This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft File: DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json) Hash identifier: lo7pevwBFAjh6JQ16i6bQkaSPdLYhXFZYYwNyRZJ3ro= Subject key identifier: 49:74:24:81:30:C6:2A:79:5B:49:03:85:A1:B2:FE:50:53:69:72:0B Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 Certificate issuer: /CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Certificate serial: 019B631E71E0159B43148D3917FBA786FB64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft Manifest number: 172A Signing time: Sun 28 Dec 2025 04:01:38 +0000 Manifest this update: Sun 28 Dec 2025 04:01:38 +0000 Manifest next update: Mon 29 Dec 2025 04:01:38 +0000 Files and hashes: 1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: E3rrS4eVJFMSWn6LoCAzx2FRGNmUuUIgbvnhdSFfqwM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:1e:71:e0:15:9b:43:14:8d:39:17:fb:a7:86:fb:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Validity Not Before: Dec 28 04:01:38 2025 GMT Not After : Dec 29 04:01:38 2025 GMT Subject: CN=4974248130c62a795b490385a1b2fe505369720b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:1a:cd:3b:1e:b9:59:34:a0:9e:f3:5a:41:e9: 9b:57:a0:a5:35:45:38:03:d0:c6:14:64:30:e5:3d: 1f:4a:a0:2b:bb:d8:44:0b:18:2d:24:ca:08:0a:af: 40:83:19:77:e3:6b:a7:a7:ee:45:c6:5d:0a:fb:da: 68:0e:be:2c:b4:18:5e:5b:c6:41:fe:d7:7a:4c:94: 39:2e:7c:2d:ec:b1:71:a9:74:60:59:a3:2f:3b:ab: 80:f8:d3:f6:62:c3:fa:2b:f6:c4:7f:ae:50:0c:70: 6d:99:65:84:eb:ac:eb:f1:af:d2:88:83:c2:eb:4d: 45:67:39:e9:33:f6:d5:3e:78:90:14:1f:03:09:f9: 94:ac:a5:c6:1a:82:67:29:8b:fb:6c:ac:be:ef:cf: 5a:44:bc:2f:16:9f:80:19:92:dd:5e:58:1b:14:8d: ba:e5:56:4f:5c:84:ee:01:5b:fe:65:d6:22:f5:4f: d2:cd:b7:f8:1d:18:a3:aa:b9:ca:1c:f7:57:ed:97: 96:c3:d6:24:00:78:a8:97:c3:78:74:bf:94:3f:af: 3b:8f:78:6d:e7:81:ac:05:fa:52:42:65:53:aa:66: 6f:00:1a:24:7a:c1:20:66:ff:0f:1d:29:6c:38:e9: f8:8a:7b:d3:5d:04:b2:a0:8e:ef:38:68:87:a1:88: ac:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:74:24:81:30:C6:2A:79:5B:49:03:85:A1:B2:FE:50:53:69:72:0B X509v3 Authority Key Identifier: keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:56:83:1a:33:c5:7a:2a:d4:48:b8:fd:7d:0b:2e:54:2c:36: 3d:4a:9e:d9:2b:6b:cf:20:2c:91:b4:8c:1c:66:35:15:b9:6e: ac:5f:3d:a3:89:f7:d6:a0:ce:e0:22:86:d7:0a:c2:9d:a6:4b: 75:77:28:b1:e2:49:9d:48:16:3d:51:8a:d6:20:5f:34:ef:f8: 96:1b:fc:05:f0:00:90:c2:92:da:1b:8a:0d:05:ce:91:50:b4: 7a:65:e4:3f:cb:74:ab:e0:1c:ea:a3:5a:20:c7:8c:67:df:45: d8:fe:4c:cd:05:81:17:7e:4e:4d:76:ce:e9:2b:07:ce:b9:81: a8:7a:e9:3d:dd:e9:78:66:3a:24:82:1f:e6:52:88:8d:12:dc: 15:1b:db:54:80:10:e1:65:00:0f:38:7f:55:62:fa:15:0a:5e: d3:d2:54:0d:10:01:3f:28:c7:f4:59:87:1f:1e:6e:8c:78:5f: 57:02:ff:08:a8:f0:82:42:0d:f0:d9:cd:68:bd:08:a5:22:dd: 55:8d:ab:d0:c4:bb:39:04:49:07:64:87:77:97:80:c4:44:94: b7:38:92:e4:69:af:7a:c9:9c:bf:d9:d7:bf:1a:77:8b:be:b1: 22:d3:a0:26:bd:02:a9:59:00:f4:7e:d0:6d:46:ec:6b:31:16: 7b:2d:59:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjHnHgFZtDFI05F/unhvtkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh NDlkNDEwHhcNMjUxMjI4MDQwMTM4WhcNMjUxMjI5MDQwMTM4WjAzMTEwLwYDVQQD Eyg0OTc0MjQ4MTMwYzYyYTc5NWI0OTAzODVhMWIyZmU1MDUzNjk3MjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBrNOx65WTSgnvNaQembV6ClNUU4 A9DGFGQw5T0fSqAru9hECxgtJMoICq9Agxl342unp+5Fxl0K+9poDr4stBheW8ZB /td6TJQ5Lnwt7LFxqXRgWaMvO6uA+NP2YsP6K/bEf65QDHBtmWWE66zr8a/SiIPC 601FZznpM/bVPniQFB8DCfmUrKXGGoJnKYv7bKy+789aRLwvFp+AGZLdXlgbFI26 5VZPXITuAVv+ZdYi9U/Szbf4HRijqrnKHPdX7ZeWw9YkAHiol8N4dL+UP687j3ht 54GsBfpSQmVTqmZvABokesEgZv8PHSlsOOn4invTXQSyoI7vOGiHoYis9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEl0JIEwxip5W0kDhaGy/lBTaXILMB8GA1UdIwQY MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvFaDGjPF eirUSLj9fQsuVCw2PUqe2StrzyAskbSMHGY1FblurF89o4n31qDO4CKG1wrCnaZL dXcoseJJnUgWPVGK1iBfNO/4lhv8BfAAkMKS2huKDQXOkVC0emXkP8t0q+Ac6qNa IMeMZ99F2P5MzQWBF35OTXbO6SsHzrmBqHrpPd3peGY6JIIf5lKIjRLcFRvbVIAQ 4WUADzh/VWL6FQpe09JUDRABPyjH9FmHHx5ujHhfVwL/CKjwgkIN8NnNaL0IpSLd VY2r0MS7OQRJB2SHd5eAxESUtziS5Gmvesmcv9nXvxp3i76xItOgJr0CqVkA9H7Q bUbsazEWey1Z6g== -----END CERTIFICATE-----Generated at Sun Dec 28 05:53:28 2025 by rpki-client