This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft File: dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft (raw, json) Hash identifier: cHpH1OtVfUh+QfB6mLqXrm2bcZZME4BqgtRY/iJqMJ0= Subject key identifier: 13:1C:82:47:20:54:0E:3E:E0:86:A9:61:7F:66:2D:89:E2:E9:04:DF Authority key identifier: 74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94 Certificate issuer: /CN=7422f985cb34a03c7c5581642c6d6eb432c83e94 Certificate serial: 019B95C2457A070B5D50174D2EE9E0494086 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft Manifest number: 0F8D Signing time: Wed 07 Jan 2026 00:01:35 +0000 Manifest this update: Wed 07 Jan 2026 00:01:35 +0000 Manifest next update: Thu 08 Jan 2026 00:01:35 +0000 Files and hashes: 1: dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl (hash: t5VSHW0qs/BYzVyBsAeES4ZIb7m05ZyNSB/c4Z/UDCE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 23:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:95:c2:45:7a:07:0b:5d:50:17:4d:2e:e9:e0:49:40:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7422f985cb34a03c7c5581642c6d6eb432c83e94 Validity Not Before: Jan 7 00:01:35 2026 GMT Not After : Jan 8 00:01:35 2026 GMT Subject: CN=131c824720540e3ee086a9617f662d89e2e904df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:bb:a4:e2:d5:4c:b5:7f:f4:4d:cd:37:61:d4: 66:e3:88:51:cf:22:ce:f1:8a:83:66:29:89:1e:8c: f6:0f:97:47:52:06:c5:aa:ce:2a:8d:2e:d0:4f:72: 59:26:b0:62:12:23:1b:29:70:71:77:a4:a5:e6:3f: 74:66:c4:04:14:9c:d0:68:8b:6b:e1:f5:2b:64:61: 81:25:b7:60:42:25:e1:d0:23:b0:63:f8:b9:26:a2: f7:e9:66:68:5f:bf:fc:5f:4d:54:7f:17:23:7a:88: 33:5f:4c:86:29:84:79:b1:8d:c5:f1:5e:4b:44:3c: b5:89:c6:30:86:51:22:48:d5:a8:ba:5a:a1:7d:3f: d3:63:7e:95:2c:af:1f:b0:d8:f2:e0:c8:61:d2:7b: 5b:8e:85:21:75:1f:49:66:da:4b:87:c6:5c:10:46: c3:d9:7b:79:6b:82:f7:02:60:ec:5a:de:eb:af:11: b2:b0:ca:f9:5d:29:98:8b:82:9a:95:48:c1:68:72: 95:63:ab:b5:22:ad:25:e3:48:6f:82:0b:37:dd:09: c8:8e:6e:3b:ab:f2:45:60:e6:e7:38:91:52:5b:48: bf:77:ea:32:93:bb:e8:e4:d6:e3:80:e4:d2:1a:c7: 2a:58:6f:7b:bd:a8:18:e4:26:4b:fa:03:cb:69:3d: 30:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:1C:82:47:20:54:0E:3E:E0:86:A9:61:7F:66:2D:89:E2:E9:04:DF X509v3 Authority Key Identifier: keyid:74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:b5:e1:62:0b:46:e8:9c:a5:75:33:8c:f1:fd:b3:91:53:95: 80:a7:c7:4b:35:d9:a9:bb:10:66:7d:20:38:f4:eb:6d:65:7a: a8:ec:fc:3e:d8:51:de:26:b9:fe:4c:af:c5:87:79:f5:15:01: 5f:62:a3:a5:53:94:be:5a:e6:0f:76:92:0e:ea:7f:cb:8d:50: 61:2c:da:0a:5d:67:f9:b3:a1:09:45:9e:d3:09:98:32:12:13: 0f:7a:d8:83:59:69:bf:06:4d:cb:9b:cf:3f:20:3f:11:b5:6b: 46:5a:ea:4f:b8:42:6f:03:3a:59:aa:9d:b5:4e:d8:90:cf:1d: d4:45:24:94:85:96:9a:83:9d:81:fb:32:d5:8a:fb:e2:a6:9b: 84:3a:57:95:09:72:39:41:a1:94:6a:66:f9:c6:b4:df:2f:a8: 8c:23:ca:99:6c:e2:ef:a4:69:3e:37:c5:30:31:68:30:08:f1: 78:96:8f:08:70:30:3c:65:00:97:61:7d:60:21:88:8d:02:3d: 58:1e:16:f2:f7:58:29:d5:72:04:9f:10:f3:0b:12:94:cd:d3: 2f:e3:0b:31:05:3f:af:39:2a:74:56:83:9a:ed:7c:fb:5b:51: 40:9d:fd:9c:0e:c0:c3:2a:ad:b6:16:c6:97:05:07:2d:80:ea: cc:4e:69:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuVwkV6BwtdUBdNLungSUCGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0MjJmOTg1Y2IzNGEwM2M3YzU1ODE2NDJjNmQ2ZWI0MzJj ODNlOTQwHhcNMjYwMTA3MDAwMTM1WhcNMjYwMTA4MDAwMTM1WjAzMTEwLwYDVQQD EygxMzFjODI0NzIwNTQwZTNlZTA4NmE5NjE3ZjY2MmQ4OWUyZTkwNGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7uk4tVMtX/0Tc03YdRm44hRzyLO 8YqDZimJHoz2D5dHUgbFqs4qjS7QT3JZJrBiEiMbKXBxd6Sl5j90ZsQEFJzQaItr 4fUrZGGBJbdgQiXh0COwY/i5JqL36WZoX7/8X01UfxcjeogzX0yGKYR5sY3F8V5L RDy1icYwhlEiSNWoulqhfT/TY36VLK8fsNjy4Mhh0ntbjoUhdR9JZtpLh8ZcEEbD 2Xt5a4L3AmDsWt7rrxGysMr5XSmYi4KalUjBaHKVY6u1Iq0l40hvggs33QnIjm47 q/JFYObnOJFSW0i/d+oyk7vo5NbjgOTSGscqWG97vagY5CZL+gPLaT0wlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBMcgkcgVA4+4IapYX9mLYni6QTfMB8GA1UdIwQY MBaAFHQi+YXLNKA8fFWBZCxtbrQyyD6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmIt NTE0MWZhMzkwODBhLzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmItNTE0MWZhMzkwODBh LzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArrXhYgtG 6JyldTOM8f2zkVOVgKfHSzXZqbsQZn0gOPTrbWV6qOz8PthR3ia5/kyvxYd59RUB X2KjpVOUvlrmD3aSDup/y41QYSzaCl1n+bOhCUWe0wmYMhITD3rYg1lpvwZNy5vP PyA/EbVrRlrqT7hCbwM6WaqdtU7YkM8d1EUklIWWmoOdgfsy1Yr74qabhDpXlQly OUGhlGpm+ca03y+ojCPKmWzi76RpPjfFMDFoMAjxeJaPCHAwPGUAl2F9YCGIjQI9 WB4W8vdYKdVyBJ8Q8wsSlM3TL+MLMQU/rzkqdFaDmu18+1tRQJ39nA7AwyqtthbG lwUHLYDqzE5pEg== -----END CERTIFICATE-----Generated at Wed Jan 7 06:58:28 2026 by rpki-client