This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4d7a96-0574-4a09-850d-75137b12842b/1/DM1NST05HKRGjmEs6RtH8cgoM2I.mft File: DM1NST05HKRGjmEs6RtH8cgoM2I.mft (raw, json) Hash identifier: xCDe+ODW4lU2QSx4qCngk7QTzR8Pns+JXoDBWFq/9fs= Subject key identifier: 8A:1C:F4:2A:0B:4E:03:43:DC:16:D3:73:06:F4:38:70:41:5F:49:24 Authority key identifier: 0C:CD:4D:49:3D:39:1C:A4:46:8E:61:2C:E9:1B:47:F1:C8:28:33:62 Certificate issuer: /CN=0ccd4d493d391ca4468e612ce91b47f1c8283362 Certificate serial: 019B511747229B587F93AA036B0251C97923 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DM1NST05HKRGjmEs6RtH8cgoM2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4d7a96-0574-4a09-850d-75137b12842b/1/DM1NST05HKRGjmEs6RtH8cgoM2I.mft Manifest number: 0208 Signing time: Wed 24 Dec 2025 16:00:38 +0000 Manifest this update: Wed 24 Dec 2025 16:00:38 +0000 Manifest next update: Thu 25 Dec 2025 16:00:38 +0000 Files and hashes: 1: DM1NST05HKRGjmEs6RtH8cgoM2I.crl (hash: FsYbW0Bc6Ddq7uWd99AEFpJF2OrYY0ODLYr6+sjG7Io=) 2: UCbP0uMxwI1Dtwy_MSnoOs0srFA.roa (hash: FXCOZ3RR1v7GAOBmOczwXx+7sehvCfZ7oMWfxcGZPmk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/4d7a96-0574-4a09-850d-75137b12842b/1/DM1NST05HKRGjmEs6RtH8cgoM2I.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/4d7a96-0574-4a09-850d-75137b12842b/1/DM1NST05HKRGjmEs6RtH8cgoM2I.mft rsync://rpki.ripe.net/repository/DEFAULT/DM1NST05HKRGjmEs6RtH8cgoM2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:17:47:22:9b:58:7f:93:aa:03:6b:02:51:c9:79:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ccd4d493d391ca4468e612ce91b47f1c8283362 Validity Not Before: Dec 24 16:00:38 2025 GMT Not After : Dec 25 16:00:38 2025 GMT Subject: CN=8a1cf42a0b4e0343dc16d37306f43870415f4924 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:97:d1:b3:a5:28:36:c5:5f:75:d4:68:9c:99: 79:ed:9f:b6:b7:ea:46:8a:9b:40:0c:f2:b6:92:5b: c0:98:6d:f4:0e:84:5e:c4:06:0f:03:4c:db:95:56: 57:5e:b4:c8:05:19:aa:6d:91:d2:a8:11:4e:aa:b5: c2:28:ef:98:8d:3d:ad:82:a5:72:f1:66:10:ec:39: 52:7e:e3:c7:d7:d9:62:9f:0c:e7:b5:4a:45:0c:9e: 6e:a8:60:ce:85:44:ff:9c:7f:5a:46:10:94:ef:ee: 69:e5:b9:68:16:2e:d7:4d:f4:c7:f7:64:8c:f4:c8: 3c:25:f0:58:ff:b1:b5:56:99:77:50:ca:c2:82:7b: fa:a0:5d:61:d4:7b:3e:f4:f9:53:6c:95:a2:b1:26: df:79:e4:af:be:0a:64:23:69:08:16:25:c4:d5:f1: 2e:a9:1f:94:b8:66:73:e2:5c:c8:27:af:e8:14:8b: 98:b9:33:9f:a4:49:fd:c7:b1:46:8f:ab:4a:59:32: 27:f9:d2:11:dd:18:d3:bc:42:81:df:6b:83:b2:bd: 90:df:80:1e:75:1d:22:bf:f8:0c:31:be:37:2b:4c: 35:e0:15:45:8a:7f:5b:8a:a1:e8:b9:60:2c:c7:36: 5a:05:df:9a:05:6d:48:41:91:f4:18:d5:3d:73:82: fd:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:1C:F4:2A:0B:4E:03:43:DC:16:D3:73:06:F4:38:70:41:5F:49:24 X509v3 Authority Key Identifier: keyid:0C:CD:4D:49:3D:39:1C:A4:46:8E:61:2C:E9:1B:47:F1:C8:28:33:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DM1NST05HKRGjmEs6RtH8cgoM2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4d7a96-0574-4a09-850d-75137b12842b/1/DM1NST05HKRGjmEs6RtH8cgoM2I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4d7a96-0574-4a09-850d-75137b12842b/1/DM1NST05HKRGjmEs6RtH8cgoM2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:ae:8b:8a:95:2d:b1:0c:22:5f:ff:36:73:01:e2:6a:01:f4: 1f:ae:8d:52:34:c6:3b:0a:06:14:7d:90:f3:9d:df:0e:a0:f8: b8:97:22:1e:42:a0:11:e5:01:58:3c:16:2d:8a:8d:36:5f:8e: 2d:3a:59:73:8b:ac:10:4f:d8:7d:b9:db:99:ef:1a:92:62:e0: d4:44:b6:90:68:29:4e:4a:a0:e5:90:0a:7e:96:74:4d:ac:7a: 3f:13:29:75:2a:d4:81:a6:05:aa:ae:07:42:1a:f7:1f:3c:df: cc:4f:8c:1a:3d:57:d3:cd:64:d5:c9:36:52:4b:fc:89:83:9e: 99:3a:a5:42:37:e1:f5:03:26:2d:78:64:e8:9b:e6:9c:c2:b6: 58:2a:17:22:62:cd:30:63:62:4e:d7:30:10:9c:7f:00:4c:96: c0:33:6a:2e:da:8a:d8:8d:16:7f:dc:7a:bd:8f:75:c8:30:02: 2e:35:16:23:1f:0f:41:b0:67:5b:bf:cc:9d:6f:e5:e7:f6:f5: 93:19:53:71:d2:e5:d8:a8:73:5f:20:d5:b0:ad:e6:5d:3a:b0: b0:d7:28:22:ca:45:83:0d:65:ac:5d:91:42:cf:95:cb:57:b5: 30:25:3c:a9:f7:cc:ba:21:c4:07:ce:ea:73:02:4d:ee:82:69: 8c:1c:71:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRF0cim1h/k6oDawJRyXkjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjY2Q0ZDQ5M2QzOTFjYTQ0NjhlNjEyY2U5MWI0N2YxYzgy ODMzNjIwHhcNMjUxMjI0MTYwMDM4WhcNMjUxMjI1MTYwMDM4WjAzMTEwLwYDVQQD Eyg4YTFjZjQyYTBiNGUwMzQzZGMxNmQzNzMwNmY0Mzg3MDQxNWY0OTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pfRs6UoNsVfddRonJl57Z+2t+pG iptADPK2klvAmG30DoRexAYPA0zblVZXXrTIBRmqbZHSqBFOqrXCKO+YjT2tgqVy 8WYQ7DlSfuPH19linwzntUpFDJ5uqGDOhUT/nH9aRhCU7+5p5bloFi7XTfTH92SM 9Mg8JfBY/7G1Vpl3UMrCgnv6oF1h1Hs+9PlTbJWisSbfeeSvvgpkI2kIFiXE1fEu qR+UuGZz4lzIJ6/oFIuYuTOfpEn9x7FGj6tKWTIn+dIR3RjTvEKB32uDsr2Q34Ae dR0iv/gMMb43K0w14BVFin9biqHouWAsxzZaBd+aBW1IQZH0GNU9c4L96wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIoc9CoLTgND3BbTcwb0OHBBX0kkMB8GA1UdIwQY MBaAFAzNTUk9ORykRo5hLOkbR/HIKDNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRE0xTlNUMDVIS1JHam1FczZSdEg4Y2dvTTJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZDdhOTYtMDU3NC00YTA5LTg1MGQt NzUxMzdiMTI4NDJiLzEvRE0xTlNUMDVIS1JHam1FczZSdEg4Y2dvTTJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi80ZDdhOTYtMDU3NC00YTA5LTg1MGQtNzUxMzdiMTI4NDJi LzEvRE0xTlNUMDVIS1JHam1FczZSdEg4Y2dvTTJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAha6LipUt sQwiX/82cwHiagH0H66NUjTGOwoGFH2Q853fDqD4uJciHkKgEeUBWDwWLYqNNl+O LTpZc4usEE/Yfbnbme8akmLg1ES2kGgpTkqg5ZAKfpZ0Tax6PxMpdSrUgaYFqq4H Qhr3HzzfzE+MGj1X081k1ck2Ukv8iYOemTqlQjfh9QMmLXhk6JvmnMK2WCoXImLN MGNiTtcwEJx/AEyWwDNqLtqK2I0Wf9x6vY91yDACLjUWIx8PQbBnW7/MnW/l5/b1 kxlTcdLl2KhzXyDVsK3mXTqwsNcoIspFgw1lrF2RQs+Vy1e1MCU8qffMuiHEB87q cwJN7oJpjBxxaQ== -----END CERTIFICATE-----Generated at Wed Dec 24 23:30:31 2025 by rpki-client