This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft File: Da7a5Z2cmvUe9UivsMlkOM73IRw.mft (raw, json) Hash identifier: PXETOWXPvyBnpqQ++899ycc2EjE+3dT56kUFTOCR/7c= Subject key identifier: 0F:B3:EE:0A:58:11:CF:08:16:F8:2F:50:24:AF:FD:6D:33:06:0E:AC Authority key identifier: 0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C Certificate issuer: /CN=0daedae59d9c9af51ef548afb0c96438cef7211c Certificate serial: 019B202B730FCE55F28525DE432658AA32FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft Manifest number: 1776 Signing time: Mon 15 Dec 2025 04:01:16 +0000 Manifest this update: Mon 15 Dec 2025 04:01:16 +0000 Manifest next update: Tue 16 Dec 2025 04:01:16 +0000 Files and hashes: 1: Da7a5Z2cmvUe9UivsMlkOM73IRw.crl (hash: OxsELcnhHYUDbTOwWHu1CYMPCKsRT36HOR11KqwoTKI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 04:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:2b:73:0f:ce:55:f2:85:25:de:43:26:58:aa:32:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0daedae59d9c9af51ef548afb0c96438cef7211c Validity Not Before: Dec 15 04:01:16 2025 GMT Not After : Dec 16 04:01:16 2025 GMT Subject: CN=0fb3ee0a5811cf0816f82f5024affd6d33060eac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:26:2b:92:c5:26:ed:ea:a3:1d:17:d9:37:d4: 08:b7:bf:db:03:30:1c:8d:cc:37:53:94:f3:df:5d: e3:bc:8e:a9:cb:59:8e:36:89:84:86:bc:64:58:da: 71:4f:b4:2f:88:f2:03:b1:e9:b1:38:4d:f2:c3:56: 7b:6e:07:f3:58:6b:b3:35:c7:ea:76:4b:4d:a8:75: 2c:4d:a2:97:1f:39:89:49:cb:bd:cf:0e:db:fe:13: ec:31:f0:2d:2e:a0:93:be:da:3a:00:04:c5:80:aa: be:aa:07:cd:17:5a:f8:c9:00:68:6f:27:94:b2:92: 22:b9:cb:75:55:99:c3:be:46:12:39:98:54:de:68: dd:b3:7b:35:27:71:81:c1:26:d1:83:f7:88:b6:ff: 28:80:89:b9:f5:30:18:03:c6:8c:c3:72:43:5d:d3: 0c:3b:eb:2a:f6:68:66:32:ff:ae:8f:97:04:74:e8: 4c:38:1a:0b:f1:d8:c4:5c:63:db:94:c5:1b:32:75: 21:b1:3a:4b:d9:27:23:f3:47:87:e5:fe:35:97:37: 35:75:31:d6:e8:2b:70:5c:86:eb:31:3c:a0:b1:94: 02:b3:47:cf:5c:99:53:e5:03:6b:64:6b:41:6f:40: 27:1d:48:81:23:cd:70:f5:60:5f:0e:31:d5:ce:bf: 45:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:B3:EE:0A:58:11:CF:08:16:F8:2F:50:24:AF:FD:6D:33:06:0E:AC X509v3 Authority Key Identifier: keyid:0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:e2:a2:fb:72:5d:cb:28:8e:8c:db:19:e6:d4:c7:55:af:4a: 16:0f:85:e7:1d:9c:40:7c:bf:35:99:b5:80:50:67:98:f4:8b: 43:04:f0:50:c6:f4:ef:5a:0b:42:df:d2:31:7b:d6:9a:85:9d: 19:91:b1:cc:87:25:6a:73:49:b3:a5:4e:38:87:f7:bc:b6:83: c5:cf:dc:c6:c2:ee:c7:22:49:e0:69:83:03:88:14:5b:f5:02: 61:bb:31:fd:b7:1c:ed:b6:64:87:f2:1f:2e:01:f3:f5:4e:00: 43:15:a4:c2:0f:16:d2:92:b9:8e:5a:95:80:30:9e:dc:a5:d6: de:ce:2a:29:b6:aa:05:b5:84:1b:0b:11:b3:84:56:7e:f3:3f: 28:83:ed:f5:4d:dd:8a:b3:bc:ea:45:92:e4:88:5a:be:39:ae: 53:c5:5d:14:a5:b7:4d:72:de:3e:e7:f0:0a:f6:00:e9:f3:34: 4c:da:25:c0:81:bf:11:7a:57:ea:a1:a9:f3:e5:0e:77:45:0e: 27:c2:7b:c0:45:03:88:df:21:95:88:9e:32:08:b1:dd:11:bd: b4:32:f7:d8:4f:06:9a:57:43:9a:1d:5a:aa:ff:06:20:15:91: df:9c:c5:60:2e:d6:0b:c2:a9:9f:8b:12:97:e6:b6:b9:11:a5: 65:11:b7:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgK3MPzlXyhSXeQyZYqjL9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkYWVkYWU1OWQ5YzlhZjUxZWY1NDhhZmIwYzk2NDM4Y2Vm NzIxMWMwHhcNMjUxMjE1MDQwMTE2WhcNMjUxMjE2MDQwMTE2WjAzMTEwLwYDVQQD EygwZmIzZWUwYTU4MTFjZjA4MTZmODJmNTAyNGFmZmQ2ZDMzMDYwZWFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySYrksUm7eqjHRfZN9QIt7/bAzAc jcw3U5Tz313jvI6py1mONomEhrxkWNpxT7QviPIDsemxOE3yw1Z7bgfzWGuzNcfq dktNqHUsTaKXHzmJScu9zw7b/hPsMfAtLqCTvto6AATFgKq+qgfNF1r4yQBobyeU spIiuct1VZnDvkYSOZhU3mjds3s1J3GBwSbRg/eItv8ogIm59TAYA8aMw3JDXdMM O+sq9mhmMv+uj5cEdOhMOBoL8djEXGPblMUbMnUhsTpL2Scj80eH5f41lzc1dTHW 6CtwXIbrMTygsZQCs0fPXJlT5QNrZGtBb0AnHUiBI81w9WBfDjHVzr9FyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA+z7gpYEc8IFvgvUCSv/W0zBg6sMB8GA1UdIwQY MBaAFA2u2uWdnJr1HvVIr7DJZDjO9yEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDIt ZTdlYjgxN2VkZTMwLzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDItZTdlYjgxN2VkZTMw LzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO+Ki+3Jd yyiOjNsZ5tTHVa9KFg+F5x2cQHy/NZm1gFBnmPSLQwTwUMb071oLQt/SMXvWmoWd GZGxzIclanNJs6VOOIf3vLaDxc/cxsLuxyJJ4GmDA4gUW/UCYbsx/bcc7bZkh/If LgHz9U4AQxWkwg8W0pK5jlqVgDCe3KXW3s4qKbaqBbWEGwsRs4RWfvM/KIPt9U3d irO86kWS5IhavjmuU8VdFKW3TXLePufwCvYA6fM0TNolwIG/EXpX6qGp8+UOd0UO J8J7wEUDiN8hlYieMgix3RG9tDL32E8GmldDmh1aqv8GIBWR35zFYC7WC8Kpn4sS l+a2uRGlZRG3CQ== -----END CERTIFICATE-----Generated at Mon Dec 15 13:16:57 2025 by rpki-client