This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft File: dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft (raw, json) Hash identifier: rdfVzImwyme4p6E3zl6K04HlLYSR7g5sqQJBZMJe52U= Subject key identifier: 5A:61:5E:58:04:7A:40:39:CD:D6:E2:8B:53:B8:10:99:CB:52:29:ED Authority key identifier: 74:B9:75:89:8D:10:F1:A5:05:21:33:E1:E2:50:36:C6:11:4D:88:76 Certificate issuer: /CN=74b975898d10f1a5052133e1e25036c6114d8876 Certificate serial: 019B481554F512D9201BE3708BAC1171151F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLl1iY0Q8aUFITPh4lA2xhFNiHY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft Manifest number: 1428 Signing time: Mon 22 Dec 2025 22:01:56 +0000 Manifest this update: Mon 22 Dec 2025 22:01:56 +0000 Manifest next update: Tue 23 Dec 2025 22:01:56 +0000 Files and hashes: 1: dLl1iY0Q8aUFITPh4lA2xhFNiHY.crl (hash: FICvCXGGAu6SBAz+doppNET+A6QvHlo83YC2SDe9eAw=) 2: z_2rtoFCvPkDkADqibZPjoJmwkw.roa (hash: q/SzHtsnHuDBpVkpEWhHESnMoXOnwPbEJuDNiDhbwHs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.crl rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft rsync://rpki.ripe.net/repository/DEFAULT/dLl1iY0Q8aUFITPh4lA2xhFNiHY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:54:f5:12:d9:20:1b:e3:70:8b:ac:11:71:15:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74b975898d10f1a5052133e1e25036c6114d8876 Validity Not Before: Dec 22 22:01:56 2025 GMT Not After : Dec 23 22:01:56 2025 GMT Subject: CN=5a615e58047a4039cdd6e28b53b81099cb5229ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:19:1b:16:6f:0b:4b:cc:fc:c7:d6:4c:c7:1a: 61:d9:5a:0d:8a:06:36:51:68:4a:0d:01:9d:8a:cf: 86:16:e7:c9:0c:97:bc:3f:7c:5c:55:3c:6b:3e:f3: 8d:14:07:6e:52:dc:6b:8c:4b:dd:98:ae:97:05:52: 88:b1:de:8b:b5:7d:0d:20:18:ee:2f:ab:8e:ae:71: 5d:26:0d:c7:a0:3a:94:af:5f:33:0c:3b:bd:0a:74: 4d:3b:47:c3:1b:23:4a:31:d8:3f:bf:5a:67:02:60: a7:f0:ce:7c:75:a2:66:4b:13:9a:ff:d7:97:b6:cb: 6d:82:d1:21:79:4c:fd:87:28:e3:a3:8a:01:a2:f3: 45:57:ff:a3:07:5b:eb:86:12:e1:0d:6a:a9:7f:13: 51:5b:a5:9b:59:09:b7:08:f6:ea:6c:1e:84:00:aa: c6:03:93:95:c8:49:e6:79:53:81:ce:cd:cd:0d:c4: 25:50:b3:2b:58:ab:16:71:bb:eb:f6:cc:a3:d0:5d: ac:d5:4b:e7:8f:96:09:d1:52:f4:f0:6c:e6:22:c3: ca:df:f7:fa:1a:f0:64:05:86:85:eb:15:ae:4a:c5: 57:7b:d2:a4:73:68:f0:aa:c9:0f:37:71:e4:a9:9c: 01:a1:0e:a0:ad:19:52:72:55:53:c2:8e:56:92:de: 7f:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:61:5E:58:04:7A:40:39:CD:D6:E2:8B:53:B8:10:99:CB:52:29:ED X509v3 Authority Key Identifier: keyid:74:B9:75:89:8D:10:F1:A5:05:21:33:E1:E2:50:36:C6:11:4D:88:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLl1iY0Q8aUFITPh4lA2xhFNiHY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9dcd0e-f319-4403-b164-b7c872dd9675/1/dLl1iY0Q8aUFITPh4lA2xhFNiHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:3d:36:12:66:2a:7f:d2:98:a1:dc:84:c5:bb:2b:61:5e:c0: e7:33:ac:12:e5:e9:6a:47:50:7a:af:a6:11:41:04:bb:34:fe: d4:1a:88:8d:ec:0a:08:c2:f6:54:4c:7b:8e:1c:ef:28:51:ff: e5:c6:81:16:42:19:ce:b1:d5:6f:0d:f8:5d:61:9d:b2:35:5f: 92:87:ff:40:5c:40:c6:03:79:37:b5:f6:fc:f0:f6:a1:79:76: ad:8f:66:8d:1e:89:b6:78:98:23:ab:07:ec:f1:81:a0:72:d1: 87:d8:4e:d9:4e:31:0f:68:ad:91:a9:3d:f0:09:04:31:7f:02: f0:8a:f4:d8:56:3b:f3:52:10:27:a3:56:03:e5:1e:c0:cd:e4: 2a:42:db:68:99:4e:70:54:bd:4f:58:cc:cf:8d:cd:b2:c5:a6: 0b:f6:85:85:32:b2:cb:68:a8:43:b0:a4:ac:5b:c6:05:62:51: 43:e3:da:d5:90:d7:9e:ba:fb:b2:3d:dc:6e:78:0c:d6:42:03: 0a:a0:fd:55:d4:f5:7d:74:a1:83:b3:b2:59:59:d2:c3:93:17: d3:10:a1:4a:b3:b2:f5:0f:90:35:a5:f2:4f:74:e0:46:d1:c8: 75:bc:cf:cf:71:15:22:75:df:72:d3:12:2b:b9:93:6d:fb:d2: bf:ee:eb:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFVT1EtkgG+Nwi6wRcRUfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0Yjk3NTg5OGQxMGYxYTUwNTIxMzNlMWUyNTAzNmM2MTE0 ZDg4NzYwHhcNMjUxMjIyMjIwMTU2WhcNMjUxMjIzMjIwMTU2WjAzMTEwLwYDVQQD Eyg1YTYxNWU1ODA0N2E0MDM5Y2RkNmUyOGI1M2I4MTA5OWNiNTIyOWVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xkbFm8LS8z8x9ZMxxph2VoNigY2 UWhKDQGdis+GFufJDJe8P3xcVTxrPvONFAduUtxrjEvdmK6XBVKIsd6LtX0NIBju L6uOrnFdJg3HoDqUr18zDDu9CnRNO0fDGyNKMdg/v1pnAmCn8M58daJmSxOa/9eX tsttgtEheUz9hyjjo4oBovNFV/+jB1vrhhLhDWqpfxNRW6WbWQm3CPbqbB6EAKrG A5OVyEnmeVOBzs3NDcQlULMrWKsWcbvr9syj0F2s1Uvnj5YJ0VL08GzmIsPK3/f6 GvBkBYaF6xWuSsVXe9Kkc2jwqskPN3HkqZwBoQ6grRlSclVTwo5Wkt5/hQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFphXlgEekA5zdbii1O4EJnLUintMB8GA1UdIwQY MBaAFHS5dYmNEPGlBSEz4eJQNsYRTYh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZExsMWlZMFE4YVVGSVRQaDRsQTJ4aEZOaUhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZGNkMGUtZjMxOS00NDAzLWIxNjQt YjdjODcyZGQ5Njc1LzEvZExsMWlZMFE4YVVGSVRQaDRsQTJ4aEZOaUhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC85ZGNkMGUtZjMxOS00NDAzLWIxNjQtYjdjODcyZGQ5Njc1 LzEvZExsMWlZMFE4YVVGSVRQaDRsQTJ4aEZOaUhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaD02EmYq f9KYodyExbsrYV7A5zOsEuXpakdQeq+mEUEEuzT+1BqIjewKCML2VEx7jhzvKFH/ 5caBFkIZzrHVbw34XWGdsjVfkof/QFxAxgN5N7X2/PD2oXl2rY9mjR6JtniYI6sH 7PGBoHLRh9hO2U4xD2itkak98AkEMX8C8Ir02FY781IQJ6NWA+UewM3kKkLbaJlO cFS9T1jMz43NssWmC/aFhTKyy2ioQ7CkrFvGBWJRQ+Pa1ZDXnrr7sj3cbngM1kID CqD9VdT1fXShg7OyWVnSw5MX0xChSrOy9Q+QNaXyT3TgRtHIdbzPz3EVInXfctMS K7mTbfvSv+7rPA== -----END CERTIFICATE-----Generated at Tue Dec 23 04:14:51 2025 by rpki-client