This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft File: d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json) Hash identifier: 4ISspUByPEKF1P15DRyTYnuy8DCE2H4niTVxyvK6pDM= Subject key identifier: BA:38:38:FD:3F:DF:AE:E3:6C:D0:EC:7E:33:85:99:75:94:9E:91:86 Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31 Certificate issuer: /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031 Certificate serial: 019B6B44D6A63B9647C926CEC09E845BD694 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft Manifest number: 0769 Signing time: Mon 29 Dec 2025 18:00:32 +0000 Manifest this update: Mon 29 Dec 2025 18:00:32 +0000 Manifest next update: Tue 30 Dec 2025 18:00:32 +0000 Files and hashes: 1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: +Fp3GCaeQPpXLbNSlxURp8xOBpPqu9MUVnEx/R6Z4DA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:44:d6:a6:3b:96:47:c9:26:ce:c0:9e:84:5b:d6:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031 Validity Not Before: Dec 29 18:00:32 2025 GMT Not After : Dec 30 18:00:32 2025 GMT Subject: CN=ba3838fd3fdfaee36cd0ec7e33859975949e9186 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6c:48:e1:63:ae:50:2b:75:47:bc:cc:c8:18: 88:14:46:38:57:ad:6c:be:2f:ce:3a:e1:fe:71:ab: 22:e9:b6:a8:c6:f6:95:79:33:e0:88:bb:b2:dd:60: 31:19:3b:0e:44:38:ae:b9:7e:15:e4:bd:75:94:57: 3f:93:b8:c6:cb:16:80:42:35:f9:df:65:c3:78:ab: 8d:55:88:fe:50:70:21:c5:03:54:e8:64:63:f9:d6: 79:83:b5:f4:be:72:cb:87:e1:52:77:c0:c2:ce:01: 31:e2:5f:11:2b:3e:c8:9c:ff:98:aa:04:46:d6:5c: 6f:ca:ac:e4:56:c4:68:d7:86:88:a1:a8:09:fc:4a: 7e:94:43:0e:17:00:d1:82:15:df:c9:60:a5:88:1e: cb:51:dd:90:d0:66:0d:b8:37:00:82:07:01:aa:93: 19:a7:26:ab:a2:ac:ca:cc:27:3b:ae:bb:89:73:b0: 82:16:a7:c6:ae:a2:43:bf:50:77:41:e1:b7:99:38: 91:77:d0:4f:3e:5a:26:c1:44:f1:41:fb:59:83:2c: 3f:d5:e4:00:f1:fc:36:65:48:04:86:fc:39:d8:8e: 06:c3:29:a9:b5:17:5a:b7:85:5b:6d:11:4f:34:d6: bf:09:8a:49:4b:6a:38:61:fe:1a:5b:6c:70:0e:62: c7:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:38:38:FD:3F:DF:AE:E3:6C:D0:EC:7E:33:85:99:75:94:9E:91:86 X509v3 Authority Key Identifier: keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:21:4a:e5:21:e1:f7:65:ad:0f:ae:a0:7e:b6:74:d2:59:a3: 07:61:90:6b:e6:a3:42:37:4c:36:96:64:41:63:8d:6b:17:17: 53:47:7e:cb:b0:92:93:2f:48:d9:75:89:bc:9c:eb:dd:34:1e: e9:32:a9:e6:e9:1e:05:f3:71:65:e7:7b:b5:58:36:34:bc:4a: 72:01:33:d2:bd:e6:8f:c9:7c:25:46:21:48:c6:d5:db:c2:1e: 74:6c:e5:ea:65:13:31:8b:8b:05:5f:42:3e:fc:6d:1a:1e:34: 5e:e8:e5:fd:7b:3b:7b:c5:0e:aa:d2:0d:49:b8:00:9c:23:0c: 68:31:1f:80:8d:cd:55:54:6e:19:c7:a4:17:6a:88:ce:e4:4f: ab:1a:93:11:2b:c4:31:88:37:d9:64:c7:07:78:4f:33:52:ad: 90:18:c4:e3:eb:55:41:58:17:e7:15:3b:d6:a8:5c:8e:af:31: 97:99:63:ef:4a:ce:49:25:fa:74:b9:15:8e:97:82:8e:08:5a: 9c:02:c1:68:d7:8f:f1:a5:3e:a4:c8:dc:1f:db:9f:5e:4e:99: fb:12:0d:6a:fb:97:ab:ab:98:7a:3c:cb:09:d9:fc:62:6b:a9: 35:60:1b:d3:6a:2c:1e:39:72:34:9e:08:6a:15:b0:75:66:63: 70:ab:b3:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtrRNamO5ZHySbOwJ6EW9aUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy MTYwMzEwHhcNMjUxMjI5MTgwMDMyWhcNMjUxMjMwMTgwMDMyWjAzMTEwLwYDVQQD EyhiYTM4MzhmZDNmZGZhZWUzNmNkMGVjN2UzMzg1OTk3NTk0OWU5MTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2xI4WOuUCt1R7zMyBiIFEY4V61s vi/OOuH+casi6baoxvaVeTPgiLuy3WAxGTsORDiuuX4V5L11lFc/k7jGyxaAQjX5 32XDeKuNVYj+UHAhxQNU6GRj+dZ5g7X0vnLLh+FSd8DCzgEx4l8RKz7InP+YqgRG 1lxvyqzkVsRo14aIoagJ/Ep+lEMOFwDRghXfyWCliB7LUd2Q0GYNuDcAggcBqpMZ pyaroqzKzCc7rruJc7CCFqfGrqJDv1B3QeG3mTiRd9BPPlomwUTxQftZgyw/1eQA 8fw2ZUgEhvw52I4GwymptRdat4VbbRFPNNa/CYpJS2o4Yf4aW2xwDmLHowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLo4OP0/367jbNDsfjOFmXWUnpGGMB8GA1UdIwQY MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhiFK5SHh 92WtD66gfrZ00lmjB2GQa+ajQjdMNpZkQWONaxcXU0d+y7CSky9I2XWJvJzr3TQe 6TKp5ukeBfNxZed7tVg2NLxKcgEz0r3mj8l8JUYhSMbV28IedGzl6mUTMYuLBV9C PvxtGh40Xujl/Xs7e8UOqtINSbgAnCMMaDEfgI3NVVRuGcekF2qIzuRPqxqTESvE MYg32WTHB3hPM1KtkBjE4+tVQVgX5xU71qhcjq8xl5lj70rOSSX6dLkVjpeCjgha nALBaNeP8aU+pMjcH9ufXk6Z+xINavuXq6uYejzLCdn8YmupNWAb02osHjlyNJ4I ahWwdWZjcKuzxg== -----END CERTIFICATE-----Generated at Mon Dec 29 23:45:07 2025 by rpki-client