This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft File: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json) Hash identifier: iBRHBDPuovRc1CFSSfceeYOQ7zzsQUlslOvT8RGGDd0= Subject key identifier: 51:28:C5:B4:AD:31:94:69:6C:A1:01:38:70:5B:7C:5B:0C:CB:58:0E Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8 Certificate issuer: /CN=0ddc509b4db35203ab616f4781f85dd5860443d8 Certificate serial: 019B70A266355464F213B4A12305B9269270 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft Manifest number: 14DB Signing time: Tue 30 Dec 2025 19:00:49 +0000 Manifest this update: Tue 30 Dec 2025 19:00:49 +0000 Manifest next update: Wed 31 Dec 2025 19:00:49 +0000 Files and hashes: 1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: 96yJMzzEM2c5/31df6phhMhyz8pgUysgLgYen7tzZvU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 19:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:70:a2:66:35:54:64:f2:13:b4:a1:23:05:b9:26:92:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8 Validity Not Before: Dec 30 19:00:49 2025 GMT Not After : Dec 31 19:00:49 2025 GMT Subject: CN=5128c5b4ad3194696ca10138705b7c5b0ccb580e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:91:38:58:22:3d:c1:8a:66:06:60:e5:29:6f: 6b:5d:5f:c0:5f:ed:de:2c:19:00:b4:d0:82:2e:29: 11:b6:7c:a5:73:6c:71:1e:5e:07:bb:39:91:24:6f: 5a:1c:3e:a7:e7:7e:fc:43:f4:87:ff:55:b2:4c:67: 0b:1c:e9:6b:08:f7:df:84:1e:84:d0:d7:b2:75:65: 50:fb:b9:39:44:c7:a1:0e:3c:6f:07:61:2a:00:e7: bd:af:07:24:ec:73:02:6e:78:93:a0:6c:63:f4:16: f3:5a:7a:41:76:94:9a:9e:82:32:1a:79:21:f0:3b: 85:3f:5c:08:78:a9:f7:71:84:27:52:ef:04:bd:10: eb:7f:db:aa:2a:b6:a8:a8:29:10:c0:0f:69:a8:6d: a6:e1:19:21:4c:e4:90:7c:83:f2:af:35:93:02:05: 30:28:59:97:89:42:ed:a2:9d:8d:ad:c0:72:fe:37: a9:ab:d4:92:db:a1:01:4f:d3:8c:a2:42:1d:68:3a: 4b:fa:cd:26:7a:87:e9:ee:16:7e:82:5d:be:99:65: 34:95:c7:39:9c:fd:ac:33:2a:8a:bd:29:01:64:4d: 4f:de:66:4b:e0:7f:4b:51:47:5d:18:f5:bf:42:22: 49:f5:be:99:a4:40:2d:8d:1a:7f:2e:c3:7f:d8:00: 13:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:28:C5:B4:AD:31:94:69:6C:A1:01:38:70:5B:7C:5B:0C:CB:58:0E X509v3 Authority Key Identifier: keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:f5:6c:f7:2b:60:de:fa:10:6f:c2:d4:ec:23:a2:bb:a8:9d: a9:59:46:61:1b:f3:e9:0d:1d:22:a3:95:55:c5:d8:44:98:81: 38:8c:dd:02:06:ed:9c:24:c4:fd:64:73:9e:1b:13:50:8a:ce: 51:0e:61:58:b4:ec:a8:d3:10:7d:03:d3:9a:99:f0:34:63:c8: 7b:57:58:6a:8d:a3:ac:7c:23:00:6f:a4:c4:dc:3c:5e:fd:5e: 28:db:25:12:8c:8f:02:5b:74:37:b6:40:cf:64:b6:b6:65:14: 68:49:84:d0:65:7a:14:63:95:ce:93:78:f9:cc:e3:a3:17:08: 47:a5:9f:26:69:ec:46:0e:7f:fc:b9:ec:46:99:64:a2:c5:97: e6:b4:7f:c6:76:52:ff:61:c3:eb:12:d0:31:99:6b:22:09:34: b9:6a:9d:a6:b7:cb:96:ce:87:20:e7:ee:46:aa:b0:6c:24:dc: fb:b5:ea:5e:9a:39:4a:9d:19:66:08:0b:a2:47:0f:1d:9c:62: 70:6b:4d:ed:e2:24:e2:5b:40:92:0c:d9:76:49:07:55:ad:99: f3:64:32:87:e4:11:ab:09:79:94:61:98:51:7b:65:e6:d5:bc: 89:d7:ee:0e:b9:16:af:ef:1c:fe:d2:c3:f7:77:f6:15:bd:e6: f8:ef:a8:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtwomY1VGTyE7ShIwW5JpJwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw NDQzZDgwHhcNMjUxMjMwMTkwMDQ5WhcNMjUxMjMxMTkwMDQ5WjAzMTEwLwYDVQQD Eyg1MTI4YzViNGFkMzE5NDY5NmNhMTAxMzg3MDViN2M1YjBjY2I1ODBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJE4WCI9wYpmBmDlKW9rXV/AX+3e LBkAtNCCLikRtnylc2xxHl4HuzmRJG9aHD6n5378Q/SH/1WyTGcLHOlrCPffhB6E 0NeydWVQ+7k5RMehDjxvB2EqAOe9rwck7HMCbniToGxj9BbzWnpBdpSanoIyGnkh 8DuFP1wIeKn3cYQnUu8EvRDrf9uqKraoqCkQwA9pqG2m4RkhTOSQfIPyrzWTAgUw KFmXiULtop2NrcBy/jepq9SS26EBT9OMokIdaDpL+s0meofp7hZ+gl2+mWU0lcc5 nP2sMyqKvSkBZE1P3mZL4H9LUUddGPW/QiJJ9b6ZpEAtjRp/LsN/2AAT/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFEoxbStMZRpbKEBOHBbfFsMy1gOMB8GA1UdIwQY MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvVs9ytg 3voQb8LU7COiu6idqVlGYRvz6Q0dIqOVVcXYRJiBOIzdAgbtnCTE/WRznhsTUIrO UQ5hWLTsqNMQfQPTmpnwNGPIe1dYao2jrHwjAG+kxNw8Xv1eKNslEoyPAlt0N7ZA z2S2tmUUaEmE0GV6FGOVzpN4+czjoxcIR6WfJmnsRg5//LnsRplkosWX5rR/xnZS /2HD6xLQMZlrIgk0uWqdprfLls6HIOfuRqqwbCTc+7XqXpo5Sp0ZZggLokcPHZxi cGtN7eIk4ltAkgzZdkkHVa2Z82Qyh+QRqwl5lGGYUXtl5tW8idfuDrkWr+8c/tLD 93f2Fb3m+O+oMg== -----END CERTIFICATE-----Generated at Wed Dec 31 03:44:02 2025 by rpki-client