This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/2aaa49-2823-4ee2-b5d1-e547395d6b47/1/doFcfQ6GPCF4D4v0uezDqcZFkpg.mft File: doFcfQ6GPCF4D4v0uezDqcZFkpg.mft (raw, json) Hash identifier: dXwu6NJrsUeB179fdLlLQ7L8KVRdrpFnaGngfpxDZVk= Subject key identifier: 6C:A2:B0:67:A0:88:EB:94:02:6C:6F:12:F0:0F:EB:46:66:E3:09:BB Authority key identifier: 76:81:5C:7D:0E:86:3C:21:78:0F:8B:F4:B9:EC:C3:A9:C6:45:92:98 Certificate issuer: /CN=76815c7d0e863c21780f8bf4b9ecc3a9c6459298 Certificate serial: 019B0E92D991F7FCD3B1DFF01601234256AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/doFcfQ6GPCF4D4v0uezDqcZFkpg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/2aaa49-2823-4ee2-b5d1-e547395d6b47/1/doFcfQ6GPCF4D4v0uezDqcZFkpg.mft Manifest number: 0466 Signing time: Thu 11 Dec 2025 18:01:03 +0000 Manifest this update: Thu 11 Dec 2025 18:01:03 +0000 Manifest next update: Fri 12 Dec 2025 18:01:03 +0000 Files and hashes: 1: doFcfQ6GPCF4D4v0uezDqcZFkpg.crl (hash: w0OH01uSZS8sW3R/Ie4QBRKUvtrB2bAbbtGbC4jtAnI=) 2: pTTtPKmhE713zQ-lNSyfapckqck.roa (hash: Z4OXgVLMtdMbDgwAv+QfBL8XpAweOau33nbHajpmsxQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/2aaa49-2823-4ee2-b5d1-e547395d6b47/1/doFcfQ6GPCF4D4v0uezDqcZFkpg.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/2aaa49-2823-4ee2-b5d1-e547395d6b47/1/doFcfQ6GPCF4D4v0uezDqcZFkpg.mft rsync://rpki.ripe.net/repository/DEFAULT/doFcfQ6GPCF4D4v0uezDqcZFkpg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:92:d9:91:f7:fc:d3:b1:df:f0:16:01:23:42:56:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76815c7d0e863c21780f8bf4b9ecc3a9c6459298 Validity Not Before: Dec 11 18:01:03 2025 GMT Not After : Dec 12 18:01:03 2025 GMT Subject: CN=6ca2b067a088eb94026c6f12f00feb4666e309bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:95:1c:45:c2:aa:d7:cf:d6:dc:00:a6:71:37: 82:6a:3a:a2:52:00:35:a1:a5:6a:c2:da:b3:8d:75: 89:1f:3b:9e:7e:48:77:49:16:70:c7:bb:ec:d2:40: 37:52:bb:08:17:50:d6:88:01:8f:bf:ce:d5:79:1e: d3:4d:44:2c:0f:28:f1:7d:97:ce:d7:31:d4:00:4f: ef:ba:ba:09:e1:4d:6e:cc:8f:3d:cc:71:be:ce:1a: 93:13:2e:96:80:b0:bd:a4:7b:59:73:53:cf:83:e1: d5:4d:ce:72:50:81:9c:c0:0a:71:c1:8f:d6:fc:4c: 18:9b:1f:2d:c6:3a:b0:f0:ba:14:ab:6c:0d:8a:e5: 6a:e6:5a:c7:45:0f:0a:f7:b7:99:72:48:6b:af:4c: b7:07:e7:42:a7:59:27:48:11:fa:a8:ef:1e:1d:4c: 68:f5:e6:e9:bd:43:eb:c3:4e:56:5f:fc:c2:50:fe: f4:92:bc:40:67:84:22:a0:ef:b8:ee:5c:36:cc:fb: 31:b4:44:e8:35:59:43:7e:1a:e8:70:8e:fc:ec:63: db:a2:a5:4c:eb:06:80:12:cc:34:9a:e0:a6:df:a7: 12:51:35:1a:f6:10:fb:b0:cf:d9:60:d3:12:83:f3: 60:14:b7:22:a0:45:78:c4:92:1f:07:bb:df:56:fb: 40:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A2:B0:67:A0:88:EB:94:02:6C:6F:12:F0:0F:EB:46:66:E3:09:BB X509v3 Authority Key Identifier: keyid:76:81:5C:7D:0E:86:3C:21:78:0F:8B:F4:B9:EC:C3:A9:C6:45:92:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/doFcfQ6GPCF4D4v0uezDqcZFkpg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/2aaa49-2823-4ee2-b5d1-e547395d6b47/1/doFcfQ6GPCF4D4v0uezDqcZFkpg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/2aaa49-2823-4ee2-b5d1-e547395d6b47/1/doFcfQ6GPCF4D4v0uezDqcZFkpg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:e4:eb:dc:e2:e1:11:cc:c8:dd:f7:1c:39:a1:35:e5:5e:ca: fe:fb:f5:7e:12:f6:06:12:33:a4:45:97:eb:97:a5:88:8e:94: f0:49:6b:8a:94:50:ad:7f:3f:ca:55:fe:d4:c6:f3:7b:d5:c0: 0a:2d:21:7a:16:9a:9b:36:5d:75:c9:76:56:8f:3b:f1:24:e9: b3:2f:6f:b6:1b:3f:7c:e2:2a:7a:36:d9:0d:9a:8c:aa:29:17: 37:9c:52:a1:f3:3c:0a:2d:33:1b:01:1e:99:56:80:74:0e:d0: 98:f0:77:48:ba:1e:5b:11:14:44:1b:93:9a:61:df:88:96:3f: e6:dc:4c:f1:4f:6a:a3:cd:1c:89:91:13:83:b6:c8:83:f0:2e: 6e:d2:88:54:d3:45:d0:8a:50:3a:52:d6:94:31:17:a9:0a:c1: 40:7e:66:9c:85:ed:6a:81:3f:94:8c:c3:98:ba:1b:a2:fc:4e: 00:79:f8:7f:d3:57:20:4d:a7:a1:4c:c3:89:9f:17:58:0f:11: a0:03:83:59:c0:ee:82:9b:86:c2:fd:b5:19:05:db:82:7c:17: 7c:56:4c:ca:f8:44:44:b2:fd:95:7e:2d:42:7e:94:f8:ba:8f: 81:00:d8:fd:32:08:b6:b5:3c:d1:f4:07:a2:00:f1:50:7c:4d: c0:87:be:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOktmR9/zTsd/wFgEjQlarMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2ODE1YzdkMGU4NjNjMjE3ODBmOGJmNGI5ZWNjM2E5YzY0 NTkyOTgwHhcNMjUxMjExMTgwMTAzWhcNMjUxMjEyMTgwMTAzWjAzMTEwLwYDVQQD Eyg2Y2EyYjA2N2EwODhlYjk0MDI2YzZmMTJmMDBmZWI0NjY2ZTMwOWJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpUcRcKq18/W3ACmcTeCajqiUgA1 oaVqwtqzjXWJHzuefkh3SRZwx7vs0kA3UrsIF1DWiAGPv87VeR7TTUQsDyjxfZfO 1zHUAE/vuroJ4U1uzI89zHG+zhqTEy6WgLC9pHtZc1PPg+HVTc5yUIGcwApxwY/W /EwYmx8txjqw8LoUq2wNiuVq5lrHRQ8K97eZckhrr0y3B+dCp1knSBH6qO8eHUxo 9ebpvUPrw05WX/zCUP70krxAZ4QioO+47lw2zPsxtEToNVlDfhrocI787GPboqVM 6waAEsw0muCm36cSUTUa9hD7sM/ZYNMSg/NgFLcioEV4xJIfB7vfVvtA1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGyisGegiOuUAmxvEvAP60Zm4wm7MB8GA1UdIwQY MBaAFHaBXH0OhjwheA+L9Lnsw6nGRZKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZG9GY2ZRNkdQQ0Y0RDR2MHVlekRxY1pGa3BnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yYWFhNDktMjgyMy00ZWUyLWI1ZDEt ZTU0NzM5NWQ2YjQ3LzEvZG9GY2ZRNkdQQ0Y0RDR2MHVlekRxY1pGa3BnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS8yYWFhNDktMjgyMy00ZWUyLWI1ZDEtZTU0NzM5NWQ2YjQ3 LzEvZG9GY2ZRNkdQQ0Y0RDR2MHVlekRxY1pGa3BnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+Tr3OLh EczI3fccOaE15V7K/vv1fhL2BhIzpEWX65eliI6U8ElripRQrX8/ylX+1Mbze9XA Ci0hehaamzZddcl2Vo878STpsy9vths/fOIqejbZDZqMqikXN5xSofM8Ci0zGwEe mVaAdA7QmPB3SLoeWxEURBuTmmHfiJY/5txM8U9qo80ciZETg7bIg/AubtKIVNNF 0IpQOlLWlDEXqQrBQH5mnIXtaoE/lIzDmLobovxOAHn4f9NXIE2noUzDiZ8XWA8R oAODWcDugpuGwv21GQXbgnwXfFZMyvhERLL9lX4tQn6U+LqPgQDY/TIItrU80fQH ogDxUHxNwIe+YQ== -----END CERTIFICATE-----Generated at Thu Dec 11 23:53:27 2025 by rpki-client