This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft File: k-DpokYd9Py54i53cLJhOgckE4g.mft (raw, json) Hash identifier: Gl1ZewzXO14B3VoDoGwV04I94KYKd1H5oDuKcg2OeUk= Subject key identifier: E3:38:DD:64:A0:AE:5F:01:D6:C2:87:23:10:C1:25:D4:4C:2E:51:D2 Authority key identifier: 93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88 Certificate issuer: /CN=93e0e9a2461df4fcb9e22e7770b2613a07241388 Certificate serial: 019B337B9AE4170E5293456F54869282B151 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft Manifest number: 1712 Signing time: Thu 18 Dec 2025 22:01:37 +0000 Manifest this update: Thu 18 Dec 2025 22:01:37 +0000 Manifest next update: Fri 19 Dec 2025 22:01:37 +0000 Files and hashes: 1: k-DpokYd9Py54i53cLJhOgckE4g.crl (hash: UMR568Y0PWxn8FcGHGY7zt/IG/j5UZvUwhdatAIIFcw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:9a:e4:17:0e:52:93:45:6f:54:86:92:82:b1:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93e0e9a2461df4fcb9e22e7770b2613a07241388 Validity Not Before: Dec 18 22:01:37 2025 GMT Not After : Dec 19 22:01:37 2025 GMT Subject: CN=e338dd64a0ae5f01d6c2872310c125d44c2e51d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:75:36:ff:50:a5:48:69:ac:be:b3:5f:c6:67: 88:fd:09:41:95:68:95:80:8e:30:97:34:67:12:4d: f3:a1:0e:a1:19:f8:aa:82:41:c2:b9:58:56:f9:33: 89:bd:6c:96:a7:d0:ca:ee:97:21:81:67:61:51:63: fe:7e:df:85:95:0b:00:12:41:67:27:f3:81:b4:8d: 50:7d:94:ca:33:e2:f4:ad:29:b6:c4:54:7d:e9:76: 73:cb:b1:11:c8:ee:10:5e:d2:79:72:e8:fa:ba:da: 5c:da:4e:04:e5:8f:71:ba:9d:b6:a2:c2:69:e6:95: f1:e9:57:43:80:23:a4:43:26:3d:ce:18:ee:dc:22: ba:32:e9:dc:61:f2:66:77:bd:ea:5b:b5:08:95:4d: 4d:4e:12:93:8d:f8:dd:1c:77:27:38:1b:70:84:11: 8c:6b:86:80:a4:22:66:09:bb:da:53:86:68:29:ad: 4a:a1:df:e7:62:63:2a:a8:c0:31:ca:8d:92:14:24: af:5c:d9:42:5b:21:12:9c:35:11:64:6e:2a:dc:64: 47:3a:7a:ea:3c:dc:e6:68:36:37:dc:bc:59:ff:0a: 2d:10:76:42:68:7c:9b:f1:e1:43:78:a8:30:dc:dc: c6:e5:e0:d5:fe:c9:16:5f:04:82:7d:97:80:57:4c: dd:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:38:DD:64:A0:AE:5F:01:D6:C2:87:23:10:C1:25:D4:4C:2E:51:D2 X509v3 Authority Key Identifier: keyid:93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:32:aa:c6:db:ba:60:42:7b:45:e0:65:e9:c8:e5:d5:2d:68: 87:ba:9c:18:cc:d8:91:0b:11:9d:2b:72:87:5c:a8:c5:e4:46: 12:0c:cf:00:6e:6c:64:eb:f8:15:2a:ed:7a:3b:80:f3:e8:e0: 99:29:ee:02:f0:10:1e:d6:e0:15:46:30:d2:d3:f4:8e:73:c1: 83:ea:55:dc:2d:27:ad:76:d0:15:19:61:90:2c:aa:8c:4a:cb: 5b:ed:e8:45:53:7f:72:47:54:cc:9e:5f:54:bd:15:2a:01:da: 4f:6b:2d:eb:e2:b7:6e:2c:3e:33:cd:bb:a9:f7:93:11:a5:7b: 69:d4:af:ce:14:4d:59:1b:8d:bf:1d:b8:ce:4e:cd:a0:b5:08: b3:56:45:cd:a4:fd:d3:b8:55:44:56:0c:98:ac:b8:c2:33:a8: 06:e5:30:d9:9b:0d:08:29:16:a7:df:40:b3:8a:9b:8c:92:91: 65:9d:b7:1a:29:24:a6:7a:d6:6f:1f:c8:df:66:75:d1:0e:b6: 1f:e2:6c:fa:c3:d0:25:d7:c2:e0:c8:24:41:93:96:74:3c:c2: 53:11:6a:c1:70:10:19:fe:77:8c:4e:14:48:7a:83:19:52:8f: cc:6a:15:b6:dd:0d:55:1d:e9:18:09:90:e7:9d:cd:18:b0:02: 9b:21:07:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsze5rkFw5Sk0VvVIaSgrFRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzZTBlOWEyNDYxZGY0ZmNiOWUyMmU3NzcwYjI2MTNhMDcy NDEzODgwHhcNMjUxMjE4MjIwMTM3WhcNMjUxMjE5MjIwMTM3WjAzMTEwLwYDVQQD EyhlMzM4ZGQ2NGEwYWU1ZjAxZDZjMjg3MjMxMGMxMjVkNDRjMmU1MWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXU2/1ClSGmsvrNfxmeI/QlBlWiV gI4wlzRnEk3zoQ6hGfiqgkHCuVhW+TOJvWyWp9DK7pchgWdhUWP+ft+FlQsAEkFn J/OBtI1QfZTKM+L0rSm2xFR96XZzy7ERyO4QXtJ5cuj6utpc2k4E5Y9xup22osJp 5pXx6VdDgCOkQyY9zhju3CK6MuncYfJmd73qW7UIlU1NThKTjfjdHHcnOBtwhBGM a4aApCJmCbvaU4ZoKa1Kod/nYmMqqMAxyo2SFCSvXNlCWyESnDURZG4q3GRHOnrq PNzmaDY33LxZ/wotEHZCaHyb8eFDeKgw3NzG5eDV/skWXwSCfZeAV0zdzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOM43WSgrl8B1sKHIxDBJdRMLlHSMB8GA1UdIwQY MBaAFJPg6aJGHfT8ueIud3CyYToHJBOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEt MGUyZTM2MDE5ODQ5LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEtMGUyZTM2MDE5ODQ5 LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjKqxtu6 YEJ7ReBl6cjl1S1oh7qcGMzYkQsRnStyh1yoxeRGEgzPAG5sZOv4FSrtejuA8+jg mSnuAvAQHtbgFUYw0tP0jnPBg+pV3C0nrXbQFRlhkCyqjErLW+3oRVN/ckdUzJ5f VL0VKgHaT2st6+K3biw+M827qfeTEaV7adSvzhRNWRuNvx24zk7NoLUIs1ZFzaT9 07hVRFYMmKy4wjOoBuUw2ZsNCCkWp99As4qbjJKRZZ23GikkpnrWbx/I32Z10Q62 H+Js+sPQJdfC4MgkQZOWdDzCUxFqwXAQGf53jE4USHqDGVKPzGoVtt0NVR3pGAmQ 553NGLACmyEHCQ== -----END CERTIFICATE-----Generated at Fri Dec 19 01:25:45 2025 by rpki-client