This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft File: dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft (raw, json) Hash identifier: Uz0hrTbRcGp6ETCXDqp3vA5J+UvZv4Ebj+gD5daCX90= Subject key identifier: 1F:3D:63:66:C1:68:07:9B:14:6B:65:F4:E6:E9:55:EC:EC:5E:8E:44 Authority key identifier: 74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9 Certificate issuer: /CN=749d8a4328930b938fa86018b1e447ee4d8da8f9 Certificate serial: 019B5C08CF9EDF4FA2C1E86478E385EA72BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft Manifest number: 0110 Signing time: Fri 26 Dec 2025 19:00:39 +0000 Manifest this update: Fri 26 Dec 2025 19:00:39 +0000 Manifest next update: Sat 27 Dec 2025 19:00:39 +0000 Files and hashes: 1: 9aSGIa-WEC1bN7Ni4E8-efLmGGQ.roa (hash: 9siiR4LDQpp3LbxItU8xD6C1s0IOvLTqKZo+clC6imU=) 2: dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl (hash: nrzuaQNlbNb0voUlvE4SWoaZ8cwJvK8k1hdgovcSiQc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:08:cf:9e:df:4f:a2:c1:e8:64:78:e3:85:ea:72:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749d8a4328930b938fa86018b1e447ee4d8da8f9 Validity Not Before: Dec 26 19:00:39 2025 GMT Not After : Dec 27 19:00:39 2025 GMT Subject: CN=1f3d6366c168079b146b65f4e6e955ecec5e8e44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:1f:e9:9d:c3:d9:ec:e6:dc:06:c6:95:8c:26: d6:0b:f3:d0:85:b6:e7:46:f8:26:a1:fb:bb:a4:0c: eb:92:8e:32:bb:fb:31:4c:ae:ff:d9:ad:99:05:5f: f5:97:d9:c4:4d:84:20:78:e6:68:50:91:ca:12:4e: 85:6f:0f:d0:e3:a8:f0:b5:30:0e:a3:96:a6:05:76: 4d:e3:db:9c:56:5b:75:28:5f:27:1a:40:22:e1:05: 93:c5:5b:19:5b:7c:6c:10:bc:cc:6a:68:55:4c:1a: 6b:21:8e:b1:69:35:71:08:d0:d3:7f:5c:ea:1d:71: 77:91:61:e7:10:5b:79:bc:a8:de:73:94:c4:53:fe: f0:7b:42:cf:02:8a:3f:75:8e:b8:20:13:39:53:08: 37:32:1f:3e:2c:e2:50:77:06:95:b4:ec:da:b8:1e: ed:1b:d9:68:a0:ca:6f:88:ee:fd:42:64:ea:b6:3a: ca:85:2d:95:92:90:34:0c:50:88:3e:fe:8c:cc:56: 72:46:f9:2c:05:59:79:c5:2e:02:b7:33:b1:2a:71: a0:ef:51:aa:5a:5b:1b:87:6c:52:1e:64:0e:f2:22: 04:f2:e0:de:af:3c:38:a7:23:33:88:7b:7d:a0:fb: 67:27:10:1f:44:36:d8:cd:a4:4e:ca:7f:c1:27:13: 49:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:3D:63:66:C1:68:07:9B:14:6B:65:F4:E6:E9:55:EC:EC:5E:8E:44 X509v3 Authority Key Identifier: keyid:74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:cf:a9:a1:75:a7:3b:95:8f:86:2c:c3:9f:cf:c4:7a:62:0d: 8f:05:db:cf:8f:57:ea:f9:c2:9e:67:19:74:a9:20:2f:6e:e3: f2:e8:9f:30:b8:f1:a8:6e:fd:2e:45:08:4b:36:f1:a0:a6:03: 0e:ee:df:a1:68:9a:a6:d4:d5:d7:51:9f:f0:d8:32:64:be:a8: 57:8b:18:bc:34:08:34:5a:ea:d8:bf:9c:36:2c:7f:ff:f0:5b: 52:79:ef:27:11:5e:79:fb:e1:ca:a4:23:d4:f2:e8:40:51:c2: bf:e8:b0:27:4a:96:2c:df:34:4d:05:a2:55:13:58:10:bd:4a: ce:9b:ae:5d:2d:91:1e:11:c1:8e:ce:f5:ee:77:ff:08:16:b7: 33:cb:7c:20:47:b9:67:ed:86:fe:e4:d5:0a:e9:a1:b1:16:39: c1:2b:35:00:6f:b7:cc:c6:8b:ee:9d:2a:bd:96:de:c7:6d:86: 50:4b:39:8f:e2:97:17:d4:f4:b0:2c:6c:24:cf:34:fe:f6:10: 1f:e2:51:09:f6:51:1d:c8:45:13:fd:ed:14:07:b3:49:30:93: 7e:8d:24:85:6b:1e:22:f2:a8:f6:55:3d:50:b2:75:ae:50:e3: d0:4b:03:44:d9:14:7a:4f:fa:4d:5b:76:cf:8d:df:63:b2:d1: 3f:59:c5:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtcCM+e30+iwehkeOOF6nK8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OWQ4YTQzMjg5MzBiOTM4ZmE4NjAxOGIxZTQ0N2VlNGQ4 ZGE4ZjkwHhcNMjUxMjI2MTkwMDM5WhcNMjUxMjI3MTkwMDM5WjAzMTEwLwYDVQQD EygxZjNkNjM2NmMxNjgwNzliMTQ2YjY1ZjRlNmU5NTVlY2VjNWU4ZTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7h/pncPZ7ObcBsaVjCbWC/PQhbbn Rvgmofu7pAzrko4yu/sxTK7/2a2ZBV/1l9nETYQgeOZoUJHKEk6Fbw/Q46jwtTAO o5amBXZN49ucVlt1KF8nGkAi4QWTxVsZW3xsELzMamhVTBprIY6xaTVxCNDTf1zq HXF3kWHnEFt5vKjec5TEU/7we0LPAoo/dY64IBM5Uwg3Mh8+LOJQdwaVtOzauB7t G9looMpviO79QmTqtjrKhS2VkpA0DFCIPv6MzFZyRvksBVl5xS4CtzOxKnGg71Gq Wlsbh2xSHmQO8iIE8uDerzw4pyMziHt9oPtnJxAfRDbYzaROyn/BJxNJ7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB89Y2bBaAebFGtl9ObpVezsXo5EMB8GA1UdIwQY MBaAFHSdikMokwuTj6hgGLHkR+5Njaj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUt MDg4OWUzZWNkMWY2LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUtMDg4OWUzZWNkMWY2 LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAds+poXWn O5WPhizDn8/EemINjwXbz49X6vnCnmcZdKkgL27j8uifMLjxqG79LkUISzbxoKYD Du7foWiaptTV11Gf8NgyZL6oV4sYvDQINFrq2L+cNix///BbUnnvJxFeefvhyqQj 1PLoQFHCv+iwJ0qWLN80TQWiVRNYEL1KzpuuXS2RHhHBjs717nf/CBa3M8t8IEe5 Z+2G/uTVCumhsRY5wSs1AG+3zMaL7p0qvZbex22GUEs5j+KXF9T0sCxsJM80/vYQ H+JRCfZRHchFE/3tFAezSTCTfo0khWseIvKo9lU9ULJ1rlDj0EsDRNkUek/6TVt2 z43fY7LRP1nFbQ== -----END CERTIFICATE-----Generated at Fri Dec 26 22:49:00 2025 by rpki-client