This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft File: dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft (raw, json) Hash identifier: gu6bluoJjCm4tgwDC1Yz5dZVr/THiI0DwIL3zd34F2c= Subject key identifier: 0C:C3:BC:DC:42:C4:69:AD:95:8A:B1:77:08:89:9F:2C:14:3B:F7:FB Authority key identifier: 76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66 Certificate issuer: /CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366 Certificate serial: 019B4814C8B15B57FD18A9ACA15BA38EBAD6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft Manifest number: 05B9 Signing time: Mon 22 Dec 2025 22:01:20 +0000 Manifest this update: Mon 22 Dec 2025 22:01:20 +0000 Manifest next update: Tue 23 Dec 2025 22:01:20 +0000 Files and hashes: 1: dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl (hash: WTekq76HV8TG9o3kqLTUKhgA6LzRRuWG+URC9L5KD7E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:14:c8:b1:5b:57:fd:18:a9:ac:a1:5b:a3:8e:ba:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7607f69dee43ac01d7dfeaca9b76a240ea6ef366 Validity Not Before: Dec 22 22:01:20 2025 GMT Not After : Dec 23 22:01:20 2025 GMT Subject: CN=0cc3bcdc42c469ad958ab17708899f2c143bf7fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1a:c1:0e:da:f0:94:2c:8f:4f:14:61:bc:28: 00:7e:c5:94:54:c4:ca:a5:18:5b:c3:02:4f:64:9c: d0:37:49:bb:2a:0e:16:7f:67:43:2d:6c:77:41:3c: 83:93:16:c0:ed:4f:fe:3e:ff:09:4b:39:0f:7d:9a: 5b:e1:f3:64:5e:bb:c9:6c:85:aa:61:55:73:28:26: d1:88:c9:c3:4e:89:08:c5:8e:a2:42:19:e8:ab:27: c8:19:32:cd:94:70:cf:70:88:7a:a3:db:40:49:45: dd:03:6d:c8:83:7f:44:7f:62:2b:13:a5:2b:76:ed: 38:10:a2:c1:48:2d:0e:b3:db:5d:c5:3a:ca:f0:91: be:e4:01:9c:f3:15:37:78:18:cc:a9:e6:a6:cf:f0: 0b:7f:3a:0e:23:e8:f0:df:78:67:c8:ae:91:22:b4: 89:a2:10:91:a4:b5:a0:a9:49:08:69:d0:d3:05:3d: cc:3d:c2:fa:53:87:65:2f:eb:9a:8d:93:d5:c6:e0: 3b:63:ca:bc:1a:85:4d:e5:91:20:6e:cb:1a:2d:29: a9:7e:10:45:a7:b9:61:de:0d:39:05:fb:3d:08:bf: aa:6e:9d:83:83:3e:a8:07:15:2b:e0:95:f5:65:fc: da:c2:d0:25:fc:48:0d:2b:a3:02:57:f8:48:d0:a7: 95:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:C3:BC:DC:42:C4:69:AD:95:8A:B1:77:08:89:9F:2C:14:3B:F7:FB X509v3 Authority Key Identifier: keyid:76:07:F6:9D:EE:43:AC:01:D7:DF:EA:CA:9B:76:A2:40:EA:6E:F3:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dgf2ne5DrAHX3-rKm3aiQOpu82Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/2cdb3d-ab43-4526-8357-c0243a3bdafb/1/dgf2ne5DrAHX3-rKm3aiQOpu82Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:b0:01:b7:2b:46:86:37:20:11:f3:a0:21:2c:1e:bd:46:cb: c4:64:7a:9f:be:97:06:6d:a2:14:dd:58:f8:b0:3c:e1:f4:db: 1f:cb:20:e6:4a:66:e2:2b:59:87:9a:65:27:45:02:69:85:26: f1:e7:37:b6:15:21:ef:bc:2c:58:11:c5:2f:3a:f3:f1:ae:8e: 72:e9:40:76:d8:6c:8a:c0:b2:ed:31:25:31:05:ee:c5:50:c5: 4e:3a:85:ee:f8:c0:14:ba:fb:16:91:39:48:e3:49:92:29:bb: 06:2a:48:02:8b:98:b2:7b:cc:ff:a9:6e:4d:a4:22:5d:ae:17: 1b:e2:8e:e6:80:0a:30:2b:0f:cf:b6:6b:3b:f8:53:8e:0c:85: af:3a:f2:15:e0:ec:d0:26:91:11:f9:34:3d:57:d0:37:f8:bb: b0:86:7f:91:e5:17:02:d3:b1:16:12:9f:2a:5c:6b:f5:5c:b7: 96:e3:a2:ff:a1:55:2a:f7:1d:86:e9:5b:83:9c:e8:f1:e9:c6: 6f:03:09:69:a3:e6:cf:de:c2:5d:6f:71:15:07:79:df:72:c9: ed:0a:7b:ad:ff:f4:c8:f0:db:f9:4f:d9:a2:96:9b:cd:56:0d: 7a:27:7b:30:a0:95:28:bd:81:b6:5f:d0:0c:f6:70:9f:ab:5b: ab:d4:3b:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFMixW1f9GKmsoVujjrrWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2MDdmNjlkZWU0M2FjMDFkN2RmZWFjYTliNzZhMjQwZWE2 ZWYzNjYwHhcNMjUxMjIyMjIwMTIwWhcNMjUxMjIzMjIwMTIwWjAzMTEwLwYDVQQD EygwY2MzYmNkYzQyYzQ2OWFkOTU4YWIxNzcwODg5OWYyYzE0M2JmN2ZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRrBDtrwlCyPTxRhvCgAfsWUVMTK pRhbwwJPZJzQN0m7Kg4Wf2dDLWx3QTyDkxbA7U/+Pv8JSzkPfZpb4fNkXrvJbIWq YVVzKCbRiMnDTokIxY6iQhnoqyfIGTLNlHDPcIh6o9tASUXdA23Ig39Ef2IrE6Ur du04EKLBSC0Os9tdxTrK8JG+5AGc8xU3eBjMqeamz/ALfzoOI+jw33hnyK6RIrSJ ohCRpLWgqUkIadDTBT3MPcL6U4dlL+uajZPVxuA7Y8q8GoVN5ZEgbssaLSmpfhBF p7lh3g05Bfs9CL+qbp2Dgz6oBxUr4JX1ZfzawtAl/EgNK6MCV/hI0KeVrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAzDvNxCxGmtlYqxdwiJnywUO/f7MB8GA1UdIwQY MBaAFHYH9p3uQ6wB19/qypt2okDqbvNmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTct YzAyNDNhM2JkYWZiLzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8yY2RiM2QtYWI0My00NTI2LTgzNTctYzAyNDNhM2JkYWZi LzEvZGdmMm5lNURyQUhYMy1yS20zYWlRT3B1ODJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLABtytG hjcgEfOgISwevUbLxGR6n76XBm2iFN1Y+LA84fTbH8sg5kpm4itZh5plJ0UCaYUm 8ec3thUh77wsWBHFLzrz8a6OculAdthsisCy7TElMQXuxVDFTjqF7vjAFLr7FpE5 SONJkim7BipIAouYsnvM/6luTaQiXa4XG+KO5oAKMCsPz7ZrO/hTjgyFrzryFeDs 0CaREfk0PVfQN/i7sIZ/keUXAtOxFhKfKlxr9Vy3luOi/6FVKvcdhulbg5zo8enG bwMJaaPmz97CXW9xFQd533LJ7Qp7rf/0yPDb+U/ZopabzVYNeid7MKCVKL2Btl/Q DPZwn6tbq9Q74Q== -----END CERTIFICATE-----Generated at Tue Dec 23 05:04:52 2025 by rpki-client