This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft File: D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json) Hash identifier: vA+PnrxRaRL/epQkFF8wFL/LgUe5VB0/+ICk42P1VfQ= Subject key identifier: 73:30:97:B5:2A:D4:F3:15:D1:43:24:7C:15:D4:84:CD:A9:AB:7F:81 Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37 Certificate issuer: /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637 Certificate serial: 019B2B8B1F06B0B7CAFEECCDD56FCD383C96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft Manifest number: 02EE Signing time: Wed 17 Dec 2025 09:01:36 +0000 Manifest this update: Wed 17 Dec 2025 09:01:36 +0000 Manifest next update: Thu 18 Dec 2025 09:01:36 +0000 Files and hashes: 1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: 848kNQyNesXOwuOb/zJjLQVddDXvuUkr+FFpcK6VtTc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8b:1f:06:b0:b7:ca:fe:ec:cd:d5:6f:cd:38:3c:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637 Validity Not Before: Dec 17 09:01:36 2025 GMT Not After : Dec 18 09:01:36 2025 GMT Subject: CN=733097b52ad4f315d143247c15d484cda9ab7f81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b4:00:8d:6d:8f:cc:c7:05:0f:c6:ab:77:02: 4d:e3:f6:43:f7:29:18:a1:e4:2e:b3:9e:82:4a:62: 9d:84:17:9f:99:5b:c8:32:09:1b:30:eb:66:e7:b0: 9d:f5:b8:2a:a2:28:90:9f:2d:3b:c2:41:30:fa:20: 51:a9:35:1e:b5:76:43:43:03:30:81:3f:d5:40:8f: 15:50:66:5b:d4:b4:6a:3b:60:16:e8:64:d9:31:21: c9:59:55:f6:2f:c9:75:08:1f:7e:64:72:cd:f2:f1: eb:98:e2:f9:73:02:e5:b6:ea:a8:79:82:aa:a5:a1: 2a:f0:6c:5a:6c:2a:24:62:54:12:bf:c2:aa:85:18: 2c:0d:23:08:01:25:2d:99:52:ab:5c:fe:9c:d3:51: c0:ad:d6:72:53:ee:34:36:22:7b:db:ef:8a:a5:f6: df:2a:91:65:94:bf:3e:9d:da:0c:58:a1:73:2f:82: cf:60:a9:de:2a:5d:08:04:57:d9:19:49:22:30:7d: 65:1b:bd:e8:7f:2f:5d:f3:22:43:ec:0e:7e:63:e2: ed:e5:dc:2a:88:70:fc:eb:79:32:15:23:a4:ce:08: dd:92:c7:66:89:f6:a1:a2:a7:91:db:00:b9:1f:cc: ff:dc:79:ad:d2:5d:ec:59:49:f3:02:71:41:5a:3e: 5e:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:30:97:B5:2A:D4:F3:15:D1:43:24:7C:15:D4:84:CD:A9:AB:7F:81 X509v3 Authority Key Identifier: keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bd:e1:a8:9a:c1:88:c1:a9:0a:fe:b9:e3:c2:6d:ae:34:9c:fd: 18:60:99:7c:f8:b2:30:98:06:ee:dc:49:68:a7:76:87:7e:83: 67:a8:5b:0d:88:96:a2:77:a1:59:41:f5:e8:58:40:42:32:72: 50:4b:05:31:b3:39:27:f9:ba:f7:29:54:1e:27:35:04:ba:bb: b0:6d:40:75:7b:d7:92:d0:98:2b:58:06:a1:7b:4c:c0:a0:a2: 20:12:46:86:c8:a0:48:34:b2:e6:54:e4:e0:14:f8:ec:4c:b5: 94:78:6a:a3:b8:71:f2:54:d1:65:56:8b:55:ee:d4:f2:1f:2b: 89:ee:32:f8:ad:bf:54:32:80:74:30:4e:68:72:59:fe:c6:11: d3:53:70:43:e6:94:7a:55:3e:80:2f:07:62:3f:9a:97:4f:26: ec:f4:3e:9b:78:53:bc:c7:35:cb:a8:40:13:84:18:f8:75:8a: bc:b3:ed:5e:97:69:78:ea:f9:43:96:31:82:40:55:fe:58:b1: 87:56:74:46:03:bc:60:e2:92:67:e9:3a:3c:cb:3a:65:ae:fc: 17:7a:1d:3e:e1:d8:81:1b:4c:59:4d:03:be:c8:1f:85:11:01: e0:26:00:3d:13:b2:18:26:46:a9:f2:91:c3:11:a0:74:18:0a: 35:20:fc:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrix8GsLfK/uzN1W/NODyWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy YjM2MzcwHhcNMjUxMjE3MDkwMTM2WhcNMjUxMjE4MDkwMTM2WjAzMTEwLwYDVQQD Eyg3MzMwOTdiNTJhZDRmMzE1ZDE0MzI0N2MxNWQ0ODRjZGE5YWI3ZjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7QAjW2PzMcFD8ardwJN4/ZD9ykY oeQus56CSmKdhBefmVvIMgkbMOtm57Cd9bgqoiiQny07wkEw+iBRqTUetXZDQwMw gT/VQI8VUGZb1LRqO2AW6GTZMSHJWVX2L8l1CB9+ZHLN8vHrmOL5cwLltuqoeYKq paEq8GxabCokYlQSv8KqhRgsDSMIASUtmVKrXP6c01HArdZyU+40NiJ72++Kpfbf KpFllL8+ndoMWKFzL4LPYKneKl0IBFfZGUkiMH1lG73ofy9d8yJD7A5+Y+Lt5dwq iHD863kyFSOkzgjdksdmifahoqeR2wC5H8z/3Hmt0l3sWUnzAnFBWj5e6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHMwl7Uq1PMV0UMkfBXUhM2pq3+BMB8GA1UdIwQY MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAveGomsGI wakK/rnjwm2uNJz9GGCZfPiyMJgG7txJaKd2h36DZ6hbDYiWonehWUH16FhAQjJy UEsFMbM5J/m69ylUHic1BLq7sG1AdXvXktCYK1gGoXtMwKCiIBJGhsigSDSy5lTk 4BT47Ey1lHhqo7hx8lTRZVaLVe7U8h8rie4y+K2/VDKAdDBOaHJZ/sYR01NwQ+aU elU+gC8HYj+al08m7PQ+m3hTvMc1y6hAE4QY+HWKvLPtXpdpeOr5Q5YxgkBV/lix h1Z0RgO8YOKSZ+k6PMs6Za78F3odPuHYgRtMWU0DvsgfhREB4CYAPROyGCZGqfKR wxGgdBgKNSD8OQ== -----END CERTIFICATE-----Generated at Wed Dec 17 19:04:27 2025 by rpki-client