53:7e:bd:e5:ca:f5:d4:50:6f:2a:76:80: 1c:38:77:91:e3:ad:c8:fb:a0:96:d1:a1:4c:e0:f8: 2f:a9:68:20:0a:89:87:20:de:02:9a:df:75:cf:5d: 39:55:87:d5:7f:6d:6d:0d:9d:bc:8f:f3:f9:19:79: d4:ff:5e:82:e7:7b:b2:05:a1:39:31:2f:e4:db:a6: d2:b4:26:d5:d9:8d:21:e1:62:1c:40:61:43:a6:57: 69:f7:94:91:49:3f:8c:ec:8a:32:d3:a6:a7:a5:4c: cd:c5:ae:36:9b:b0:10:ae:e7:16:82:a8:b7:2f:1f: 55:5e:dd:94:68:32:dd:26:2e:cc:9c:09:83:44:cc: 00:45:25:9e:cb:c7:b1:3e:8a:29:75:70:d2:bd:14: 4e:c5:c5:65:ce:43:24:bc:68:75:d4:07:d4:1b:8d: 03:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:27:B5:29:0C:CE:F3:54:6B:1F:41:C2:69:5F:2F:18:BD:E1:BA:61 X509v3 Authority Key Identifier: keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:2c:f5:84:0e:e2:be:4e:b4:cc:91:6b:6d:14:4b:8c:99:fe: e3:dc:26:38:da:98:a1:6f:d3:7a:62:ec:91:b5:7a:7a:3e:f3: e1:f3:56:ec:06:1b:27:05:0f:d1:94:c0:a1:c0:92:a6:b4:ec: b0:c2:e3:a0:07:82:a6:58:70:22:67:c4:17:a4:60:b7:fd:95: 56:e4:8f:69:06:a5:0a:cf:ab:4b:5a:8b:09:4f:21:78:44:4b: b4:13:f1:d8:14:a0:ce:76:08:53:a6:10:17:52:84:23:c1:cd: 93:1c:69:1e:5b:09:fe:97:f8:f5:e5:67:94:9d:dc:fb:5d:8d: 1d:76:72:5d:ec:93:71:47:7f:d0:aa:ec:4c:01:1f:a0:68:e5: 5d:28:83:c5:cd:c3:4e:8b:10:14:26:a5:48:bb:6d:12:67:4e: 37:5e:ec:43:6f:46:26:d6:ec:45:63:52:f2:ea:f5:a7:d4:d9: a6:71:a7:bd:78:c7:3a:94:51:fb:01:4f:84:dc:c3:e4:bd:63: e9:90:57:27:28:5a:5c:49:e4:11:0c:c1:2d:df:1b:7c:73:af: fa:52:91:f7:7a:68:f1:ff:14:8f:9a:02:43:95:9b:cd:d1:08: 6d:08:b1:d6:b4:b1:3b:11:8b:c7:f3:e6:1c:35:a8:8f:25:a6: 7e:cd:b2:2a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1aT8PSFiw24xuPCil83xyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl NzkwOTAwHhcNMjUxMjE5MDcwMDQ4WhcNMjUxMjIwMDcwMDQ4WjAzMTEwLwYDVQQD EyhkMDI3YjUyOTBjY2VmMzU0NmIxZjQxYzI2OTVmMmYxOGJkZTFiYTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVIJvBse2M5GE2nooyZUdXYgkc3H cCxrGF5Yr4jdhJwZXkn9o123bVe7VtnYs0aM48MZ5hnZsjlZ2E/MjR+/nOeD6dqy odUqHIUFCpJ5GGAg/AQSSuO4+5HxtXJTfr3lyvXUUG8qdoAcOHeR463I+6CW0aFM 4PgvqWggComHIN4Cmt91z105VYfVf21tDZ28j/P5GXnU/16C53uyBaE5MS/k26bS tCbV2Y0h4WIcQGFDpldp95SRST+M7Ioy06anpUzNxa42m7AQrucWgqi3Lx9VXt2U aDLdJi7MnAmDRMwARSWey8exPoopdXDSvRROxcVlzkMkvGh11AfUG40DRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNAntSkMzvNUax9BwmlfLxi94bphMB8GA1UdIwQY MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaiz1hA7i vk60zJFrbRRLjJn+49wmONqYoW/TemLskbV6ej7z4fNW7AYbJwUP0ZTAocCSprTs sMLjoAeCplhwImfEF6Rgt/2VVuSPaQalCs+rS1qLCU8heERLtBPx2BSgznYIU6YQ F1KEI8HNkxxpHlsJ/pf49eVnlJ3c+12NHXZyXeyTcUd/0KrsTAEfoGjlXSiDxc3D TosQFCalSLttEmdON17sQ29GJtbsRWNS8ur1p9TZpnGnvXjHOpRR+wFPhNzD5L1j 6ZBXJyhaXEnkEQzBLd8bfHOv+lKR93po8f8Uj5oCQ5WbzdEIbQix1rSxOxGLx/Pm HDWojyWmfs2yKg== -----END CERTIFICATE-----Generated at Fri Dec 19 10:36:13 2025 by rpki-client