This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft File: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json) Hash identifier: OzM+KYXAavN+ULjcKhFmEPGV7zA5UqGfw6uRRVYP8O0= Subject key identifier: EA:25:71:17:26:87:BD:82:B1:4D:50:C2:60:C4:8B:3F:01:10:A3:A4 Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84 Certificate issuer: /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84 Certificate serial: 019B5976D0AE0962FB0E7F1A393B79D3A244 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft Manifest number: 124C Signing time: Fri 26 Dec 2025 07:01:57 +0000 Manifest this update: Fri 26 Dec 2025 07:01:57 +0000 Manifest next update: Sat 27 Dec 2025 07:01:57 +0000 Files and hashes: 1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: 1XfnIbxmO/AHjXugtzBivXNcHtwjhmTZLUxQZkmXN/I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:d0:ae:09:62:fb:0e:7f:1a:39:3b:79:d3:a2:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84 Validity Not Before: Dec 26 07:01:57 2025 GMT Not After : Dec 27 07:01:57 2025 GMT Subject: CN=ea2571172687bd82b14d50c260c48b3f0110a3a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0f:9f:f3:65:dd:48:b3:97:36:21:fe:97:0c: 8f:06:45:80:e9:ff:dc:8d:ab:f9:d8:0f:ce:cb:ba: 9f:b8:42:29:a0:24:a2:17:6b:4d:27:18:b1:87:49: c0:4c:8b:9c:cb:17:ee:55:fb:82:a7:7d:52:df:90: bc:76:f8:b4:c0:73:14:e0:50:f7:b6:78:ab:35:67: ae:44:60:97:b2:40:2a:d6:b3:ed:73:8f:cf:4a:aa: d9:c8:23:fb:49:64:28:1c:37:0c:ac:16:2e:df:16: 54:ea:9b:81:f0:f8:5c:86:b8:65:49:4a:5d:ef:30: d4:40:e4:a0:f4:98:b7:92:52:fe:23:a8:08:a2:69: 08:64:51:9c:71:33:97:78:1e:a3:71:6b:f4:e7:a6: b1:a7:05:99:df:6d:ce:de:97:23:3e:34:66:98:b6: 81:f5:ef:36:36:0a:cd:39:23:44:10:d4:64:d8:49: ff:03:dc:54:64:0b:3a:eb:96:eb:9e:32:30:9f:53: d1:1c:e2:85:b2:8d:89:d2:c9:95:f5:5a:be:5d:91: 82:87:9c:6a:25:74:fa:38:b9:4c:14:1d:b4:32:15: 18:98:2b:74:61:af:1a:14:a8:aa:3d:be:9e:4e:7c: b2:13:04:37:7a:c6:fa:26:c1:d3:ff:e4:ff:de:84: 17:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:25:71:17:26:87:BD:82:B1:4D:50:C2:60:C4:8B:3F:01:10:A3:A4 X509v3 Authority Key Identifier: keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:27:fe:b7:8c:51:41:48:05:54:8f:5a:b5:4d:8c:30:f2:c9: e6:86:ce:ca:ed:83:bb:80:37:af:b9:59:d6:aa:18:61:9b:3e: fd:42:57:db:37:dc:19:59:78:e6:64:24:3c:c2:57:4b:f5:f7: d4:1c:10:3d:c4:a1:c1:51:ea:b4:b5:51:f9:1e:8a:d2:8b:61: 6c:fc:b7:fc:61:88:36:1f:d6:68:3f:e3:6f:b4:85:58:87:38: c3:5d:2f:ef:b3:fb:c7:14:87:d7:5a:36:d0:8a:e0:3e:34:19: 91:e4:8b:6a:7f:01:e1:16:d1:34:8a:64:47:4d:36:27:aa:9c: d4:ad:a7:8c:a6:ac:1c:af:dc:15:b1:59:d0:45:0e:a4:d4:b1: b0:42:45:ad:24:6f:d3:78:31:ba:b7:b2:b9:17:70:4a:63:73: 20:03:8e:02:f7:fc:6e:24:1b:ca:6c:52:1f:21:5d:1e:bb:af: d7:6e:fc:0a:c2:b1:ad:aa:61:5a:a8:90:90:c4:03:4d:1a:2a: 17:2f:ea:c5:13:e5:83:d8:97:e0:9a:a5:f5:06:7c:6d:4b:cf: 3c:12:00:32:a2:05:2f:51:8a:ac:78:2b:9d:73:f9:b9:34:33: 83:8c:42:ba:e2:dc:1a:f3:66:51:76:79:f7:f9:77:ae:7a:60: 42:02:48:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdtCuCWL7Dn8aOTt506JEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi NTRjODQwHhcNMjUxMjI2MDcwMTU3WhcNMjUxMjI3MDcwMTU3WjAzMTEwLwYDVQQD EyhlYTI1NzExNzI2ODdiZDgyYjE0ZDUwYzI2MGM0OGIzZjAxMTBhM2E0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg+f82XdSLOXNiH+lwyPBkWA6f/c jav52A/Oy7qfuEIpoCSiF2tNJxixh0nATIucyxfuVfuCp31S35C8dvi0wHMU4FD3 tnirNWeuRGCXskAq1rPtc4/PSqrZyCP7SWQoHDcMrBYu3xZU6puB8PhchrhlSUpd 7zDUQOSg9Ji3klL+I6gIomkIZFGccTOXeB6jcWv056axpwWZ323O3pcjPjRmmLaB 9e82NgrNOSNEENRk2En/A9xUZAs665brnjIwn1PRHOKFso2J0smV9Vq+XZGCh5xq JXT6OLlMFB20MhUYmCt0Ya8aFKiqPb6eTnyyEwQ3esb6JsHT/+T/3oQXCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOolcRcmh72CsU1QwmDEiz8BEKOkMB8GA1UdIwQY MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoyf+t4xR QUgFVI9atU2MMPLJ5obOyu2Du4A3r7lZ1qoYYZs+/UJX2zfcGVl45mQkPMJXS/X3 1BwQPcShwVHqtLVR+R6K0othbPy3/GGINh/WaD/jb7SFWIc4w10v77P7xxSH11o2 0IrgPjQZkeSLan8B4RbRNIpkR002J6qc1K2njKasHK/cFbFZ0EUOpNSxsEJFrSRv 03gxureyuRdwSmNzIAOOAvf8biQbymxSHyFdHruv1278CsKxraphWqiQkMQDTRoq Fy/qxRPlg9iX4Jql9QZ8bUvPPBIAMqIFL1GKrHgrnXP5uTQzg4xCuuLcGvNmUXZ5 9/l3rnpgQgJI/w== -----END CERTIFICATE-----Generated at Fri Dec 26 14:06:12 2025 by rpki-client