This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft File: l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json) Hash identifier: i2/A7PuYq8mh0Lr7m3Uw2NY8p/2rZkgdiVVxNX1QFdE= Subject key identifier: 2D:35:2B:60:59:6A:A0:48:89:2B:C0:BC:5B:57:C0:A1:53:5D:F9:07 Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8 Certificate issuer: /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8 Certificate serial: 019B2F6704AC78569C4DD5C9D999321E5D4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft Manifest number: 177C Signing time: Thu 18 Dec 2025 03:00:39 +0000 Manifest this update: Thu 18 Dec 2025 03:00:39 +0000 Manifest next update: Fri 19 Dec 2025 03:00:39 +0000 Files and hashes: 1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: oGpJI/uH0ayIwHDOCG75lrKK4VJ+UUjhvt0OY2Pk5SE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 03:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:67:04:ac:78:56:9c:4d:d5:c9:d9:99:32:1e:5d:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8 Validity Not Before: Dec 18 03:00:39 2025 GMT Not After : Dec 19 03:00:39 2025 GMT Subject: CN=2d352b60596aa048892bc0bc5b57c0a1535df907 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:96:10:cf:1e:4b:3e:6a:e8:40:db:f2:f0:d3: 09:a7:ea:3c:e7:71:1e:1a:01:7d:99:06:42:df:d1: 95:cf:b0:6a:b8:a5:2e:4c:a3:f4:b0:e6:0b:e8:70: 57:ec:d5:e2:47:3a:a4:76:c4:19:fb:10:0d:fa:e5: 43:f3:8c:32:78:81:fc:2b:b0:c4:cc:aa:a7:30:bc: a0:c0:d4:be:47:7c:d0:56:c2:4c:54:e3:d1:1c:6d: 18:c2:6e:08:d7:31:ef:65:8e:81:04:e3:4b:87:c5: 85:f7:c9:4e:10:52:a2:1f:19:2d:09:79:78:06:ff: 34:2e:13:b8:fa:c0:64:c8:4e:99:bf:a5:b2:d3:04: 9f:ec:ac:b1:6f:72:f2:3f:70:af:84:4c:8e:e3:40: 3d:16:b7:b5:53:fc:91:d4:23:6e:81:91:5c:7a:aa: c6:57:bb:a2:b4:d1:60:c5:b6:84:dd:fc:5b:90:5d: 8b:c7:1b:bc:44:43:b4:1e:04:8e:11:23:b6:ad:67: f2:50:ad:35:c8:a0:3b:c6:5b:1c:ce:45:00:37:5a: f6:a8:d1:c8:e6:ce:35:f7:51:26:4b:28:5f:27:d9: b2:fb:d8:1e:3a:d1:47:d6:a6:b6:07:c1:25:d5:ac: a4:46:34:43:12:23:3b:9c:80:f6:40:1c:42:a6:63: ab:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:35:2B:60:59:6A:A0:48:89:2B:C0:BC:5B:57:C0:A1:53:5D:F9:07 X509v3 Authority Key Identifier: keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:7f:a9:23:e1:dd:ee:e0:42:7e:7a:04:1f:25:8d:fa:0c:50: aa:1a:91:ec:17:53:d5:da:a1:52:61:ca:bd:25:36:4f:42:de: 31:ad:b3:a4:b2:9e:47:8e:44:e7:fd:6c:56:6e:0d:f3:47:43: 74:f4:e0:03:39:f4:bd:6d:5e:cb:52:54:b7:88:ab:d1:fd:20: 4e:52:63:15:a0:f1:d0:b3:5c:e7:61:2b:91:c5:c7:bb:f8:5f: 72:56:70:51:26:2f:6f:23:d3:f6:ef:42:dd:d0:4b:eb:a6:ee: d6:60:a7:3a:c4:8a:08:b4:ed:36:12:d5:07:49:de:83:fa:23: 0b:31:97:f6:d7:49:b5:6e:eb:db:77:41:4b:9f:05:40:57:db: de:95:92:86:7d:24:d9:c2:1b:19:b2:95:59:9a:6a:d4:6f:ca: bd:df:0a:89:39:f8:e3:13:8f:d3:46:ba:af:76:55:ad:9f:11: db:7b:56:81:4b:66:42:42:21:a4:23:ca:af:3e:b3:15:7e:ec: da:d3:52:5a:d7:84:4a:8e:80:e0:63:f7:10:a4:ff:ce:aa:09: f6:09:e3:fc:88:34:3c:f2:55:45:6d:d0:8d:86:b6:d6:01:48: 27:c1:d7:4a:11:c2:43:55:f2:1d:18:49:7b:b7:35:d2:d6:03: 3e:ab:a5:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvZwSseFacTdXJ2ZkyHl1NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5 OTQ5YjgwHhcNMjUxMjE4MDMwMDM5WhcNMjUxMjE5MDMwMDM5WjAzMTEwLwYDVQQD EygyZDM1MmI2MDU5NmFhMDQ4ODkyYmMwYmM1YjU3YzBhMTUzNWRmOTA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpYQzx5LPmroQNvy8NMJp+o853Ee GgF9mQZC39GVz7BquKUuTKP0sOYL6HBX7NXiRzqkdsQZ+xAN+uVD84wyeIH8K7DE zKqnMLygwNS+R3zQVsJMVOPRHG0Ywm4I1zHvZY6BBONLh8WF98lOEFKiHxktCXl4 Bv80LhO4+sBkyE6Zv6Wy0wSf7Kyxb3LyP3CvhEyO40A9Fre1U/yR1CNugZFceqrG V7uitNFgxbaE3fxbkF2Lxxu8REO0HgSOESO2rWfyUK01yKA7xlsczkUAN1r2qNHI 5s4191EmSyhfJ9my+9geOtFH1qa2B8El1aykRjRDEiM7nID2QBxCpmOrZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC01K2BZaqBIiSvAvFtXwKFTXfkHMB8GA1UdIwQY MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOH+pI+Hd 7uBCfnoEHyWN+gxQqhqR7BdT1dqhUmHKvSU2T0LeMa2zpLKeR45E5/1sVm4N80dD dPTgAzn0vW1ey1JUt4ir0f0gTlJjFaDx0LNc52ErkcXHu/hfclZwUSYvbyPT9u9C 3dBL66bu1mCnOsSKCLTtNhLVB0neg/ojCzGX9tdJtW7r23dBS58FQFfb3pWShn0k 2cIbGbKVWZpq1G/Kvd8KiTn44xOP00a6r3ZVrZ8R23tWgUtmQkIhpCPKrz6zFX7s 2tNSWteESo6A4GP3EKT/zqoJ9gnj/Ig0PPJVRW3QjYa21gFIJ8HXShHCQ1XyHRhJ e7c10tYDPqul5w== -----END CERTIFICATE-----Generated at Thu Dec 18 11:14:39 2025 by rpki-client