This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft File: DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json) Hash identifier: ncjz+d3hN/phSIH3MmIyWenNjl/BovoS7+nDRZQUGgY= Subject key identifier: 11:00:A3:C6:BF:D7:A9:EA:47:89:06:7E:1E:51:12:CF:E5:E9:C1:74 Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 Certificate issuer: /CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Certificate serial: 019B34C5FA4FEC61923AD31E080BF1E8D598 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft Manifest number: 1712 Signing time: Fri 19 Dec 2025 04:02:28 +0000 Manifest this update: Fri 19 Dec 2025 04:02:28 +0000 Manifest next update: Sat 20 Dec 2025 04:02:28 +0000 Files and hashes: 1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: Lv2d9QLV9DBlcBQXghsupF3magIbQVRl87vJFVHDNAA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:fa:4f:ec:61:92:3a:d3:1e:08:0b:f1:e8:d5:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Validity Not Before: Dec 19 04:02:28 2025 GMT Not After : Dec 20 04:02:28 2025 GMT Subject: CN=1100a3c6bfd7a9ea4789067e1e5112cfe5e9c174 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:74:70:bd:5f:38:25:d2:1c:7a:5d:11:e2:a5: 5d:e0:8d:83:bc:b6:37:38:f0:98:ed:3c:fa:a3:67: 53:22:4f:91:df:c8:92:ce:87:ce:c0:d4:2b:51:46: 60:31:87:16:24:76:82:31:1f:b4:a9:f6:34:f7:4e: 5e:c5:15:61:fa:f6:55:0d:a4:ab:70:3e:f3:9e:d8: 0d:20:4d:38:16:75:89:11:bb:b2:f8:a4:5d:69:0f: 87:1c:c4:32:bd:38:e1:18:d1:c1:a3:53:d3:e3:ed: 04:24:92:9d:c2:cb:f7:05:9e:01:ed:09:cf:8e:82: 48:d2:a9:36:5d:3a:ba:2f:4c:55:42:d8:53:a0:10: 05:5f:d0:53:fb:f4:3c:11:fb:a8:de:46:1f:4f:a4: 8e:bf:54:c3:87:7b:0a:e6:5e:76:d6:ce:ca:f5:36: ae:68:b4:a2:d6:83:df:b6:5b:21:79:5c:30:3f:ac: 38:8d:d4:83:d8:a7:e5:5a:f6:1c:5a:9f:de:d2:2a: 11:d1:82:a9:fe:6f:45:5f:b2:99:27:bc:16:6f:1b: 4c:5a:56:62:e2:43:29:89:65:46:dc:8f:d7:2c:fe: 88:7b:57:ae:96:01:88:ab:29:13:ca:08:4d:ed:0d: ba:ff:e3:4d:a4:5b:9c:0e:8f:07:20:1e:ed:43:6a: c2:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:00:A3:C6:BF:D7:A9:EA:47:89:06:7E:1E:51:12:CF:E5:E9:C1:74 X509v3 Authority Key Identifier: keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:1c:6d:4b:f4:10:1d:53:f1:15:17:3c:d3:cc:27:30:e9:43: 99:b7:1c:c0:1c:ec:31:69:2f:b7:69:58:6b:00:e4:14:68:8a: b7:6e:a6:8e:dd:6e:06:0d:55:6f:1e:d0:97:e0:a5:37:b2:23: 7c:4b:c2:f3:a8:69:eb:93:95:0d:58:1b:4f:de:8b:dd:2d:c1: 50:1c:ad:89:6e:c9:ea:19:34:ba:4a:f7:50:1d:ec:e5:0f:04: 68:ea:86:99:aa:aa:85:6b:fe:a9:eb:72:be:51:97:38:e3:5c: e5:2f:ca:77:e3:41:b1:2c:2e:b0:6d:d8:48:70:a5:97:f9:f2: 1f:b2:e4:db:c0:42:d1:f7:87:f3:4b:9a:55:f8:15:af:78:24: 65:a3:8b:1f:92:14:1f:e3:0d:e5:d9:0b:e5:58:b2:ac:bd:8b: a7:52:8d:5a:15:29:09:db:14:07:b3:b1:f5:6a:71:78:20:bf: 03:0d:d3:47:80:37:ba:10:38:83:73:c6:15:81:c2:08:1b:ce: 4a:35:9d:08:ca:2f:3e:92:a5:35:41:48:39:ad:e6:72:54:f9: 95:b3:a1:a0:77:51:e6:f6:f7:15:fc:46:09:fb:8d:62:5c:d0: 3a:e1:47:94:83:03:02:c0:a2:5f:c7:e7:29:94:f0:b8:8d:28: ee:ea:d9:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xfpP7GGSOtMeCAvx6NWYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh NDlkNDEwHhcNMjUxMjE5MDQwMjI4WhcNMjUxMjIwMDQwMjI4WjAzMTEwLwYDVQQD EygxMTAwYTNjNmJmZDdhOWVhNDc4OTA2N2UxZTUxMTJjZmU1ZTljMTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3RwvV84JdIcel0R4qVd4I2DvLY3 OPCY7Tz6o2dTIk+R38iSzofOwNQrUUZgMYcWJHaCMR+0qfY0905exRVh+vZVDaSr cD7zntgNIE04FnWJEbuy+KRdaQ+HHMQyvTjhGNHBo1PT4+0EJJKdwsv3BZ4B7QnP joJI0qk2XTq6L0xVQthToBAFX9BT+/Q8Efuo3kYfT6SOv1TDh3sK5l521s7K9Tau aLSi1oPftlsheVwwP6w4jdSD2KflWvYcWp/e0ioR0YKp/m9FX7KZJ7wWbxtMWlZi 4kMpiWVG3I/XLP6Ie1eulgGIqykTyghN7Q26/+NNpFucDo8HIB7tQ2rCdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBEAo8a/16nqR4kGfh5REs/l6cF0MB8GA1UdIwQY MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBxtS/QQ HVPxFRc808wnMOlDmbccwBzsMWkvt2lYawDkFGiKt26mjt1uBg1Vbx7Ql+ClN7Ij fEvC86hp65OVDVgbT96L3S3BUBytiW7J6hk0ukr3UB3s5Q8EaOqGmaqqhWv+qety vlGXOONc5S/Kd+NBsSwusG3YSHCll/nyH7Lk28BC0feH80uaVfgVr3gkZaOLH5IU H+MN5dkL5ViyrL2Lp1KNWhUpCdsUB7Ox9WpxeCC/Aw3TR4A3uhA4g3PGFYHCCBvO SjWdCMovPpKlNUFIOa3mclT5lbOhoHdR5vb3FfxGCfuNYlzQOuFHlIMDAsCiX8fn KZTwuI0o7urZeA== -----END CERTIFICATE-----Generated at Fri Dec 19 07:52:21 2025 by rpki-client