This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft File: dzW3DconD8uOS5CStyADZBOPXfE.mft (raw, json) Hash identifier: jVvSst7elyayP+s9Ok+4zxLeH4AFUifV6HCtSZcCHiA= Subject key identifier: A1:33:F4:9C:C0:85:BD:94:6B:52:1D:79:F8:A7:CB:52:2D:88:46:F1 Authority key identifier: 77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1 Certificate issuer: /CN=7735b70dca270fcb8e4b9092b7200364138f5df1 Certificate serial: 019B2F30A06AB03725C50293F6F8FC27BA6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft Manifest number: 177F Signing time: Thu 18 Dec 2025 02:01:14 +0000 Manifest this update: Thu 18 Dec 2025 02:01:14 +0000 Manifest next update: Fri 19 Dec 2025 02:01:14 +0000 Files and hashes: 1: cpO-3YGSbutgQmx_vuZqosXyZC0.roa (hash: oUU6w2RYiSZAkqy6t99fzpKQ3+UD5p93LlQ8mpQ7YRk=) 2: dzW3DconD8uOS5CStyADZBOPXfE.crl (hash: qVFF0efWHxFYfSyoAbld3HMk5TjKnXwJFAmu3AKeimE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 02:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:30:a0:6a:b0:37:25:c5:02:93:f6:f8:fc:27:ba:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7735b70dca270fcb8e4b9092b7200364138f5df1 Validity Not Before: Dec 18 02:01:14 2025 GMT Not After : Dec 19 02:01:14 2025 GMT Subject: CN=a133f49cc085bd946b521d79f8a7cb522d8846f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b8:2d:5d:7c:6f:b1:51:53:55:14:20:0b:ef: ac:c2:61:12:c9:1a:62:db:6f:7b:97:dd:73:08:5b: f5:be:8e:af:4f:85:8c:b3:88:0d:e8:ef:86:2e:a3: 3a:9a:1b:21:31:cf:b4:5f:de:17:60:2b:5c:45:65: d4:17:30:3d:47:08:d7:2e:3b:47:6e:cb:10:98:ee: c1:a3:71:5d:5b:da:f5:c7:df:6a:58:7b:69:7f:7d: 8d:34:2b:4c:16:e4:d2:d0:b1:d8:55:19:54:7f:59: 8d:07:d4:55:4d:c2:3f:9f:e8:11:0e:53:a1:4f:0d: 21:df:7f:e8:e1:7e:7b:99:cb:64:36:9d:69:e0:99: 91:b3:86:12:2f:c3:95:5c:99:da:08:ac:56:1f:60: 91:ad:12:f6:45:82:6c:42:4d:d1:5e:70:63:bf:7c: e4:b1:45:0f:a2:bb:3d:ab:85:3b:ec:47:99:7e:92: e4:6c:5e:a5:8d:55:fe:18:74:a8:a0:b3:9f:2a:af: 85:c1:d4:17:a2:81:3a:e3:5a:de:e9:8a:52:de:f9: 0f:b7:4a:1c:b1:aa:01:4d:bc:27:bf:51:84:c0:24: f8:09:77:6a:92:3e:eb:6b:1a:f1:7b:af:c2:a4:81: e8:dc:49:a3:62:57:ec:2b:bb:d6:5c:68:c4:da:8f: 64:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:33:F4:9C:C0:85:BD:94:6B:52:1D:79:F8:A7:CB:52:2D:88:46:F1 X509v3 Authority Key Identifier: keyid:77:35:B7:0D:CA:27:0F:CB:8E:4B:90:92:B7:20:03:64:13:8F:5D:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzW3DconD8uOS5CStyADZBOPXfE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dfbce8-5437-49d7-a7f9-c6ddeb494735/1/dzW3DconD8uOS5CStyADZBOPXfE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:a3:20:8c:16:14:1c:8d:3f:65:e4:ce:61:d8:6f:8b:af:5f: 39:67:ef:66:4c:3f:37:0d:04:ea:cb:f0:d6:f4:f8:77:d4:b3: 0b:a2:c6:54:b1:9a:1a:72:83:e3:71:64:bc:c1:fa:ed:5d:5e: 7e:da:59:86:39:2d:62:09:6f:88:4e:ae:f5:8b:ef:59:8d:69: d0:7f:39:0b:47:5b:86:5c:12:3d:f6:2e:84:d7:02:bc:c8:66: d3:be:cb:9f:eb:55:b3:9a:bb:47:6f:13:ea:b6:fd:97:74:39: d2:a8:fe:73:76:78:7d:55:71:eb:75:17:92:a9:17:82:01:9f: ad:75:72:88:85:18:03:b5:0a:bf:66:43:64:a7:e7:41:ef:47: bb:45:9c:30:47:d7:e7:59:5f:60:8b:05:33:e3:62:a3:7f:be: 24:91:82:2a:58:9d:7b:c4:f7:c1:42:f8:19:32:d9:f6:b2:79: 73:9d:02:0c:61:b6:36:99:b9:ff:11:3b:10:2e:62:d9:60:13: dd:5b:ba:5c:61:9b:84:51:7c:4a:72:3b:42:f7:eb:61:18:69: a3:4f:e6:d4:c2:5f:e4:33:3b:3f:af:0a:cd:f0:d1:ee:35:86: ce:04:9e:51:f1:27:4d:d8:27:b8:f1:a1:c8:2c:13:af:55:c8: 04:cb:e7:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvMKBqsDclxQKT9vj8J7pqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3MzViNzBkY2EyNzBmY2I4ZTRiOTA5MmI3MjAwMzY0MTM4 ZjVkZjEwHhcNMjUxMjE4MDIwMTE0WhcNMjUxMjE5MDIwMTE0WjAzMTEwLwYDVQQD EyhhMTMzZjQ5Y2MwODViZDk0NmI1MjFkNzlmOGE3Y2I1MjJkODg0NmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7gtXXxvsVFTVRQgC++swmESyRpi 2297l91zCFv1vo6vT4WMs4gN6O+GLqM6mhshMc+0X94XYCtcRWXUFzA9RwjXLjtH bssQmO7Bo3FdW9r1x99qWHtpf32NNCtMFuTS0LHYVRlUf1mNB9RVTcI/n+gRDlOh Tw0h33/o4X57mctkNp1p4JmRs4YSL8OVXJnaCKxWH2CRrRL2RYJsQk3RXnBjv3zk sUUPors9q4U77EeZfpLkbF6ljVX+GHSooLOfKq+FwdQXooE641re6YpS3vkPt0oc saoBTbwnv1GEwCT4CXdqkj7raxrxe6/CpIHo3EmjYlfsK7vWXGjE2o9kSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKEz9JzAhb2Ua1Idefiny1ItiEbxMB8GA1UdIwQY MBaAFHc1tw3KJw/LjkuQkrcgA2QTj13xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3Zjkt YzZkZGViNDk0NzM1LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS9kZmJjZTgtNTQzNy00OWQ3LWE3ZjktYzZkZGViNDk0NzM1 LzEvZHpXM0Rjb25EOHVPUzVDU3R5QURaQk9QWGZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeKMgjBYU HI0/ZeTOYdhvi69fOWfvZkw/Nw0E6svw1vT4d9SzC6LGVLGaGnKD43FkvMH67V1e ftpZhjktYglviE6u9YvvWY1p0H85C0dbhlwSPfYuhNcCvMhm077Ln+tVs5q7R28T 6rb9l3Q50qj+c3Z4fVVx63UXkqkXggGfrXVyiIUYA7UKv2ZDZKfnQe9Hu0WcMEfX 51lfYIsFM+Nio3++JJGCKlide8T3wUL4GTLZ9rJ5c50CDGG2Npm5/xE7EC5i2WAT 3Vu6XGGbhFF8SnI7QvfrYRhpo0/m1MJf5DM7P68KzfDR7jWGzgSeUfEnTdgnuPGh yCwTr1XIBMvnJg== -----END CERTIFICATE-----Generated at Thu Dec 18 11:53:50 2025 by rpki-client