This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft File: 0DjDOLEo-Drewvadk8MsU1PKA5g.mft (raw, json) Hash identifier: 2rAgaOuPv1vhbUPfpKDxbMcR7INIBuruEJfszy6s9+E= Subject key identifier: 78:9B:2C:2C:C4:4C:84:D2:3C:F2:2A:1F:00:FA:58:8F:4F:EE:4E:4F Authority key identifier: D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98 Certificate issuer: /CN=d038c338b128f83adec2f69d93c32c5353ca0398 Certificate serial: 019B3BA2522B6E4A05A80796F4D1DFC641B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft Manifest number: 1424 Signing time: Sat 20 Dec 2025 12:00:52 +0000 Manifest this update: Sat 20 Dec 2025 12:00:52 +0000 Manifest next update: Sun 21 Dec 2025 12:00:52 +0000 Files and hashes: 1: 0DjDOLEo-Drewvadk8MsU1PKA5g.crl (hash: ED+W4eUeMsW2KPhOvldRLheRK1PAHei+OHJ9Yyktpec=) 2: 7PD1wIgjrZ9T9-fQhjLFUrZGUJE.roa (hash: 8HGos2aeHkG0saEvUQyEseTwmsTJnTnE4JuY9jxzUVo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:52:2b:6e:4a:05:a8:07:96:f4:d1:df:c6:41:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d038c338b128f83adec2f69d93c32c5353ca0398 Validity Not Before: Dec 20 12:00:52 2025 GMT Not After : Dec 21 12:00:52 2025 GMT Subject: CN=789b2c2cc44c84d23cf22a1f00fa588f4fee4e4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f4:31:c1:fb:e6:01:e7:a6:99:e8:06:95:d0: e1:a2:1b:4c:74:db:85:22:9d:b7:9e:1f:c7:ed:28: 75:04:8e:08:ec:d7:bc:6f:ca:67:a2:06:91:8c:5e: 23:b9:61:28:35:57:4c:4c:95:c7:44:f2:1c:e8:a5: da:5c:81:15:2d:9e:95:b1:bd:79:8f:25:d3:83:1b: 24:a3:c7:ed:dd:75:3c:7f:0f:4e:aa:ac:dd:d4:d5: 58:0c:43:a7:63:ea:21:ca:1e:2c:2e:b8:d7:1a:1e: 8f:1c:09:38:c3:11:38:08:1c:ef:7d:77:74:b4:2d: 3e:d1:7b:b3:b3:13:c5:c7:db:bb:8f:90:96:87:aa: 8f:aa:e7:43:df:ed:9e:a8:38:a3:b1:3e:63:7f:82: fa:43:c7:87:06:6b:30:2c:2f:7e:51:06:48:d0:48: ef:59:8d:cd:1f:e4:3f:5c:99:ca:b7:0b:a2:f6:68: f9:55:b6:2f:42:f8:78:a7:0d:a0:2f:9e:62:a8:cd: 49:5a:e6:ad:40:cf:35:90:ba:6e:c8:c0:99:4e:4b: 69:c3:6a:0c:8a:11:63:26:86:f1:55:2b:bb:7a:45: 23:bf:dc:ec:9e:57:14:7c:3c:63:64:16:a5:81:5a: d2:59:28:ad:38:dc:e4:77:fa:36:3d:9e:7a:04:f2: 6e:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:9B:2C:2C:C4:4C:84:D2:3C:F2:2A:1F:00:FA:58:8F:4F:EE:4E:4F X509v3 Authority Key Identifier: keyid:D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:1f:e1:7d:d7:95:46:d6:de:e0:20:cd:e7:d3:e4:3e:69:b6: a9:b0:64:de:1a:78:ce:79:93:20:0a:b2:1c:ea:d1:0a:1c:d1: b0:44:78:17:de:16:60:7f:d8:62:4b:1e:4b:4d:4b:39:59:2b: 81:74:5d:24:b0:3e:b8:0d:7b:a7:70:48:6d:10:91:25:3c:85: e9:cf:3d:e4:b0:44:fa:40:a2:9d:e7:a8:23:c5:b8:7d:cb:62: 6a:e2:4a:77:c3:80:08:47:31:6b:54:cd:27:26:5b:b8:f0:14: 2b:ef:e6:c3:9a:00:11:cf:e9:04:db:8c:b2:e8:f0:02:c0:e0: e0:6d:62:99:a1:ce:d3:8a:df:aa:3d:39:3c:95:98:07:76:f2: ab:4e:c1:66:72:ff:80:2a:5e:02:4a:23:83:5c:15:dd:40:1a: 81:fa:70:bb:dc:24:70:9b:a5:28:8c:ed:72:f7:d2:32:c1:a7: 16:21:be:79:41:59:26:f7:d6:d0:d5:e8:5e:13:97:b8:9d:2a: 44:74:37:f4:53:cd:f0:88:87:f2:c3:52:05:6e:66:75:3b:c6: fe:85:f1:02:0f:27:af:73:6d:a5:d1:86:80:c0:9e:2b:f4:3b: e2:39:f7:2f:1e:08:f8:74:bf:9a:13:c9:7e:c7:17:e7:31:16: 3b:21:fc:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7olIrbkoFqAeW9NHfxkGxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMzhjMzM4YjEyOGY4M2FkZWMyZjY5ZDkzYzMyYzUzNTNj YTAzOTgwHhcNMjUxMjIwMTIwMDUyWhcNMjUxMjIxMTIwMDUyWjAzMTEwLwYDVQQD Eyg3ODliMmMyY2M0NGM4NGQyM2NmMjJhMWYwMGZhNTg4ZjRmZWU0ZTRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vQxwfvmAeemmegGldDhohtMdNuF Ip23nh/H7Sh1BI4I7Ne8b8pnogaRjF4juWEoNVdMTJXHRPIc6KXaXIEVLZ6Vsb15 jyXTgxsko8ft3XU8fw9Oqqzd1NVYDEOnY+ohyh4sLrjXGh6PHAk4wxE4CBzvfXd0 tC0+0XuzsxPFx9u7j5CWh6qPqudD3+2eqDijsT5jf4L6Q8eHBmswLC9+UQZI0Ejv WY3NH+Q/XJnKtwui9mj5VbYvQvh4pw2gL55iqM1JWuatQM81kLpuyMCZTktpw2oM ihFjJobxVSu7ekUjv9zsnlcUfDxjZBalgVrSWSitONzkd/o2PZ56BPJuvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHibLCzETITSPPIqHwD6WI9P7k5PMB8GA1UdIwQY MBaAFNA4wzixKPg63sL2nZPDLFNTygOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDkt OWJmOGIxZWYyZTk2LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDktOWJmOGIxZWYyZTk2 LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtB/hfdeV Rtbe4CDN59PkPmm2qbBk3hp4znmTIAqyHOrRChzRsER4F94WYH/YYkseS01LOVkr gXRdJLA+uA17p3BIbRCRJTyF6c895LBE+kCineeoI8W4fctiauJKd8OACEcxa1TN JyZbuPAUK+/mw5oAEc/pBNuMsujwAsDg4G1imaHO04rfqj05PJWYB3byq07BZnL/ gCpeAkojg1wV3UAagfpwu9wkcJulKIztcvfSMsGnFiG+eUFZJvfW0NXoXhOXuJ0q RHQ39FPN8IiH8sNSBW5mdTvG/oXxAg8nr3NtpdGGgMCeK/Q74jn3Lx4I+HS/mhPJ fscX5zEWOyH8PA== -----END CERTIFICATE-----Generated at Sat Dec 20 16:16:29 2025 by rpki-client