This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft File: DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json) Hash identifier: xakgkTeE6Q1JY588ZDooJTj4pxgweAUV7nqPqJtCPqg= Subject key identifier: 80:AE:DC:73:F5:BD:7F:13:6F:00:1E:F9:27:FB:BA:04:C8:BA:41:1E Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90 Certificate issuer: /CN=0e85fd3c9f9558b218022ff409fc554faee79090 Certificate serial: 019B337AD9B8476409828658DBAE7139379F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft Manifest number: 1780 Signing time: Thu 18 Dec 2025 22:00:47 +0000 Manifest this update: Thu 18 Dec 2025 22:00:47 +0000 Manifest next update: Fri 19 Dec 2025 22:00:47 +0000 Files and hashes: 1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: GcCNMxcLRyXjwA0RfDBSzsk898stD1F0Mgswh9fjjbA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7a:d9:b8:47:64:09:82:86:58:db:ae:71:39:37:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090 Validity Not Before: Dec 18 22:00:47 2025 GMT Not After : Dec 19 22:00:47 2025 GMT Subject: CN=80aedc73f5bd7f136f001ef927fbba04c8ba411e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0a:36:6f:5c:2c:da:b4:55:90:c0:60:6f:d8: 78:ea:48:1e:0f:88:cc:19:00:b4:56:52:21:aa:fe: 0f:f2:cb:ea:8f:7a:bf:1c:8c:17:db:31:5b:df:ea: 2a:4c:d7:20:8f:8a:8f:cd:44:0e:69:bc:df:18:e9: 9c:d6:f4:ab:5b:17:18:72:96:27:3f:1a:e2:7b:a1: c3:b8:6a:07:7d:e6:72:ae:e9:16:2a:a5:be:42:0e: 2d:ea:be:37:fc:27:a8:7f:37:de:2d:3a:f3:7e:50: 4c:df:35:a8:ad:b3:c6:83:45:b5:7e:7f:0d:52:bc: 43:c4:9c:42:d0:76:2c:0c:52:2b:e8:94:79:17:91: 4c:65:e2:e1:91:a7:89:e8:cb:10:cb:10:28:af:86: 48:80:62:6c:e5:70:18:34:f5:06:d2:ce:f0:52:fa: d6:7e:ad:18:08:2a:da:60:f9:06:d3:c7:6d:2e:1b: f5:83:e4:1b:a1:70:cf:09:fb:3e:51:d4:3b:47:38: 53:4f:19:b5:e4:06:6a:b3:c5:1e:5a:b7:78:fa:cc: 3a:b3:b2:52:74:81:c1:e6:c4:a9:1b:5f:61:a3:08: 31:85:d7:b1:d6:d3:eb:63:8f:b3:f1:82:11:1e:e1: c9:66:fa:aa:cd:91:43:2c:71:6b:1a:1a:98:f8:39: bf:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:AE:DC:73:F5:BD:7F:13:6F:00:1E:F9:27:FB:BA:04:C8:BA:41:1E X509v3 Authority Key Identifier: keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:be:29:69:8e:35:11:f0:50:60:51:d9:6a:cf:23:c6:3a:7d: fc:ad:96:79:49:df:d1:d7:a8:96:e5:f9:fe:a2:5f:68:c7:12: ed:82:26:40:71:19:9c:ba:1d:d6:25:f5:00:7e:44:9d:b8:65: e2:e3:4e:7f:7f:b9:82:c8:0f:e9:ea:6c:66:89:5d:a1:9e:a8: 94:9e:d1:c9:40:25:8c:12:1b:2f:74:92:ff:c7:7c:cf:41:85: 68:e3:2c:1f:d2:40:4c:f5:d5:7b:56:e9:a0:e9:b7:b9:fa:66: 7d:b4:92:5b:62:43:7b:1d:5e:3a:a3:81:88:b5:28:dd:c1:19: 0c:b2:ea:10:b2:0f:b3:3b:a8:30:c2:af:a4:05:6c:ab:70:6b: 52:ca:fb:b7:e0:37:cd:77:c2:1a:3b:0c:a0:ba:1f:bd:69:5c: 0f:30:f4:a4:e7:ca:5d:88:2b:69:cc:ef:0f:ff:0a:7a:f0:b0: 84:6f:21:67:b4:d1:08:5f:79:e9:cb:e6:04:57:b7:dc:0d:11: 6d:b8:57:ac:f1:6c:e5:5e:36:a1:ba:6e:38:2c:62:16:51:b5: 32:d8:f4:67:a4:96:ca:9b:78:fe:06:53:50:81:cf:aa:74:f8: 27:e4:e7:75:2a:7b:a5:cd:7b:56:82:a4:d4:d8:cb:0c:df:9b: 88:b2:ac:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszetm4R2QJgoZY265xOTefMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl NzkwOTAwHhcNMjUxMjE4MjIwMDQ3WhcNMjUxMjE5MjIwMDQ3WjAzMTEwLwYDVQQD Eyg4MGFlZGM3M2Y1YmQ3ZjEzNmYwMDFlZjkyN2ZiYmEwNGM4YmE0MTFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgo2b1ws2rRVkMBgb9h46kgeD4jM GQC0VlIhqv4P8svqj3q/HIwX2zFb3+oqTNcgj4qPzUQOabzfGOmc1vSrWxcYcpYn Pxrie6HDuGoHfeZyrukWKqW+Qg4t6r43/CeofzfeLTrzflBM3zWorbPGg0W1fn8N UrxDxJxC0HYsDFIr6JR5F5FMZeLhkaeJ6MsQyxAor4ZIgGJs5XAYNPUG0s7wUvrW fq0YCCraYPkG08dtLhv1g+QboXDPCfs+UdQ7RzhTTxm15AZqs8UeWrd4+sw6s7JS dIHB5sSpG19howgxhdex1tPrY4+z8YIRHuHJZvqqzZFDLHFrGhqY+Dm/1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFICu3HP1vX8TbwAe+Sf7ugTIukEeMB8GA1UdIwQY MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI74paY41 EfBQYFHZas8jxjp9/K2WeUnf0deoluX5/qJfaMcS7YImQHEZnLod1iX1AH5Enbhl 4uNOf3+5gsgP6epsZoldoZ6olJ7RyUAljBIbL3SS/8d8z0GFaOMsH9JATPXVe1bp oOm3ufpmfbSSW2JDex1eOqOBiLUo3cEZDLLqELIPszuoMMKvpAVsq3BrUsr7t+A3 zXfCGjsMoLofvWlcDzD0pOfKXYgraczvD/8KevCwhG8hZ7TRCF956cvmBFe33A0R bbhXrPFs5V42obpuOCxiFlG1Mtj0Z6SWypt4/gZTUIHPqnT4J+TndSp7pc17VoKk 1NjLDN+biLKsWA== -----END CERTIFICATE-----Generated at Fri Dec 19 00:14:44 2025 by rpki-client