This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft File: dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft (raw, json) Hash identifier: pAgLXniJbOFZFENJ3X26nIxmrEI3MX/xSBpx8dykXwI= Subject key identifier: B5:B5:3F:F0:AA:F2:D6:DC:23:DE:1D:5F:AC:A7:68:6C:41:A3:8D:5E Authority key identifier: 76:9A:0E:D1:35:91:D4:B8:4C:A7:9A:8E:B5:77:22:60:76:65:1A:14 Certificate issuer: /CN=769a0ed13591d4b84ca79a8eb577226076651a14 Certificate serial: 019B48141E4DA9A43142ADF43E464F432197 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft Manifest number: 0B9C Signing time: Mon 22 Dec 2025 22:00:36 +0000 Manifest this update: Mon 22 Dec 2025 22:00:36 +0000 Manifest next update: Tue 23 Dec 2025 22:00:36 +0000 Files and hashes: 1: dpoO0TWR1LhMp5qOtXciYHZlGhQ.crl (hash: S56bey1eT35yFvskb6xI+MOwbcz0SS4DUU4xvkGlZM4=) 2: r2xenfWR41SW-pcJkK2n6k9oW9c.roa (hash: 9h5yss6Wot3H0ZXysamwxUCIRFlANswYmfwPee5G6HI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.crl rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:14:1e:4d:a9:a4:31:42:ad:f4:3e:46:4f:43:21:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=769a0ed13591d4b84ca79a8eb577226076651a14 Validity Not Before: Dec 22 22:00:36 2025 GMT Not After : Dec 23 22:00:36 2025 GMT Subject: CN=b5b53ff0aaf2d6dc23de1d5faca7686c41a38d5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:82:e1:6a:96:43:50:0a:de:40:c9:51:a1:9b: c7:56:1a:de:51:38:08:ce:c8:d7:6b:8e:d1:f7:25: f8:a0:93:d6:e9:da:ee:ab:94:11:7e:05:9e:0e:a2: 81:39:88:e7:f0:70:8f:41:e9:d5:84:a0:79:b4:0f: 7a:45:d4:59:e4:4e:94:a2:7e:68:57:10:cf:7a:2f: a9:08:d5:57:e5:21:97:7c:8b:0d:6d:45:6e:2c:cc: 17:85:21:51:90:73:38:72:82:9f:46:f1:60:1e:6e: b2:ec:18:5d:e5:c1:21:7f:62:92:7c:7f:be:5e:71: cc:42:8e:0e:90:0b:61:da:92:7e:42:45:ad:de:a6: 6a:e0:6b:0d:e8:dd:93:90:c5:87:a2:40:64:c3:ea: 67:d6:0f:29:c7:e3:d0:86:94:f9:2b:a4:57:e7:df: c9:d5:ba:47:9d:c1:bd:16:b2:0c:18:70:a4:7d:ff: e5:0a:08:4f:e0:d9:17:8d:dd:c8:cb:87:34:b0:c1: 4e:f9:7e:bb:04:a1:db:54:4a:a6:dc:4a:5d:26:b3: 51:45:d7:06:2f:73:39:43:8f:2a:48:3c:b6:91:46: aa:31:0a:8f:df:b3:97:b8:b9:57:f3:79:77:57:64: 0a:40:3f:65:50:ab:22:89:7a:79:d5:27:3b:15:af: e2:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:B5:3F:F0:AA:F2:D6:DC:23:DE:1D:5F:AC:A7:68:6C:41:A3:8D:5E X509v3 Authority Key Identifier: keyid:76:9A:0E:D1:35:91:D4:B8:4C:A7:9A:8E:B5:77:22:60:76:65:1A:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:4b:72:61:db:9c:6d:57:77:fa:26:0e:7f:c8:22:f3:06:94: 2b:25:86:97:b3:65:32:db:11:65:23:81:94:38:d5:49:d7:cc: 0c:b2:09:7c:85:26:8d:c6:21:da:d1:26:c2:d9:c6:3d:a0:a4: 6b:b4:2f:ee:06:53:21:e5:de:6c:5d:84:c3:d1:3e:eb:a6:e7: 26:87:2c:ee:96:dd:c1:ca:05:14:a3:b0:24:01:68:cb:bc:b0: 06:30:0a:a4:21:70:1b:ce:d4:a2:d3:71:81:13:ac:62:a6:00: 6c:12:b2:da:0d:ca:fc:72:f8:83:48:31:41:b7:0c:b0:59:57: 76:bf:c1:0f:37:5d:a9:ab:d2:32:f1:10:7a:24:dc:8b:c4:69: 4f:94:3e:ae:0e:8d:77:60:50:08:d6:c1:61:a6:30:57:81:79: f1:14:9c:1a:2c:81:d1:ce:03:36:d3:89:83:d9:2b:db:57:87: 7e:07:9f:f2:be:54:e5:91:a8:23:0c:e4:9c:e1:b8:4b:3f:34: 28:49:78:7b:61:08:db:c7:05:49:f0:79:1f:1c:27:f3:fe:a5: c3:16:e2:cf:0e:f1:88:bd:3d:95:7c:bf:44:18:3c:4b:12:c5: 7a:13:20:86:1b:44:c1:fb:9f:b2:91:8a:fb:24:1b:0f:65:d1: cf:84:3e:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFB5NqaQxQq30PkZPQyGXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2OWEwZWQxMzU5MWQ0Yjg0Y2E3OWE4ZWI1NzcyMjYwNzY2 NTFhMTQwHhcNMjUxMjIyMjIwMDM2WhcNMjUxMjIzMjIwMDM2WjAzMTEwLwYDVQQD EyhiNWI1M2ZmMGFhZjJkNmRjMjNkZTFkNWZhY2E3Njg2YzQxYTM4ZDVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoLhapZDUAreQMlRoZvHVhreUTgI zsjXa47R9yX4oJPW6druq5QRfgWeDqKBOYjn8HCPQenVhKB5tA96RdRZ5E6Uon5o VxDPei+pCNVX5SGXfIsNbUVuLMwXhSFRkHM4coKfRvFgHm6y7Bhd5cEhf2KSfH++ XnHMQo4OkAth2pJ+QkWt3qZq4GsN6N2TkMWHokBkw+pn1g8px+PQhpT5K6RX59/J 1bpHncG9FrIMGHCkff/lCghP4NkXjd3Iy4c0sMFO+X67BKHbVEqm3EpdJrNRRdcG L3M5Q48qSDy2kUaqMQqP37OXuLlX83l3V2QKQD9lUKsiiXp51Sc7Fa/iSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLW1P/Cq8tbcI94dX6ynaGxBo41eMB8GA1UdIwQY MBaAFHaaDtE1kdS4TKeajrV3ImB2ZRoUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni82OGMwMDgtNjlkMy00MzZmLWFkMzMt MmRiZTc4NTQyMmY4LzEvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni82OGMwMDgtNjlkMy00MzZmLWFkMzMtMmRiZTc4NTQyMmY4 LzEvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaUtyYduc bVd3+iYOf8gi8waUKyWGl7NlMtsRZSOBlDjVSdfMDLIJfIUmjcYh2tEmwtnGPaCk a7Qv7gZTIeXebF2Ew9E+66bnJocs7pbdwcoFFKOwJAFoy7ywBjAKpCFwG87UotNx gROsYqYAbBKy2g3K/HL4g0gxQbcMsFlXdr/BDzddqavSMvEQeiTci8RpT5Q+rg6N d2BQCNbBYaYwV4F58RScGiyB0c4DNtOJg9kr21eHfgef8r5U5ZGoIwzknOG4Sz80 KEl4e2EI28cFSfB5Hxwn8/6lwxbizw7xiL09lXy/RBg8SxLFehMghhtEwfufspGK +yQbD2XRz4Q+hg== -----END CERTIFICATE-----Generated at Tue Dec 23 03:19:32 2025 by rpki-client