This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft File: dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json) Hash identifier: 8kOuFDxAl6Hd+Llw1yFJ1JIwHWwKdCOTb7ovqWoiPYk= Subject key identifier: D8:B3:4B:DA:DD:C2:6E:3A:69:6F:71:7A:DA:A3:CD:0F:B1:E1:19:CF Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A Certificate issuer: /CN=74b27c5d5684864853df5b81572212ede322ce0a Certificate serial: 019B4F292338477B3A11F9620E263E46AB11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft Manifest number: 0466 Signing time: Wed 24 Dec 2025 07:00:54 +0000 Manifest this update: Wed 24 Dec 2025 07:00:54 +0000 Manifest next update: Thu 25 Dec 2025 07:00:54 +0000 Files and hashes: 1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: 7MQoA2PG/ATtBLQ7ds5zUtYykOFsmHVS7TtRsHc/Z1I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:29:23:38:47:7b:3a:11:f9:62:0e:26:3e:46:ab:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a Validity Not Before: Dec 24 07:00:54 2025 GMT Not After : Dec 25 07:00:54 2025 GMT Subject: CN=d8b34bdaddc26e3a696f717adaa3cd0fb1e119cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:cf:48:b5:09:35:d9:62:02:87:00:8f:ba:16: e5:b9:e4:3f:4e:4f:69:38:d5:aa:80:be:74:e2:9a: f2:f8:df:11:79:26:7e:e3:34:ae:4d:9b:80:82:21: fe:85:ba:ac:7a:fe:b5:ca:e5:c2:1b:24:4e:93:ad: 55:e6:3f:b9:37:47:c2:c1:8f:36:2a:8f:8d:bc:84: cb:74:1d:0a:c7:95:67:50:0a:35:8f:b1:38:f7:38: fd:b0:71:a3:fc:3a:75:d4:70:fa:9b:f5:52:e0:7b: 9d:c3:e4:f0:83:cf:f3:a6:58:32:7e:ac:9a:42:69: 4d:5c:9c:50:cc:b4:bb:e4:75:2c:88:1b:4f:56:3c: cd:b5:e0:6e:7c:73:0a:98:a6:40:60:5d:e8:a3:38: cd:aa:b6:ae:d8:12:c5:f5:48:6e:36:5b:c9:98:6d: bc:ca:db:4a:57:7c:5c:26:bb:80:42:40:d4:5b:d1: c9:26:45:76:c0:f8:6d:88:04:7b:d1:1d:16:0d:46: 1a:ac:ab:05:c9:87:8c:47:2c:18:50:ee:14:40:e8: a4:3c:67:39:e2:21:c0:8b:07:75:78:e2:01:aa:c0: a6:92:fe:9d:99:96:80:68:13:b2:60:fd:59:9e:a0: 68:ec:dd:2d:9a:35:a0:70:44:5a:48:a7:1c:98:38: 86:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:B3:4B:DA:DD:C2:6E:3A:69:6F:71:7A:DA:A3:CD:0F:B1:E1:19:CF X509v3 Authority Key Identifier: keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:c2:f6:9c:81:4a:fd:30:44:7f:5e:8d:64:55:4f:bd:d4:f5: 40:a9:b4:66:fc:e5:1d:ef:3b:66:34:38:5e:43:2f:95:3c:b1: 87:49:31:c6:28:4d:87:89:be:68:4c:c9:20:ae:63:48:11:10: 9c:a0:03:22:5b:1a:7e:52:b0:91:af:b1:8b:b4:9e:29:66:e9: 34:80:e8:d6:ab:ab:3c:5e:37:56:98:01:5f:64:3f:bf:e8:25: 85:c8:52:c3:ff:d6:f6:9d:9c:ca:e5:0d:60:23:55:2d:4f:79: a7:7f:16:42:4f:f0:fe:ba:b0:24:78:8a:88:71:57:70:96:c8: 8e:84:a3:6a:05:f9:62:c0:9a:81:52:52:fd:3c:4b:15:17:95: d0:e9:de:5a:a0:60:c2:31:dc:57:1e:48:39:7b:61:18:5a:2b: 26:45:85:cc:c6:cc:8d:7c:e7:2b:27:42:76:e7:f4:44:83:9a: 5c:cf:df:38:80:81:c8:59:85:6d:f4:91:2a:d0:a4:3e:48:57: 55:d4:6a:da:35:9d:c3:f2:99:31:95:ff:17:84:3b:f9:11:c7: eb:ea:b1:e6:36:83:0b:8a:b4:a7:bc:51:01:ef:cf:2b:de:5c: ca:14:c6:ab:a0:3a:9f:75:5c:e9:8a:11:94:bf:27:05:d7:8f: 49:47:d2:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPKSM4R3s6EfliDiY+RqsRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy MmNlMGEwHhcNMjUxMjI0MDcwMDU0WhcNMjUxMjI1MDcwMDU0WjAzMTEwLwYDVQQD EyhkOGIzNGJkYWRkYzI2ZTNhNjk2ZjcxN2FkYWEzY2QwZmIxZTExOWNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM9ItQk12WIChwCPuhblueQ/Tk9p ONWqgL504pry+N8ReSZ+4zSuTZuAgiH+hbqsev61yuXCGyROk61V5j+5N0fCwY82 Ko+NvITLdB0Kx5VnUAo1j7E49zj9sHGj/Dp11HD6m/VS4Hudw+Twg8/zplgyfqya QmlNXJxQzLS75HUsiBtPVjzNteBufHMKmKZAYF3oozjNqrau2BLF9UhuNlvJmG28 yttKV3xcJruAQkDUW9HJJkV2wPhtiAR70R0WDUYarKsFyYeMRywYUO4UQOikPGc5 4iHAiwd1eOIBqsCmkv6dmZaAaBOyYP1ZnqBo7N0tmjWgcERaSKccmDiGWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNizS9rdwm46aW9xetqjzQ+x4RnPMB8GA1UdIwQY MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1 LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8L2nIFK /TBEf16NZFVPvdT1QKm0ZvzlHe87ZjQ4XkMvlTyxh0kxxihNh4m+aEzJIK5jSBEQ nKADIlsaflKwka+xi7SeKWbpNIDo1qurPF43VpgBX2Q/v+glhchSw//W9p2cyuUN YCNVLU95p38WQk/w/rqwJHiKiHFXcJbIjoSjagX5YsCagVJS/TxLFReV0OneWqBg wjHcVx5IOXthGForJkWFzMbMjXznKydCduf0RIOaXM/fOICByFmFbfSRKtCkPkhX VdRq2jWdw/KZMZX/F4Q7+RHH6+qx5jaDC4q0p7xRAe/PK95cyhTGq6A6n3Vc6YoR lL8nBdePSUfS1w== -----END CERTIFICATE-----Generated at Wed Dec 24 08:46:03 2025 by rpki-client