This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft File: l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json) Hash identifier: v+zPE2j2Gz9ebzFbtANRigHpiDk332OEylpnOiOel0w= Subject key identifier: 2E:D0:BB:F0:C6:97:D8:A7:FD:A4:F2:D5:7C:C9:B7:C8:56:84:DD:80 Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8 Certificate issuer: /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8 Certificate serial: 019B59E39AA95642FAB5EB808DC095CA6B5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft Manifest number: 1792 Signing time: Fri 26 Dec 2025 09:00:47 +0000 Manifest this update: Fri 26 Dec 2025 09:00:47 +0000 Manifest next update: Sat 27 Dec 2025 09:00:47 +0000 Files and hashes: 1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: R5BFt2M7XTZb1vED5vLwWJz1/G8CEkYSlgpv+wLpBzQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:9a:a9:56:42:fa:b5:eb:80:8d:c0:95:ca:6b:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8 Validity Not Before: Dec 26 09:00:47 2025 GMT Not After : Dec 27 09:00:47 2025 GMT Subject: CN=2ed0bbf0c697d8a7fda4f2d57cc9b7c85684dd80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:29:c6:e2:4c:ca:1b:0f:30:6f:0a:5c:14:c8: e1:20:c9:91:4f:fc:f0:73:9d:0f:c0:3e:17:21:a2: 2a:f6:0f:71:72:a0:4c:8e:a3:96:74:6c:d1:c9:33: 3f:b8:ed:5e:5f:50:e5:4d:ac:36:b9:44:a9:d0:cf: 15:58:a6:f7:87:67:9e:b7:62:93:88:e1:17:e9:74: ad:f8:b4:8b:bf:00:5b:cc:e4:47:1f:ea:4f:f9:f0: aa:0a:ba:00:96:a1:76:e0:03:d0:83:bd:93:6e:58: e1:44:e7:60:c7:c5:13:3c:6d:48:eb:26:25:f4:de: 2b:1e:c6:fe:f9:af:cc:d1:09:51:0b:09:fe:ec:83: 4a:fb:96:7b:ac:4c:91:43:02:2a:c5:5f:fe:82:56: 38:72:2d:59:a0:65:0f:77:10:44:bb:a5:fb:7a:3d: 62:68:a1:33:15:28:3a:8d:21:ef:70:7c:f6:5c:75: 30:73:5c:a2:13:15:46:b2:3e:d4:dc:a7:6e:32:10: c5:ed:c4:ca:2f:b4:d0:3e:fd:4d:20:b8:5f:5a:4a: 7b:7a:67:4d:e5:7b:53:5c:b9:1f:29:31:2d:00:e9: b6:0d:a1:b8:3b:38:db:85:8c:45:ca:68:68:fd:db: 6c:ba:85:c1:f2:27:96:2d:53:e9:dc:f8:14:c6:90: 20:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D0:BB:F0:C6:97:D8:A7:FD:A4:F2:D5:7C:C9:B7:C8:56:84:DD:80 X509v3 Authority Key Identifier: keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:ae:be:a6:53:16:86:91:ee:dd:30:52:ae:3a:76:14:29:d3: 6b:e8:da:8f:92:66:07:29:c9:f8:60:8b:33:22:09:7a:b2:3d: 44:a4:fe:1b:5e:ef:b8:b8:c3:96:67:99:15:ed:f5:9c:56:bc: bf:3a:e6:88:03:09:f2:4e:8e:64:03:9c:d8:c4:60:65:84:c8: 2d:c1:27:af:b1:24:de:70:ff:10:86:f5:67:ec:cb:90:c9:b1: 31:0c:ae:e2:6c:5f:aa:f5:d1:3c:33:a7:d4:34:99:4b:69:1f: ae:64:5e:12:f8:ac:bf:f5:6a:2a:63:a9:d5:96:71:54:6b:8a: 30:44:fb:05:7b:f0:c3:a2:97:31:a3:f9:10:4d:a6:2d:c7:00: 58:13:1d:55:e0:c2:79:f0:7c:c7:11:a6:1c:ad:53:eb:72:47: 22:b1:d1:6a:fc:18:55:53:fc:bf:8e:73:9a:82:20:62:19:29: 36:28:75:26:02:de:c6:f5:89:4f:2e:c6:93:f6:df:ce:13:32: 26:9e:d1:17:ba:29:e2:51:c2:70:07:60:23:4d:14:d7:32:3b: 4f:1d:fd:4e:fb:ef:b0:28:7f:42:9e:f4:c6:f2:97:37:07:b7: 79:a2:e4:f1:c4:32:92:07:0b:7e:72:78:02:a0:25:59:7c:05: cb:96:f0:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ45qpVkL6teuAjcCVymtaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5 OTQ5YjgwHhcNMjUxMjI2MDkwMDQ3WhcNMjUxMjI3MDkwMDQ3WjAzMTEwLwYDVQQD EygyZWQwYmJmMGM2OTdkOGE3ZmRhNGYyZDU3Y2M5YjdjODU2ODRkZDgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CnG4kzKGw8wbwpcFMjhIMmRT/zw c50PwD4XIaIq9g9xcqBMjqOWdGzRyTM/uO1eX1DlTaw2uUSp0M8VWKb3h2eet2KT iOEX6XSt+LSLvwBbzORHH+pP+fCqCroAlqF24APQg72TbljhROdgx8UTPG1I6yYl 9N4rHsb++a/M0QlRCwn+7INK+5Z7rEyRQwIqxV/+glY4ci1ZoGUPdxBEu6X7ej1i aKEzFSg6jSHvcHz2XHUwc1yiExVGsj7U3KduMhDF7cTKL7TQPv1NILhfWkp7emdN 5XtTXLkfKTEtAOm2DaG4OzjbhYxFymho/dtsuoXB8ieWLVPp3PgUxpAgtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC7Qu/DGl9in/aTy1XzJt8hWhN2AMB8GA1UdIwQY MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYa6+plMW hpHu3TBSrjp2FCnTa+jaj5JmBynJ+GCLMyIJerI9RKT+G17vuLjDlmeZFe31nFa8 vzrmiAMJ8k6OZAOc2MRgZYTILcEnr7Ek3nD/EIb1Z+zLkMmxMQyu4mxfqvXRPDOn 1DSZS2kfrmReEvisv/VqKmOp1ZZxVGuKMET7BXvww6KXMaP5EE2mLccAWBMdVeDC efB8xxGmHK1T63JHIrHRavwYVVP8v45zmoIgYhkpNih1JgLexvWJTy7Gk/bfzhMy Jp7RF7op4lHCcAdgI00U1zI7Tx39TvvvsCh/Qp70xvKXNwe3eaLk8cQykgcLfnJ4 AqAlWXwFy5bwlw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:00 2025 by rpki-client