This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft File: DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json) Hash identifier: PQMLVcS7pAlay+UIUIVhM9iBzDSQAcoLz4mwJh7vMwk= Subject key identifier: 12:EF:D3:4A:28:B1:73:DA:56:8E:B2:E2:43:E2:45:7C:D5:28:82:FB Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C Certificate issuer: /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c Certificate serial: 019B5305ED860CAD0655F3E0F1975C04D1BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft Manifest number: 1159 Signing time: Thu 25 Dec 2025 01:00:55 +0000 Manifest this update: Thu 25 Dec 2025 01:00:55 +0000 Manifest next update: Fri 26 Dec 2025 01:00:55 +0000 Files and hashes: 1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: bd1ti1onJK2lOv76msMGk/J5qcKKQeouSNxZWOCELQ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:05:ed:86:0c:ad:06:55:f3:e0:f1:97:5c:04:d1:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c Validity Not Before: Dec 25 01:00:55 2025 GMT Not After : Dec 26 01:00:55 2025 GMT Subject: CN=12efd34a28b173da568eb2e243e2457cd52882fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4f:74:31:ea:e9:a5:94:63:bd:c9:e3:b1:c9: 82:da:8a:0c:f7:f8:6f:85:59:8b:33:04:9e:e4:64: 19:9f:22:cc:2c:a0:64:43:df:49:f7:91:51:76:82: 2a:34:ec:23:61:a1:27:5f:8c:9a:76:96:2e:29:b5: 30:f7:25:97:86:c7:3d:ac:d9:a0:6a:50:70:96:39: 11:6a:88:63:a8:c7:01:69:f4:41:31:10:79:90:4e: 08:4e:f4:01:8c:48:dd:d9:fe:5c:f1:47:54:e8:e2: d7:1c:e9:6e:07:1d:6d:7f:cd:6c:ae:4f:ca:de:b3: 8d:3e:ff:92:fd:e0:cd:a9:cd:78:fe:00:cb:8c:72: 79:0f:06:3f:f5:d5:bd:d8:22:64:4f:44:c4:52:3c: 99:bd:1e:e1:51:fe:7d:90:59:db:dc:89:98:45:94: 0a:86:b8:ea:63:87:df:de:e9:a1:1e:96:01:70:1d: 5f:80:ed:e1:fd:54:52:76:e1:79:e8:a9:6d:c8:0f: 6c:d4:01:6e:43:16:1e:9f:f1:42:b1:4c:35:14:a5: ea:2b:43:be:b9:c2:69:ec:4b:ab:1d:82:91:38:d4: b8:45:ca:b8:5b:ba:07:7d:ff:19:9e:b2:38:d4:91: 92:e5:88:19:ca:2c:43:13:4d:8d:e5:d3:ea:bd:31: ef:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:EF:D3:4A:28:B1:73:DA:56:8E:B2:E2:43:E2:45:7C:D5:28:82:FB X509v3 Authority Key Identifier: keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:6c:be:0d:dc:24:c7:32:89:76:75:fd:f7:e7:7f:8b:11:3b: 72:fc:1d:a8:9c:2c:dc:00:a5:ff:91:a5:85:e9:dd:5a:e3:78: 84:ee:9c:71:02:f9:59:85:85:d3:e4:4c:10:d1:1d:1d:9a:25: 5f:47:8f:c8:d8:68:ad:56:b0:35:7f:b2:57:f4:9d:de:fc:6b: bf:46:2c:82:46:dc:ed:49:0f:a8:d3:ca:6f:50:01:db:58:01: e3:e1:fa:3f:26:ee:8a:d5:ac:1f:92:f9:14:06:6c:7e:27:31: 0d:47:9b:65:ad:de:f2:f6:26:68:4d:07:b5:be:69:a0:81:8a: 2b:eb:85:05:18:25:9a:a0:07:51:e1:bf:87:ec:39:61:0b:57: c4:d8:62:51:cd:b4:ce:30:6a:ca:09:ca:43:26:ea:d0:d2:6f: b8:0e:57:5e:a1:1e:fe:50:c8:6c:82:ee:10:c0:ad:a3:fa:34: e1:37:fb:7d:ad:30:21:b5:11:f5:ec:f6:9f:38:2e:05:68:89: 59:a8:33:3f:87:41:ad:c3:0d:ca:07:12:e3:a3:eb:4a:31:91: f2:ca:e5:02:bf:2f:ab:71:31:61:2a:87:ba:7c:c8:16:a7:35: 48:f3:c1:77:a3:e8:28:27:bd:c2:86:bb:66:0c:b7:84:3b:41: ba:4e:d4:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTBe2GDK0GVfPg8ZdcBNG+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw MzMzOGMwHhcNMjUxMjI1MDEwMDU1WhcNMjUxMjI2MDEwMDU1WjAzMTEwLwYDVQQD EygxMmVmZDM0YTI4YjE3M2RhNTY4ZWIyZTI0M2UyNDU3Y2Q1Mjg4MmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU90MerppZRjvcnjscmC2ooM9/hv hVmLMwSe5GQZnyLMLKBkQ99J95FRdoIqNOwjYaEnX4yadpYuKbUw9yWXhsc9rNmg alBwljkRaohjqMcBafRBMRB5kE4ITvQBjEjd2f5c8UdU6OLXHOluBx1tf81srk/K 3rONPv+S/eDNqc14/gDLjHJ5DwY/9dW92CJkT0TEUjyZvR7hUf59kFnb3ImYRZQK hrjqY4ff3umhHpYBcB1fgO3h/VRSduF56KltyA9s1AFuQxYen/FCsUw1FKXqK0O+ ucJp7EurHYKRONS4Rcq4W7oHff8ZnrI41JGS5YgZyixDE02N5dPqvTHvhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBLv00oosXPaVo6y4kPiRXzVKIL7MB8GA1UdIwQY MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFGy+Ddwk xzKJdnX99+d/ixE7cvwdqJws3ACl/5GlhendWuN4hO6ccQL5WYWF0+RMENEdHZol X0ePyNhorVawNX+yV/Sd3vxrv0Ysgkbc7UkPqNPKb1AB21gB4+H6PybuitWsH5L5 FAZsficxDUebZa3e8vYmaE0Htb5poIGKK+uFBRglmqAHUeG/h+w5YQtXxNhiUc20 zjBqygnKQybq0NJvuA5XXqEe/lDIbILuEMCto/o04Tf7fa0wIbUR9ez2nzguBWiJ WagzP4dBrcMNygcS46PrSjGR8srlAr8vq3ExYSqHunzIFqc1SPPBd6PoKCe9woa7 Zgy3hDtBuk7U3A== -----END CERTIFICATE-----Generated at Thu Dec 25 04:31:28 2025 by rpki-client