This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft File: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft (raw, json) Hash identifier: 6RnejhXNoZBczf3NL7t45/ctcuFkSbQX13JXu5cY7Dg= Subject key identifier: 66:5A:14:8B:A1:A2:DD:DF:C1:C1:40:1B:1B:22:0D:DF:A6:08:34:D7 Authority key identifier: 0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02 Certificate issuer: /CN=0d784bd96a44bc361d13344d54c8bc51ff67a802 Certificate serial: 019B722292C5E10B4BFFB8D9598DCA4CC37D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft Manifest number: 0F07 Signing time: Wed 31 Dec 2025 02:00:26 +0000 Manifest this update: Wed 31 Dec 2025 02:00:26 +0000 Manifest next update: Thu 01 Jan 2026 02:00:26 +0000 Files and hashes: 1: DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl (hash: 2Q7OdRhT1t/DDNr7voD/7QiVvwOn80RpDZX6mlcra7I=) 2: zo9Y2aPXtg0v5rw18Mi_WOQc36Y.roa (hash: v9STSvD6P0pmUA0gxCp1HPZofea00hykboqUh1BCCCs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:72:22:92:c5:e1:0b:4b:ff:b8:d9:59:8d:ca:4c:c3:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d784bd96a44bc361d13344d54c8bc51ff67a802 Validity Not Before: Dec 31 02:00:26 2025 GMT Not After : Jan 1 02:00:26 2026 GMT Subject: CN=665a148ba1a2dddfc1c1401b1b220ddfa60834d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1f:76:43:69:90:2b:59:4b:1c:8f:72:8a:70: 35:bc:8c:c3:4e:ae:e7:ab:15:ed:54:d5:e2:1b:fe: 44:9d:28:81:f1:32:06:1c:af:2f:3a:c7:7c:48:60: b4:53:60:0c:3c:4f:d1:88:99:e7:bd:df:d7:22:7a: 5d:d3:fd:81:30:52:50:b9:86:51:cd:e7:48:7f:7c: e6:3d:1b:a4:9b:7e:22:91:2d:fd:14:68:f4:cc:de: e3:17:b4:75:28:ec:8d:40:4f:0b:5c:3b:e0:55:33: 05:5a:a5:82:7c:98:8f:de:c6:3f:28:c1:a3:b5:30: fb:b6:5e:af:e6:fb:96:7c:0d:bc:5b:5d:15:8e:ec: 7e:81:4b:9e:84:50:e4:d1:f9:43:47:31:81:09:03: b1:84:55:9a:55:f8:51:49:01:c0:39:60:7a:45:1c: da:4b:4b:22:b4:70:a6:32:87:1a:8c:b5:5c:48:18: 50:57:e3:52:06:a4:8e:b0:2c:fc:13:b9:48:4d:32: 64:b4:96:80:04:9e:80:a5:80:99:1e:99:5b:c9:1b: 57:bc:4a:1f:ea:13:ca:39:c4:97:21:04:85:33:dd: 5d:41:c2:ff:e1:fe:82:a8:9a:22:67:fb:a6:38:a2: 3b:1c:dd:c6:e0:54:26:2b:0a:0c:0a:0b:e4:5e:0b: ac:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:5A:14:8B:A1:A2:DD:DF:C1:C1:40:1B:1B:22:0D:DF:A6:08:34:D7 X509v3 Authority Key Identifier: keyid:0D:78:4B:D9:6A:44:BC:36:1D:13:34:4D:54:C8:BC:51:FF:67:A8:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/425c24-bfe0-4790-b250-d4c66f4f3b6e/1/DXhL2WpEvDYdEzRNVMi8Uf9nqAI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:49:21:24:e9:67:dc:3d:cb:64:12:af:9f:5c:b6:4d:66:db: af:67:e4:31:5c:8c:8a:70:f0:6d:90:17:f7:93:f4:3b:4f:5a: 18:e7:6d:0e:92:ce:85:6c:75:79:54:22:c4:b1:81:88:f6:1a: 69:b1:a0:fb:4e:30:06:18:3a:4c:8a:9e:a1:df:cc:38:c1:3f: 71:97:e1:26:af:12:6b:3e:48:d2:03:48:ae:c4:63:cd:dc:89: ae:e6:09:8a:9c:e2:f4:8c:67:99:c5:3f:aa:4e:72:7e:93:bf: 10:d8:7f:ee:36:a3:b5:cb:1a:8a:62:9c:c0:86:63:5c:58:03: 97:af:a1:d7:f2:08:df:be:0d:63:21:57:47:f0:3d:7d:ae:80: 21:cf:06:59:90:95:d5:56:e0:54:19:f5:af:41:4f:65:5b:2d: ea:9e:df:63:9d:2d:73:4d:79:61:2d:02:57:f7:21:eb:b1:d9: 0f:08:ba:65:51:1f:cc:73:f6:e3:0a:e8:de:38:a2:6a:72:e8: b0:3f:cb:ad:c1:30:08:af:67:ef:39:fe:a7:e7:4d:6a:c6:ce: ba:ee:ea:bb:f8:e3:c7:b3:52:fa:6e:7e:85:fd:de:72:ee:8a: 76:4a:26:71:f2:8e:2f:68:90:34:32:d5:b4:9b:34:05:dd:5c: b5:2e:8c:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtyIpLF4QtL/7jZWY3KTMN9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNzg0YmQ5NmE0NGJjMzYxZDEzMzQ0ZDU0YzhiYzUxZmY2 N2E4MDIwHhcNMjUxMjMxMDIwMDI2WhcNMjYwMTAxMDIwMDI2WjAzMTEwLwYDVQQD Eyg2NjVhMTQ4YmExYTJkZGRmYzFjMTQwMWIxYjIyMGRkZmE2MDgzNGQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh92Q2mQK1lLHI9yinA1vIzDTq7n qxXtVNXiG/5EnSiB8TIGHK8vOsd8SGC0U2AMPE/RiJnnvd/XInpd0/2BMFJQuYZR zedIf3zmPRukm34ikS39FGj0zN7jF7R1KOyNQE8LXDvgVTMFWqWCfJiP3sY/KMGj tTD7tl6v5vuWfA28W10Vjux+gUuehFDk0flDRzGBCQOxhFWaVfhRSQHAOWB6RRza S0sitHCmMocajLVcSBhQV+NSBqSOsCz8E7lITTJktJaABJ6ApYCZHplbyRtXvEof 6hPKOcSXIQSFM91dQcL/4f6CqJoiZ/umOKI7HN3G4FQmKwoMCgvkXgusawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGZaFIuhot3fwcFAGxsiDd+mCDTXMB8GA1UdIwQY MBaAFA14S9lqRLw2HRM0TVTIvFH/Z6gCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAt ZDRjNjZmNGYzYjZlLzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni80MjVjMjQtYmZlMC00NzkwLWIyNTAtZDRjNjZmNGYzYjZl LzEvRFhoTDJXcEV2RFlkRXpSTlZNaThVZjlucUFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArEkhJOln 3D3LZBKvn1y2TWbbr2fkMVyMinDwbZAX95P0O09aGOdtDpLOhWx1eVQixLGBiPYa abGg+04wBhg6TIqeod/MOME/cZfhJq8Saz5I0gNIrsRjzdyJruYJipzi9IxnmcU/ qk5yfpO/ENh/7jajtcsaimKcwIZjXFgDl6+h1/II374NYyFXR/A9fa6AIc8GWZCV 1VbgVBn1r0FPZVst6p7fY50tc015YS0CV/ch67HZDwi6ZVEfzHP24wro3jiianLo sD/LrcEwCK9n7zn+p+dNasbOuu7qu/jjx7NS+m5+hf3ecu6KdkomcfKOL2iQNDLV tJs0Bd1ctS6MBw== -----END CERTIFICATE-----Generated at Wed Dec 31 08:00:38 2025 by rpki-client