This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft File: dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json) Hash identifier: h/w4iwNkYEOpYzjLM8+8IcLv1me18/B5eVEJwGsjp/g= Subject key identifier: A3:85:E4:5C:98:D8:78:DA:D5:9C:A7:B4:24:57:2E:1D:1B:8E:BC:32 Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16 Certificate issuer: /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316 Certificate serial: 019B424A476456FB48E4D23C767A71C42317 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft Manifest number: 1788 Signing time: Sun 21 Dec 2025 19:02:02 +0000 Manifest this update: Sun 21 Dec 2025 19:02:02 +0000 Manifest next update: Mon 22 Dec 2025 19:02:02 +0000 Files and hashes: 1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: vcUlcIF9ELg/RmCYckYcEpoUbS6ZsC4prCb7iThGhn0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:47:64:56:fb:48:e4:d2:3c:76:7a:71:c4:23:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316 Validity Not Before: Dec 21 19:02:02 2025 GMT Not After : Dec 22 19:02:02 2025 GMT Subject: CN=a385e45c98d878dad59ca7b424572e1d1b8ebc32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:75:f2:bb:50:d4:30:4c:f4:b3:4f:53:77:6e: d7:af:03:ae:88:45:44:f5:d5:4e:de:1a:59:56:81: 1f:fe:c1:23:0e:c5:03:7d:23:3f:2f:ce:d1:97:91: 20:21:ef:40:0a:23:52:07:ee:94:94:62:dc:09:f8: 03:6f:e8:c2:33:4f:3a:49:90:6f:2b:c0:72:08:7d: 1f:ec:af:1b:5e:bc:32:d3:5b:ca:c8:e5:dc:7e:43: 86:17:54:c9:ce:fd:ba:87:09:0c:ed:57:c8:3a:85: 11:4b:7d:a6:16:28:4e:09:ca:f9:9d:fd:da:45:02: 73:0b:1a:ed:df:a6:2c:0f:b1:b0:72:ca:f7:3e:20: c2:74:ab:1a:55:25:bb:06:cd:72:b8:e7:15:17:42: e0:99:d1:69:7e:8d:39:9e:52:0c:a4:a0:98:54:0c: 16:35:da:1d:7d:fd:a6:8f:27:59:f5:65:09:9b:f3: 04:86:6c:c6:d1:89:5c:f3:ea:3a:c2:6a:e4:6f:39: f8:5f:4a:90:cf:24:af:9a:1d:ce:ff:08:4d:dc:0f: b4:0d:a6:db:e9:42:dc:a1:18:28:52:fb:cf:be:45: f5:47:d1:54:8d:be:95:06:a8:9c:6c:71:50:26:d3: 84:8a:00:ed:79:8d:18:d9:70:c0:b7:03:57:4e:3e: 4c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:85:E4:5C:98:D8:78:DA:D5:9C:A7:B4:24:57:2E:1D:1B:8E:BC:32 X509v3 Authority Key Identifier: keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:f2:cd:3f:9b:9f:c7:f1:2e:2a:e4:27:4f:22:46:a8:2f:36: 8f:af:96:0b:0b:11:7b:58:4f:05:22:7e:a8:94:b2:6c:1c:22: be:bd:e2:50:b2:5a:af:31:49:e5:1a:02:ab:81:14:e2:e7:a7: ee:27:b8:19:5a:fe:cb:f9:a2:1e:42:74:6b:42:c4:23:3d:ba: 9b:88:14:3c:be:c3:a6:1a:09:be:14:6c:45:d8:e1:42:67:ae: 30:e5:e5:80:57:01:58:6c:d9:98:d0:90:c0:14:61:ac:d7:e0: 49:fb:b5:5c:a4:9f:a4:8f:ef:03:79:51:cd:e4:ad:a9:45:b2: 4f:cd:a8:85:ec:1f:0f:ad:99:cc:8c:a3:5e:be:7e:42:bb:24: f2:ba:89:50:33:cd:49:41:2f:f6:c3:75:46:10:b8:ac:43:82: da:75:67:df:e1:07:90:15:e3:f5:3f:9b:e7:b8:03:49:c1:e1: 1a:3a:2d:df:63:e7:ed:8d:36:4f:79:2f:41:06:9f:ea:0e:17: f1:46:26:3d:26:ea:e6:d5:d9:8d:d0:91:e6:23:9f:23:9d:af: 7d:bf:e9:81:e9:3b:3a:2a:23:84:2c:47:4c:ec:95:12:97:8c: ea:92:d1:5a:d6:f4:f2:71:04:5c:28:26:9c:35:2d:8d:f2:11: 64:48:a3:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCSkdkVvtI5NI8dnpxxCMXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy YzczMTYwHhcNMjUxMjIxMTkwMjAyWhcNMjUxMjIyMTkwMjAyWjAzMTEwLwYDVQQD EyhhMzg1ZTQ1Yzk4ZDg3OGRhZDU5Y2E3YjQyNDU3MmUxZDFiOGViYzMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Xyu1DUMEz0s09Td27XrwOuiEVE 9dVO3hpZVoEf/sEjDsUDfSM/L87Rl5EgIe9ACiNSB+6UlGLcCfgDb+jCM086SZBv K8ByCH0f7K8bXrwy01vKyOXcfkOGF1TJzv26hwkM7VfIOoURS32mFihOCcr5nf3a RQJzCxrt36YsD7Gwcsr3PiDCdKsaVSW7Bs1yuOcVF0LgmdFpfo05nlIMpKCYVAwW Ndodff2mjydZ9WUJm/MEhmzG0Ylc8+o6wmrkbzn4X0qQzySvmh3O/whN3A+0Dabb 6ULcoRgoUvvPvkX1R9FUjb6VBqicbHFQJtOEigDteY0Y2XDAtwNXTj5MWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKOF5FyY2Hja1ZyntCRXLh0bjrwyMB8GA1UdIwQY MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5 LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfLNP5uf x/EuKuQnTyJGqC82j6+WCwsRe1hPBSJ+qJSybBwivr3iULJarzFJ5RoCq4EU4uen 7ie4GVr+y/miHkJ0a0LEIz26m4gUPL7DphoJvhRsRdjhQmeuMOXlgFcBWGzZmNCQ wBRhrNfgSfu1XKSfpI/vA3lRzeStqUWyT82ohewfD62ZzIyjXr5+Qrsk8rqJUDPN SUEv9sN1RhC4rEOC2nVn3+EHkBXj9T+b57gDScHhGjot32Pn7Y02T3kvQQaf6g4X 8UYmPSbq5tXZjdCR5iOfI52vfb/pgek7OiojhCxHTOyVEpeM6pLRWtb08nEEXCgm nDUtjfIRZEij/A== -----END CERTIFICATE-----Generated at Sun Dec 21 21:09:42 2025 by rpki-client