This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft File: DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json) Hash identifier: Drn4m4BwqJ/7thMXN3oLOfcJFoR51mj0dBhBjf/Ofrk= Subject key identifier: AB:AB:15:76:25:AB:2C:68:AD:DE:E8:A9:E4:27:3E:6B:5B:3E:10:F8 Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 Certificate issuer: /CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Certificate serial: 019B32D5C88F9025260CEAE57DFF63E1B2E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft Manifest number: 1711 Signing time: Thu 18 Dec 2025 19:00:29 +0000 Manifest this update: Thu 18 Dec 2025 19:00:29 +0000 Manifest next update: Fri 19 Dec 2025 19:00:29 +0000 Files and hashes: 1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: ZpW3UYnoYEGnRNoOaJMFLZumclRVEBuP4YlO/P3TXrg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d5:c8:8f:90:25:26:0c:ea:e5:7d:ff:63:e1:b2:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41 Validity Not Before: Dec 18 19:00:29 2025 GMT Not After : Dec 19 19:00:29 2025 GMT Subject: CN=abab157625ab2c68addee8a9e4273e6b5b3e10f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:24:7c:cd:f4:84:c4:f3:9b:7a:5e:4c:8a:d6: f2:4a:a7:eb:b3:53:05:b2:d8:ef:57:e0:56:5d:5c: e9:36:56:53:25:83:bf:54:d4:c7:2f:1d:89:11:42: 91:c0:07:c9:fd:37:6c:f1:c9:33:5e:05:42:3b:4a: d2:57:46:94:ff:99:0f:02:21:cd:59:c7:ec:16:b2: 4b:6a:79:ff:7f:71:9d:c8:77:28:e7:69:67:3b:6f: 68:ed:c8:76:9a:f2:61:77:6f:9f:a9:b5:18:8c:7e: 04:28:02:d6:b9:cf:89:68:1b:4d:79:32:db:1b:b2: 3f:fb:27:c3:28:b5:a9:c5:dc:44:dd:70:7c:eb:7a: 37:10:5d:13:a9:5f:ef:ab:c7:44:38:1c:f7:d4:47: dc:65:6a:af:d4:c9:92:ce:06:ab:3e:83:14:6e:83: b5:1e:c3:98:f7:a8:cb:4a:1d:21:3c:4e:7a:e5:d2: 03:7f:c4:2f:a8:71:93:2c:45:6a:bb:ca:d0:58:8f: 07:e7:25:31:a3:52:b4:9c:79:c9:e5:98:f1:ba:a0: 50:90:cc:1f:d6:89:f9:e2:41:d9:3f:5c:f9:39:ce: 85:03:d2:24:78:42:d9:ce:49:2a:b0:2e:96:56:ba: fd:24:8c:99:6b:9e:43:31:31:35:3c:ce:9f:12:35: 00:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:AB:15:76:25:AB:2C:68:AD:DE:E8:A9:E4:27:3E:6B:5B:3E:10:F8 X509v3 Authority Key Identifier: keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:80:50:2d:3b:e1:e6:04:3d:b4:d9:c4:19:de:7c:71:ff:e9: 38:bf:3f:e8:cd:32:4b:8c:00:1b:38:fd:7d:44:35:af:3a:c0: 7c:22:1a:6f:ed:e0:72:95:8f:d0:be:46:eb:e5:3c:92:ac:61: aa:36:3c:0f:14:b7:d3:43:34:75:c6:9b:c2:79:0a:d7:42:df: dd:f1:da:f6:88:f5:f9:7e:f5:b3:f0:cb:7a:ce:3b:4c:34:e0: 54:15:db:e6:df:a3:ce:b2:cd:81:d3:fe:7e:73:bb:19:ac:25: cf:82:83:34:50:e9:79:30:44:58:75:59:7e:10:e3:15:6f:39: 7b:23:69:24:d7:16:8b:46:8b:59:2e:59:33:9b:1e:8f:b7:87: 72:2c:95:fe:5c:44:11:eb:18:ab:e5:06:f7:52:4c:29:0e:31: 44:20:37:78:dc:e1:a2:f7:ab:d2:b3:b9:16:8d:44:92:5f:9a: ea:7b:ca:9c:77:bc:da:2f:dc:e4:10:1a:12:93:b7:02:f8:9a: 7b:d2:3b:92:06:52:2a:b6:cf:2f:26:80:7d:88:b7:37:87:a0: 1a:c5:3c:06:42:1e:89:e4:72:06:b6:41:2b:76:5b:3a:12:b3: b1:9b:ce:f0:a5:84:fd:6e:9e:83:43:3d:c8:9a:1a:d3:45:58: 8f:ce:08:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1ciPkCUmDOrlff9j4bLlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh NDlkNDEwHhcNMjUxMjE4MTkwMDI5WhcNMjUxMjE5MTkwMDI5WjAzMTEwLwYDVQQD EyhhYmFiMTU3NjI1YWIyYzY4YWRkZWU4YTllNDI3M2U2YjViM2UxMGY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iR8zfSExPObel5MitbySqfrs1MF stjvV+BWXVzpNlZTJYO/VNTHLx2JEUKRwAfJ/Tds8ckzXgVCO0rSV0aU/5kPAiHN WcfsFrJLann/f3GdyHco52lnO29o7ch2mvJhd2+fqbUYjH4EKALWuc+JaBtNeTLb G7I/+yfDKLWpxdxE3XB863o3EF0TqV/vq8dEOBz31EfcZWqv1MmSzgarPoMUboO1 HsOY96jLSh0hPE565dIDf8QvqHGTLEVqu8rQWI8H5yUxo1K0nHnJ5ZjxuqBQkMwf 1on54kHZP1z5Oc6FA9IkeELZzkkqsC6WVrr9JIyZa55DMTE1PM6fEjUAZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKurFXYlqyxord7oqeQnPmtbPhD4MB8GA1UdIwQY MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxoBQLTvh 5gQ9tNnEGd58cf/pOL8/6M0yS4wAGzj9fUQ1rzrAfCIab+3gcpWP0L5G6+U8kqxh qjY8DxS300M0dcabwnkK10Lf3fHa9oj1+X71s/DLes47TDTgVBXb5t+jzrLNgdP+ fnO7Gawlz4KDNFDpeTBEWHVZfhDjFW85eyNpJNcWi0aLWS5ZM5sej7eHciyV/lxE EesYq+UG91JMKQ4xRCA3eNzhover0rO5Fo1Ekl+a6nvKnHe82i/c5BAaEpO3Avia e9I7kgZSKrbPLyaAfYi3N4egGsU8BkIeieRyBrZBK3ZbOhKzsZvO8KWE/W6eg0M9 yJoa00VYj84I/Q== -----END CERTIFICATE-----Generated at Fri Dec 19 00:16:01 2025 by rpki-client