This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft File: dtQhWmJUV7wFMhkciAP3xkt_kGU.mft (raw, json) Hash identifier: /qKsnt8uxtRllZCGUzZvaRJzOyYJvk1osLOvSTyNZXI= Subject key identifier: 9A:EF:0B:EB:39:70:2A:39:81:63:8C:63:3C:89:2A:B2:CF:E6:1C:CF Authority key identifier: 76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65 Certificate issuer: /CN=76d4215a625457bc0532191c8803f7c64b7f9065 Certificate serial: 019B058F8EC881FA5B9D5C517D0B5630ECC9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft Manifest number: 0542 Signing time: Wed 10 Dec 2025 00:00:52 +0000 Manifest this update: Wed 10 Dec 2025 00:00:52 +0000 Manifest next update: Thu 11 Dec 2025 00:00:52 +0000 Files and hashes: 1: dtQhWmJUV7wFMhkciAP3xkt_kGU.crl (hash: w1RzQ9dH7NsDnVs517Ky8reH/5HgSD9JUqATqAMzhMo=) Validation: Failed, unable to get local issuer certificate Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:05:8f:8e:c8:81:fa:5b:9d:5c:51:7d:0b:56:30:ec:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76d4215a625457bc0532191c8803f7c64b7f9065 Validity Not Before: Dec 10 00:00:52 2025 GMT Not After : Dec 11 00:00:52 2025 GMT Subject: CN=9aef0beb39702a3981638c633c892ab2cfe61ccf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:a2:ba:56:9e:15:c4:ab:cf:52:45:92:31:37: ce:57:0b:c3:7d:02:3e:8d:a7:96:52:fd:05:44:c1: 1d:20:4b:86:e3:a0:0d:1a:eb:40:1e:4c:19:c4:ba: dc:fb:4a:30:01:37:b8:82:62:8b:c8:17:e2:9c:66: 83:0a:84:6b:e0:f5:32:cd:1b:42:c2:61:3a:41:73: 32:47:04:fe:a3:07:ff:a6:a6:71:dd:1c:34:c8:29: 59:74:6f:18:e0:39:59:a1:3b:46:84:45:8d:5f:c4: 07:8f:9b:ba:9e:8b:32:c5:30:57:52:a5:72:5c:b4: c7:d3:bd:4c:88:84:18:26:60:2a:c4:0d:0d:bc:7a: 4e:0f:57:ea:5c:da:0c:81:18:da:23:3d:dd:9a:b8: 12:79:74:e1:f0:cb:1e:05:d0:ef:33:fc:f6:d7:83: 4c:1d:7e:ef:c8:c1:07:bb:cd:7a:36:1a:99:b3:0a: d0:e3:32:dd:2c:4c:27:2c:1d:29:e4:03:7f:7e:70: 63:3a:2c:82:1e:ce:d0:0f:3b:41:8a:3b:b8:69:e1: da:5c:c8:c9:82:dc:69:5c:7a:57:cb:81:d9:d7:8c: 15:3f:10:b0:cc:30:bb:b9:e3:0b:92:b6:f3:ae:4b: 4e:a0:11:a3:77:b0:10:68:9c:19:41:32:50:e6:d7: b4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:EF:0B:EB:39:70:2A:39:81:63:8C:63:3C:89:2A:B2:CF:E6:1C:CF X509v3 Authority Key Identifier: keyid:76:D4:21:5A:62:54:57:BC:05:32:19:1C:88:03:F7:C6:4B:7F:90:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtQhWmJUV7wFMhkciAP3xkt_kGU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b501de-3b1d-4d80-b6e9-f88d7ec3a526/1/dtQhWmJUV7wFMhkciAP3xkt_kGU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:03:e2:71:17:7d:ec:9c:7c:55:58:d7:e9:82:9f:67:c0:38: 5d:5a:b8:f3:50:7b:ef:36:5b:54:5c:73:f0:48:d4:b6:ff:16: e9:da:44:9c:21:06:3e:96:20:f1:76:7c:92:49:59:76:25:36: 21:16:ed:c3:2f:fe:11:ea:82:ec:55:ea:e3:47:f9:9d:02:e3: b7:88:f2:66:d7:ec:31:10:ec:e5:f0:e9:31:29:ae:0b:5e:17: d9:33:23:5d:d4:a2:53:be:42:d4:c8:e5:dd:18:3a:5d:66:16: 42:17:7d:60:5a:66:c2:2c:2b:2e:25:91:9b:0e:7c:9c:5f:26: 1c:fe:2f:a0:2a:76:8d:e3:19:24:cb:54:66:94:cf:40:37:44: 05:6b:0b:74:f3:fe:24:61:8f:92:77:65:ae:bd:ce:9e:4e:39: 64:ae:76:85:bc:dc:4e:d3:12:1e:36:3e:80:99:90:2e:3b:e9: 02:6f:85:8f:ce:04:78:d8:72:33:ac:e2:03:be:d3:47:56:32: 2f:5e:64:a7:00:e2:64:3b:2a:10:ec:dd:00:55:69:3d:1f:89: 37:49:b6:77:a4:55:59:dc:10:5d:59:3c:ef:79:f9:82:00:b5: 1e:6d:68:f0:a3:cd:0e:ac:3d:bf:9a:8b:44:9f:c7:94:6a:18: a9:7f:5f:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsFj47IgfpbnVxRfQtWMOzJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2ZDQyMTVhNjI1NDU3YmMwNTMyMTkxYzg4MDNmN2M2NGI3 ZjkwNjUwHhcNMjUxMjEwMDAwMDUyWhcNMjUxMjExMDAwMDUyWjAzMTEwLwYDVQQD Eyg5YWVmMGJlYjM5NzAyYTM5ODE2MzhjNjMzYzg5MmFiMmNmZTYxY2NmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+6K6Vp4VxKvPUkWSMTfOVwvDfQI+ jaeWUv0FRMEdIEuG46ANGutAHkwZxLrc+0owATe4gmKLyBfinGaDCoRr4PUyzRtC wmE6QXMyRwT+owf/pqZx3Rw0yClZdG8Y4DlZoTtGhEWNX8QHj5u6nosyxTBXUqVy XLTH071MiIQYJmAqxA0NvHpOD1fqXNoMgRjaIz3dmrgSeXTh8MseBdDvM/z214NM HX7vyMEHu816NhqZswrQ4zLdLEwnLB0p5AN/fnBjOiyCHs7QDztBiju4aeHaXMjJ gtxpXHpXy4HZ14wVPxCwzDC7ueMLkrbzrktOoBGjd7AQaJwZQTJQ5te0bwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJrvC+s5cCo5gWOMYzyJKrLP5hzPMB8GA1UdIwQY MBaAFHbUIVpiVFe8BTIZHIgD98ZLf5BlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTkt Zjg4ZDdlYzNhNTI2LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9iNTAxZGUtM2IxZC00ZDgwLWI2ZTktZjg4ZDdlYzNhNTI2 LzEvZHRRaFdtSlVWN3dGTWhrY2lBUDN4a3Rfa0dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADAPicRd9 7Jx8VVjX6YKfZ8A4XVq481B77zZbVFxz8EjUtv8W6dpEnCEGPpYg8XZ8kklZdiU2 IRbtwy/+EeqC7FXq40f5nQLjt4jyZtfsMRDs5fDpMSmuC14X2TMjXdSiU75C1Mjl 3Rg6XWYWQhd9YFpmwiwrLiWRmw58nF8mHP4voCp2jeMZJMtUZpTPQDdEBWsLdPP+ JGGPkndlrr3Onk45ZK52hbzcTtMSHjY+gJmQLjvpAm+Fj84EeNhyM6ziA77TR1Yy L15kpwDiZDsqEOzdAFVpPR+JN0m2d6RVWdwQXVk873n5ggC1Hm1o8KPNDqw9v5qL RJ/HlGoYqX9f1A== -----END CERTIFICATE-----Generated at Tue Dec 16 04:40:42 2025 by rpki-client