This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft File: d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json) Hash identifier: pDcrl4sROv7udQC90d2pgXHx79fa7YyAdkoWkrVKk1k= Subject key identifier: 92:BC:07:BB:B3:6B:F8:87:0D:07:D7:4A:82:59:04:9D:89:A4:67:09 Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC Certificate issuer: /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc Certificate serial: 019B4DE0EC8ECA5B5FDBF0129FE38DFC5155 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft Manifest number: 09BA Signing time: Wed 24 Dec 2025 01:02:24 +0000 Manifest this update: Wed 24 Dec 2025 01:02:24 +0000 Manifest next update: Thu 25 Dec 2025 01:02:24 +0000 Files and hashes: 1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: +1Y31ygbQ2RXwIRcNRYbEOx6IU0HdmO8THQeinyyVA0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 01:02:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:e0:ec:8e:ca:5b:5f:db:f0:12:9f:e3:8d:fc:51:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc Validity Not Before: Dec 24 01:02:24 2025 GMT Not After : Dec 25 01:02:24 2025 GMT Subject: CN=92bc07bbb36bf8870d07d74a8259049d89a46709 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:59:4a:1e:37:4d:70:5f:ef:3d:d1:9f:1e:6a: a1:4b:19:65:ed:5c:29:69:c4:09:82:99:0a:60:7f: 9e:24:48:f9:c3:4a:91:0f:99:8d:7c:77:62:23:40: 7d:bb:1e:26:fa:62:38:8a:0e:99:96:46:cc:cd:b1: d9:8e:d6:dd:a6:12:a3:06:97:c0:69:81:5b:fe:76: 74:fd:9c:23:f0:8b:60:45:35:6e:f5:35:a9:9d:e0: 00:58:ba:b9:ae:00:2a:54:97:e2:71:fa:f7:7a:15: 37:11:64:15:1d:64:11:2d:9a:b4:9d:34:2e:87:77: 8c:02:52:92:11:8a:83:1f:41:fe:cf:a1:41:20:bf: 7e:83:18:5f:1d:87:dc:59:b2:82:ee:d6:dd:74:9a: 17:f1:7e:62:05:77:59:ff:d6:2d:79:94:20:97:74: 09:da:47:70:2b:27:e0:64:ec:19:9c:95:da:6e:bb: f3:ad:aa:5d:18:3e:64:a7:b3:cc:3f:e4:b5:f4:71: 25:e4:9d:68:25:9c:4e:56:4e:b6:aa:f1:4c:eb:93: 9f:8a:84:1e:fe:cc:4b:6d:6f:54:24:be:61:91:07: bf:41:ea:51:9d:77:b8:d9:3f:b3:9f:76:eb:a2:1d: 66:bf:1f:ca:4b:a3:27:7e:be:5a:a8:60:f5:26:34: 26:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:BC:07:BB:B3:6B:F8:87:0D:07:D7:4A:82:59:04:9D:89:A4:67:09 X509v3 Authority Key Identifier: keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:b2:da:c2:a8:b2:e6:ce:2a:63:f4:01:8e:c8:4f:b3:ba:8b: bf:f9:c4:6a:6b:63:b5:5d:2e:ea:7b:03:59:0d:26:e7:87:fd: 92:ec:af:c3:24:aa:87:57:ca:dd:7b:f3:57:32:ad:63:31:6c: b1:9b:5d:aa:59:eb:fb:ad:d5:a1:fc:94:51:be:50:b7:5c:59: eb:6a:97:d2:8e:c0:0a:f1:f6:bb:bb:8f:58:49:7b:14:55:4c: bf:e6:64:20:9c:46:9b:10:c5:4d:a9:04:ad:a8:a0:d2:cb:f1: 05:91:25:8b:be:9c:7a:52:d7:0a:c5:f8:c9:c7:07:eb:80:ba: 50:0c:d7:94:fd:f3:53:a5:b8:66:75:18:3f:aa:46:ae:85:6a: ea:e2:2f:b7:c8:85:8d:e0:d9:8f:56:67:06:c5:38:1a:bf:5b: 78:12:7e:f0:2b:2b:2c:54:d3:17:cf:ff:53:e9:a9:04:b2:08: 85:be:45:6b:40:bf:73:5b:2e:38:8c:62:98:fd:f3:59:ca:93: 23:d0:63:44:eb:a8:93:b8:8c:bc:21:a3:ff:8b:d8:9f:22:ed: 3b:33:f2:f4:65:c0:2b:fc:87:20:f2:c9:d3:6c:de:95:ac:f7: 70:e2:23:0a:8a:1b:cf:eb:1d:16:03:a8:3f:15:fa:88:80:1c: bd:c5:b4:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtN4OyOyltf2/ASn+ON/FFVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj MmQ2ZmMwHhcNMjUxMjI0MDEwMjI0WhcNMjUxMjI1MDEwMjI0WjAzMTEwLwYDVQQD Eyg5MmJjMDdiYmIzNmJmODg3MGQwN2Q3NGE4MjU5MDQ5ZDg5YTQ2NzA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1llKHjdNcF/vPdGfHmqhSxll7Vwp acQJgpkKYH+eJEj5w0qRD5mNfHdiI0B9ux4m+mI4ig6ZlkbMzbHZjtbdphKjBpfA aYFb/nZ0/Zwj8ItgRTVu9TWpneAAWLq5rgAqVJficfr3ehU3EWQVHWQRLZq0nTQu h3eMAlKSEYqDH0H+z6FBIL9+gxhfHYfcWbKC7tbddJoX8X5iBXdZ/9YteZQgl3QJ 2kdwKyfgZOwZnJXabrvzrapdGD5kp7PMP+S19HEl5J1oJZxOVk62qvFM65OfioQe /sxLbW9UJL5hkQe/QepRnXe42T+zn3broh1mvx/KS6Mnfr5aqGD1JjQmyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJK8B7uza/iHDQfXSoJZBJ2JpGcJMB8GA1UdIwQY MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq7Lawqiy 5s4qY/QBjshPs7qLv/nEamtjtV0u6nsDWQ0m54f9kuyvwySqh1fK3XvzVzKtYzFs sZtdqlnr+63VofyUUb5Qt1xZ62qX0o7ACvH2u7uPWEl7FFVMv+ZkIJxGmxDFTakE raig0svxBZEli76celLXCsX4yccH64C6UAzXlP3zU6W4ZnUYP6pGroVq6uIvt8iF jeDZj1ZnBsU4Gr9beBJ+8CsrLFTTF8//U+mpBLIIhb5Fa0C/c1suOIximP3zWcqT I9BjROuok7iMvCGj/4vYnyLtOzPy9GXAK/yHIPLJ02zelaz3cOIjCoobz+sdFgOo PxX6iIAcvcW0Qg== -----END CERTIFICATE-----Generated at Wed Dec 24 10:37:16 2025 by rpki-client