This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft File: Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft (raw, json) Hash identifier: 8uN/KK81NKFD37eAv4Roh8/J3vhn2l3/ZV04h7HxPMY= Subject key identifier: 3E:7B:71:48:AC:C4:2C:38:E5:8F:E7:BA:34:87:ED:5E:22:87:24:D2 Authority key identifier: 0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84 Certificate issuer: /CN=0e29a482de0d56746c3045269f99205204f95484 Certificate serial: 019B38A26BA9FEAFBB91CFE2E99385F92275 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft Manifest number: 132C Signing time: Fri 19 Dec 2025 22:02:06 +0000 Manifest this update: Fri 19 Dec 2025 22:02:06 +0000 Manifest next update: Sat 20 Dec 2025 22:02:06 +0000 Files and hashes: 1: Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl (hash: uicyBxCJCndOpift/qoEMEFrPo858q3i4p6czQ9O7mE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 17:13:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:38:a2:6b:a9:fe:af:bb:91:cf:e2:e9:93:85:f9:22:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e29a482de0d56746c3045269f99205204f95484 Validity Not Before: Dec 19 22:02:06 2025 GMT Not After : Dec 20 22:02:06 2025 GMT Subject: CN=3e7b7148acc42c38e58fe7ba3487ed5e228724d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:1b:dc:40:40:d2:a3:dc:53:d6:c5:6f:68:96: 9c:fd:27:a7:9d:be:5e:74:c3:cf:5b:63:1a:b3:ec: 59:da:de:87:a0:6e:fc:f0:76:a4:8e:11:dc:19:18: 6d:60:10:d8:37:e6:8d:29:67:31:22:16:f5:21:23: a5:bb:38:f2:5c:5e:52:4b:7c:c3:a4:0f:29:8b:19: d9:41:df:3a:de:f7:29:b1:9f:c5:ba:b3:36:3a:40: 2c:5f:94:ad:52:ff:69:9b:15:2a:1d:72:cc:ea:1b: c5:21:d6:db:4d:d6:16:75:3f:2f:fc:3a:24:16:1b: ef:d2:9a:9a:e2:a3:3e:b5:66:6f:40:29:27:ff:2d: 6a:c2:d2:8b:9e:56:0e:b9:01:50:06:17:8f:53:36: 8e:ea:d3:bd:4a:8c:70:6f:3b:6f:5a:68:2e:b6:9a: 21:c0:dc:ef:68:56:a2:3a:a1:20:d6:47:e2:90:77: 76:6c:2f:9b:b7:83:c6:4c:e2:32:3f:5c:21:f9:23: ae:85:a6:c1:ca:c8:e9:ad:27:d3:d4:42:b0:b4:19: f7:8a:cc:97:d0:14:cb:3c:f3:af:cc:f4:7f:c4:c3: eb:ae:c0:36:ec:4f:8b:55:44:8c:ed:a8:51:27:9b: 81:25:79:bc:32:0c:a4:3d:8c:5c:2c:d1:35:a1:33: 87:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:7B:71:48:AC:C4:2C:38:E5:8F:E7:BA:34:87:ED:5E:22:87:24:D2 X509v3 Authority Key Identifier: keyid:0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:e5:2c:bb:ef:54:3a:97:58:0b:c2:48:b4:da:3c:de:c2:27: 6f:f1:bd:bb:bb:a9:0c:c2:bf:21:af:81:e7:e6:ab:f0:09:9e: 5f:48:ad:a9:17:6f:e6:61:cf:38:2e:63:44:88:9a:1b:6b:1f: c6:0c:ee:ba:78:1c:0c:32:ac:ce:1b:c0:9c:7b:c9:de:0f:e3: 2f:02:fa:be:08:08:00:81:ab:5a:42:22:76:88:9d:78:45:a0: 2a:39:2a:f6:9f:05:d0:d9:e6:58:ce:0f:d7:d0:3f:31:35:e8: b5:e0:06:fc:80:63:c6:e6:6b:42:50:a1:d2:13:ba:6a:6f:98: 9f:cc:8b:66:2b:cb:bc:9b:1b:c8:bb:47:c1:9c:95:d9:f8:6a: b3:f7:9f:6a:ad:13:84:08:c9:0d:cd:0a:df:84:5b:38:92:5a: 80:ae:f2:c2:e0:2e:0c:fb:a6:3e:3a:0c:2d:21:27:70:13:f1: b0:fb:2c:ac:a7:62:eb:05:b9:aa:67:7d:e0:f1:90:27:f0:5e: 9a:7e:fb:2c:81:a0:06:d5:a9:e5:0f:69:66:c6:5b:e6:68:64: 91:bc:56:37:81:a0:6b:e3:70:1f:d1:01:4c:2a:3a:f8:d7:85: f6:d8:74:30:9a:59:02:c4:5b:6e:77:68:d0:24:47:34:9c:af: 14:8f:64:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs4omup/q+7kc/i6ZOF+SJ1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlMjlhNDgyZGUwZDU2NzQ2YzMwNDUyNjlmOTkyMDUyMDRm OTU0ODQwHhcNMjUxMjE5MjIwMjA2WhcNMjUxMjIwMjIwMjA2WjAzMTEwLwYDVQQD EygzZTdiNzE0OGFjYzQyYzM4ZTU4ZmU3YmEzNDg3ZWQ1ZTIyODcyNGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hvcQEDSo9xT1sVvaJac/Sennb5e dMPPW2Mas+xZ2t6HoG788HakjhHcGRhtYBDYN+aNKWcxIhb1ISOluzjyXF5SS3zD pA8pixnZQd863vcpsZ/FurM2OkAsX5StUv9pmxUqHXLM6hvFIdbbTdYWdT8v/Dok Fhvv0pqa4qM+tWZvQCkn/y1qwtKLnlYOuQFQBhePUzaO6tO9SoxwbztvWmgutpoh wNzvaFaiOqEg1kfikHd2bC+bt4PGTOIyP1wh+SOuhabBysjprSfT1EKwtBn3isyX 0BTLPPOvzPR/xMPrrsA27E+LVUSM7ahRJ5uBJXm8MgykPYxcLNE1oTOH0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD57cUisxCw45Y/nujSH7V4ihyTSMB8GA1UdIwQY MBaAFA4ppILeDVZ0bDBFJp+ZIFIE+VSEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMt OGJiZDkzOTQwZWVmLzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMtOGJiZDkzOTQwZWVm LzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOUsu+9U OpdYC8JItNo83sInb/G9u7upDMK/Ia+B5+ar8AmeX0itqRdv5mHPOC5jRIiaG2sf xgzuungcDDKszhvAnHvJ3g/jLwL6vggIAIGrWkIidoideEWgKjkq9p8F0NnmWM4P 19A/MTXoteAG/IBjxuZrQlCh0hO6am+Yn8yLZivLvJsbyLtHwZyV2fhqs/efaq0T hAjJDc0K34RbOJJagK7ywuAuDPumPjoMLSEncBPxsPssrKdi6wW5qmd94PGQJ/Be mn77LIGgBtWp5Q9pZsZb5mhkkbxWN4Gga+NwH9EBTCo6+NeF9th0MJpZAsRbbndo 0CRHNJyvFI9kXw== -----END CERTIFICATE-----Generated at Sat Dec 20 03:17:58 2025 by rpki-client