This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.mft File: do_utqkKhqzxGHHk5Xii6n7Cgdk.mft (raw, json) Hash identifier: 2Vorc6W0FTbKUkmWgLBmKTN2+zjgc5V1Cwu6QiB3nUI= Subject key identifier: 83:86:4F:C9:89:AD:D8:DE:62:A6:2F:A7:7E:FD:04:1D:DB:21:0D:AC Authority key identifier: 76:8F:EE:B6:A9:0A:86:AC:F1:18:71:E4:E5:78:A2:EA:7E:C2:81:D9 Certificate issuer: /CN=768feeb6a90a86acf11871e4e578a2ea7ec281d9 Certificate serial: 019B3DC8234712B0D5238C3582E050A7BCC2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.mft Manifest number: 0294 Signing time: Sat 20 Dec 2025 22:01:24 +0000 Manifest this update: Sat 20 Dec 2025 22:01:24 +0000 Manifest next update: Sun 21 Dec 2025 22:01:24 +0000 Files and hashes: 1: ZZ126kZc2Gs9amlt5Rc0VmUZOPw.roa (hash: laA9ImB0VtnpNlOC8RmvM5URSIvzaqpg8ewZvS5hOLw=) 2: do_utqkKhqzxGHHk5Xii6n7Cgdk.crl (hash: NpcaVp6B0O47EQ7WlH07MW2e+ri9AGFot3CUSwNKAqc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.mft rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c8:23:47:12:b0:d5:23:8c:35:82:e0:50:a7:bc:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=768feeb6a90a86acf11871e4e578a2ea7ec281d9 Validity Not Before: Dec 20 22:01:24 2025 GMT Not After : Dec 21 22:01:24 2025 GMT Subject: CN=83864fc989add8de62a62fa77efd041ddb210dac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e6:98:89:77:e8:02:6e:66:f9:63:a7:90:32: c0:f1:00:c6:79:c8:d4:92:0c:ed:c8:69:f8:34:14: ef:bb:4d:69:00:43:87:3b:7a:50:c0:5c:8c:9e:c0: bf:79:75:d2:4d:3c:ad:ca:34:32:f6:a7:94:7b:5c: c2:3c:82:58:40:f7:30:03:ef:6b:05:b5:8e:95:07: 2c:d0:6b:2f:ac:62:9f:3a:34:67:37:7e:b0:3a:8a: 2b:ec:75:7f:81:05:22:27:07:54:9e:4c:18:9d:4a: 6a:cb:31:49:81:56:bf:f0:56:69:e1:e4:a6:8d:47: ea:33:15:ab:80:16:a9:26:1b:66:ca:7a:83:cc:c4: 96:e6:02:39:6d:bc:4d:23:7b:f7:35:d5:1a:fe:87: eb:d8:01:fa:31:c5:1a:ca:3c:16:4b:f0:ce:8f:d9: 82:d3:5b:67:a5:ea:2f:34:8e:c3:ed:f6:7e:28:2b: bb:74:93:28:44:8a:21:19:d0:77:6f:bd:30:ac:73: 82:9e:ef:12:0b:07:d5:70:72:d4:3e:31:96:84:7f: 20:74:0b:39:ac:b6:62:d9:6d:31:7e:cf:8d:01:a5: 8b:09:8e:9a:d3:9c:25:45:bf:d7:d3:01:55:98:4f: 8f:dc:56:e9:1c:7a:18:47:7f:f4:93:e0:31:5b:7c: b9:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:86:4F:C9:89:AD:D8:DE:62:A6:2F:A7:7E:FD:04:1D:DB:21:0D:AC X509v3 Authority Key Identifier: keyid:76:8F:EE:B6:A9:0A:86:AC:F1:18:71:E4:E5:78:A2:EA:7E:C2:81:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:cd:1d:e5:03:c7:2e:48:54:59:fc:51:06:20:ba:10:f6:6a: 79:b4:d4:95:59:e7:aa:98:1e:34:86:a3:ee:f6:70:58:49:f7: 69:41:04:a7:5b:f5:73:5d:a2:f6:cc:3b:34:ed:66:af:66:5c: 9c:11:35:37:2d:11:e2:61:c7:8d:b8:cf:04:de:c8:bb:3d:01: 0f:9a:20:03:38:73:8b:2f:75:a3:32:a8:a6:3c:e1:af:86:a4: 83:fe:1f:d2:c9:dc:61:a1:20:f5:1a:13:93:3a:be:a9:45:a2: ac:9b:8e:29:04:8c:a1:e0:de:af:65:a1:a9:cf:69:0c:b8:85: 71:52:fb:8b:c5:2e:4f:03:e8:2d:90:21:e4:9f:c0:1b:c1:3a: d2:f6:37:1d:d6:f0:c4:3b:dd:45:d7:71:5a:47:0a:1c:6e:98: e3:a9:3c:0d:3c:60:52:cf:db:01:17:97:31:c4:28:57:72:40: 29:3c:96:82:20:44:b5:b9:3b:cf:d0:50:26:b9:aa:01:1e:dc: 9e:2b:02:a0:55:07:c6:00:e6:a3:13:ba:06:f8:b3:5d:4a:90: 77:dd:25:bf:95:9f:db:30:98:6d:2f:0e:be:07:de:86:f0:5e: a3:3b:d5:af:d1:db:c8:ac:87:b7:80:a5:8b:da:54:7e:5c:98: 61:9e:da:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9yCNHErDVI4w1guBQp7zCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2OGZlZWI2YTkwYTg2YWNmMTE4NzFlNGU1NzhhMmVhN2Vj MjgxZDkwHhcNMjUxMjIwMjIwMTI0WhcNMjUxMjIxMjIwMTI0WjAzMTEwLwYDVQQD Eyg4Mzg2NGZjOTg5YWRkOGRlNjJhNjJmYTc3ZWZkMDQxZGRiMjEwZGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOaYiXfoAm5m+WOnkDLA8QDGecjU kgztyGn4NBTvu01pAEOHO3pQwFyMnsC/eXXSTTytyjQy9qeUe1zCPIJYQPcwA+9r BbWOlQcs0GsvrGKfOjRnN36wOoor7HV/gQUiJwdUnkwYnUpqyzFJgVa/8FZp4eSm jUfqMxWrgBapJhtmynqDzMSW5gI5bbxNI3v3NdUa/ofr2AH6McUayjwWS/DOj9mC 01tnpeovNI7D7fZ+KCu7dJMoRIohGdB3b70wrHOCnu8SCwfVcHLUPjGWhH8gdAs5 rLZi2W0xfs+NAaWLCY6a05wlRb/X0wFVmE+P3FbpHHoYR3/0k+AxW3y5ywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIOGT8mJrdjeYqYvp379BB3bIQ2sMB8GA1UdIwQY MBaAFHaP7rapCoas8Rhx5OV4oup+woHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZG9fdXRxa0tocXp4R0hIazVYaWk2bjdDZ2RrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY2M2EtZWFmMS00YTg5LTgwNGMt MGMxZjRkMzM3ODNlLzEvZG9fdXRxa0tocXp4R0hIazVYaWk2bjdDZ2RrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi82NjY2M2EtZWFmMS00YTg5LTgwNGMtMGMxZjRkMzM3ODNl LzEvZG9fdXRxa0tocXp4R0hIazVYaWk2bjdDZ2RrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXc0d5QPH LkhUWfxRBiC6EPZqebTUlVnnqpgeNIaj7vZwWEn3aUEEp1v1c12i9sw7NO1mr2Zc nBE1Ny0R4mHHjbjPBN7Iuz0BD5ogAzhziy91ozKopjzhr4akg/4f0sncYaEg9RoT kzq+qUWirJuOKQSMoeDer2Whqc9pDLiFcVL7i8UuTwPoLZAh5J/AG8E60vY3Hdbw xDvdRddxWkcKHG6Y46k8DTxgUs/bAReXMcQoV3JAKTyWgiBEtbk7z9BQJrmqAR7c nisCoFUHxgDmoxO6BvizXUqQd90lv5Wf2zCYbS8OvgfehvBeozvVr9HbyKyHt4Cl i9pUflyYYZ7a2g== -----END CERTIFICATE-----Generated at Sun Dec 21 02:08:12 2025 by rpki-client