This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft File: dQRxYHUyqMev1g1PMXqtxJDrogY.mft (raw, json) Hash identifier: cEfFEcfWWMxXOKiyFiH3CwtIw8zYcaZKwrD0h1Tr+tU= Subject key identifier: 81:29:31:BF:22:88:64:BB:74:A1:B8:26:BC:3A:1F:4F:71:1C:3D:50 Authority key identifier: 75:04:71:60:75:32:A8:C7:AF:D6:0D:4F:31:7A:AD:C4:90:EB:A2:06 Certificate issuer: /CN=750471607532a8c7afd60d4f317aadc490eba206 Certificate serial: 019B785C0CCFBCDF88C4B19144F792C2FA00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQRxYHUyqMev1g1PMXqtxJDrogY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft Manifest number: 17A3 Signing time: Thu 01 Jan 2026 07:00:56 +0000 Manifest this update: Thu 01 Jan 2026 07:00:56 +0000 Manifest next update: Fri 02 Jan 2026 07:00:56 +0000 Files and hashes: 1: dQRxYHUyqMev1g1PMXqtxJDrogY.crl (hash: CFjka6qQMpPTFbkL6siikMjiLcwIkHQgCDKwm6F+T1Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.crl rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft rsync://rpki.ripe.net/repository/DEFAULT/dQRxYHUyqMev1g1PMXqtxJDrogY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 07:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:5c:0c:cf:bc:df:88:c4:b1:91:44:f7:92:c2:fa:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=750471607532a8c7afd60d4f317aadc490eba206 Validity Not Before: Jan 1 07:00:56 2026 GMT Not After : Jan 2 07:00:56 2026 GMT Subject: CN=812931bf228864bb74a1b826bc3a1f4f711c3d50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ac:5e:ca:31:00:fa:c3:fe:6b:06:8c:49:39: 16:94:f3:6c:ac:14:c5:6b:28:4d:fa:63:6b:bd:f4: b4:d3:5e:7a:37:cc:74:95:68:1b:6c:f8:72:14:93: b1:b9:f4:ac:e5:35:8b:28:7b:42:cc:13:be:38:b8: 54:ac:f6:0c:54:f6:61:9c:8a:41:b3:52:48:3b:3c: c0:b9:52:d2:d3:43:c0:be:43:a4:0a:00:3d:ee:af: f4:e5:6a:13:1c:2e:ea:2a:f0:82:c5:30:0d:03:d4: 1a:05:99:57:56:a1:75:9b:62:83:7c:ba:26:b1:1e: 07:af:cd:18:6f:2d:51:e6:c6:e2:a4:b9:5b:1a:81: 56:00:49:31:48:9c:98:40:71:e0:76:6a:7c:27:fb: c8:98:a6:24:c6:7e:04:7c:a1:2f:55:f9:e3:27:38: 2b:ca:27:08:63:22:51:e8:9c:da:96:62:03:a7:70: 48:6b:29:ac:f0:a2:a7:ff:17:0f:e1:7c:68:84:12: c5:28:dc:e5:b8:a5:40:d4:9a:f8:1b:6a:88:65:80: 5b:b2:f4:06:5a:71:2f:61:a8:0e:ec:d3:d6:bc:35: b1:d1:1a:30:3c:d7:30:1a:9b:42:66:c1:d0:19:7b: b8:35:25:39:69:83:4a:10:93:c3:4d:ef:64:82:3c: cc:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:29:31:BF:22:88:64:BB:74:A1:B8:26:BC:3A:1F:4F:71:1C:3D:50 X509v3 Authority Key Identifier: keyid:75:04:71:60:75:32:A8:C7:AF:D6:0D:4F:31:7A:AD:C4:90:EB:A2:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQRxYHUyqMev1g1PMXqtxJDrogY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/dfa6a1-1e4c-49ff-a480-274232d69505/1/dQRxYHUyqMev1g1PMXqtxJDrogY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:b0:1a:31:2a:53:ef:ff:b1:a5:4b:1a:d3:54:8f:08:85:5e: ab:13:60:ed:4a:77:38:61:21:f7:d7:2e:70:cc:13:f6:30:82: 88:2c:c4:27:6f:e2:ed:9d:c4:e8:56:ee:77:bb:9f:2e:b6:e2: f5:23:4c:10:7c:4b:9a:20:e2:d4:67:91:d4:0f:ca:4a:96:94: 44:9b:4c:70:10:64:84:98:ce:f2:ef:c5:1b:97:97:a5:34:ea: 70:58:f0:20:a3:6b:90:5a:d1:a1:55:7e:76:83:77:46:06:28: 76:c3:55:d5:fa:a5:d7:8e:87:22:07:ac:78:77:3b:24:b9:2c: 2c:6d:74:cb:12:64:3e:44:7a:c1:41:40:b6:2d:77:9f:68:5b: 06:b6:d2:29:cf:ee:a8:7b:03:c4:00:f6:8f:c2:f7:b1:dd:e2: bb:0f:5c:ca:6c:06:8e:9c:ac:4e:a3:72:6b:32:a1:aa:b8:8d: b1:d5:76:f1:6d:86:f5:75:ec:8a:89:69:e9:88:1a:34:b5:5c: 08:a4:83:0c:de:1d:9a:e9:96:65:7b:86:ce:67:50:f5:c8:0e: 87:48:08:3f:b8:ea:06:64:bf:a3:84:71:2e:33:8c:92:22:97: 08:5e:53:81:d5:60:a5:0f:a9:c3:56:86:41:81:ad:89:06:e5: d0:bb:7d:25 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt4XAzPvN+IxLGRRPeSwvoAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDQ3MTYwNzUzMmE4YzdhZmQ2MGQ0ZjMxN2FhZGM0OTBl YmEyMDYwHhcNMjYwMTAxMDcwMDU2WhcNMjYwMTAyMDcwMDU2WjAzMTEwLwYDVQQD Eyg4MTI5MzFiZjIyODg2NGJiNzRhMWI4MjZiYzNhMWY0ZjcxMWMzZDUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6xeyjEA+sP+awaMSTkWlPNsrBTF ayhN+mNrvfS00156N8x0lWgbbPhyFJOxufSs5TWLKHtCzBO+OLhUrPYMVPZhnIpB s1JIOzzAuVLS00PAvkOkCgA97q/05WoTHC7qKvCCxTANA9QaBZlXVqF1m2KDfLom sR4Hr80Yby1R5sbipLlbGoFWAEkxSJyYQHHgdmp8J/vImKYkxn4EfKEvVfnjJzgr yicIYyJR6JzalmIDp3BIayms8KKn/xcP4XxohBLFKNzluKVA1Jr4G2qIZYBbsvQG WnEvYagO7NPWvDWx0RowPNcwGptCZsHQGXu4NSU5aYNKEJPDTe9kgjzMSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIEpMb8iiGS7dKG4Jrw6H09xHD1QMB8GA1UdIwQY MBaAFHUEcWB1MqjHr9YNTzF6rcSQ66IGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFSeFlIVXlxTWV2MWcxUE1YcXR4SkRyb2dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kZmE2YTEtMWU0Yy00OWZmLWE0ODAt Mjc0MjMyZDY5NTA1LzEvZFFSeFlIVXlxTWV2MWcxUE1YcXR4SkRyb2dZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9kZmE2YTEtMWU0Yy00OWZmLWE0ODAtMjc0MjMyZDY5NTA1 LzEvZFFSeFlIVXlxTWV2MWcxUE1YcXR4SkRyb2dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLAaMSpT 7/+xpUsa01SPCIVeqxNg7Up3OGEh99cucMwT9jCCiCzEJ2/i7Z3E6Fbud7ufLrbi 9SNMEHxLmiDi1GeR1A/KSpaURJtMcBBkhJjO8u/FG5eXpTTqcFjwIKNrkFrRoVV+ doN3RgYodsNV1fql146HIgeseHc7JLksLG10yxJkPkR6wUFAti13n2hbBrbSKc/u qHsDxAD2j8L3sd3iuw9cymwGjpysTqNyazKhqriNsdV28W2G9XXsiolp6YgaNLVc CKSDDN4dmumWZXuGzmdQ9cgOh0gIP7jqBmS/o4RxLjOMkiKXCF5TgdVgpQ+pw1aG QYGtiQbl0Lt9JQ== -----END CERTIFICATE-----Generated at Thu Jan 1 15:57:37 2026 by rpki-client