This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft File: cNvqB1PfCD5XgrufOAtdeZy3igY.mft (raw, json) Hash identifier: O5GzcglSsAAiq3IG3SSkLWS08qGrAIwhwkAqSiSc/5k= Subject key identifier: 3F:9A:33:8F:F8:3D:02:ED:C2:AE:97:A8:79:D5:CC:3B:5D:F3:C1:9B Authority key identifier: 70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06 Certificate issuer: /CN=70dbea0753df083e5782bb9f380b5d799cb78a06 Certificate serial: 019B247615BABE8D0E69079927146785AD1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft Manifest number: 170F Signing time: Tue 16 Dec 2025 00:01:17 +0000 Manifest this update: Tue 16 Dec 2025 00:01:17 +0000 Manifest next update: Wed 17 Dec 2025 00:01:17 +0000 Files and hashes: 1: AMYHtkdmm7JS4Ofjibck2cl30Kc.roa (hash: UzWr7n7jg70LK3JVYb3K3qtMIw+QPEK/C5HkvTLOsNw=) 2: cNvqB1PfCD5XgrufOAtdeZy3igY.crl (hash: zgT/6Uh16GxXoSnEIkONmxWeAy+GNZ7P1BEapNNJupE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:76:15:ba:be:8d:0e:69:07:99:27:14:67:85:ad:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70dbea0753df083e5782bb9f380b5d799cb78a06 Validity Not Before: Dec 16 00:01:17 2025 GMT Not After : Dec 17 00:01:17 2025 GMT Subject: CN=3f9a338ff83d02edc2ae97a879d5cc3b5df3c19b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6d:c1:15:ae:20:fc:00:1e:92:82:b3:ca:2d: 1f:d3:7d:6c:f5:98:7f:ba:de:0c:b3:6b:3b:f5:a5: 20:87:e1:19:b3:03:71:8b:30:5d:b7:22:b6:2f:60: e8:90:aa:4d:ba:30:7c:82:d0:4b:68:6f:8f:ce:c5: af:2a:da:86:bc:d5:a9:71:0a:b1:8d:bf:37:8c:9e: 66:aa:f0:45:a7:06:23:a9:12:66:6c:d4:6c:2e:1a: 25:fb:c9:31:6d:49:64:49:49:45:66:af:fd:c2:da: 88:83:33:f1:46:e7:12:27:19:16:ce:2f:a6:b8:5c: 77:49:ab:51:3b:e5:3e:03:a0:5d:92:22:47:f6:8e: fb:16:6e:4d:42:9b:e9:e6:4c:a3:d6:24:88:4c:9d: db:de:41:ed:77:55:5a:b8:fe:8b:fe:59:52:de:ab: b6:14:a9:03:a1:0f:64:7a:a8:91:e1:b4:5b:f4:fe: 4a:b3:df:84:f9:3d:85:95:a5:ba:12:f1:3d:4e:4b: 03:bf:2c:4d:13:56:15:38:46:aa:e0:00:fb:0f:aa: 4f:c1:99:32:92:47:63:bf:00:f4:6b:c4:d0:11:55: 50:81:85:7d:73:ef:4e:28:03:54:c2:b6:5b:a5:a0: cd:6e:86:2b:ba:46:b3:17:ea:53:53:16:0b:5b:b4: 0b:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:9A:33:8F:F8:3D:02:ED:C2:AE:97:A8:79:D5:CC:3B:5D:F3:C1:9B X509v3 Authority Key Identifier: keyid:70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:d7:16:e1:0e:f6:6b:48:27:56:29:b2:59:d7:04:37:26:a0: 34:3f:26:a4:eb:65:da:53:fc:62:c6:e3:70:33:20:7c:1c:9f: 28:83:7e:d6:3e:d5:fc:50:20:41:2b:9e:7d:45:a4:6d:50:d8: e3:59:84:c7:3c:50:ff:a3:6c:4d:a7:0c:0c:b2:44:69:91:66: 94:9a:a9:4d:26:6a:64:63:22:e0:e4:19:f0:c9:78:44:fb:49: 72:f7:fa:8b:34:0b:ec:c7:e7:99:69:24:1d:a7:6e:b7:20:75: 31:5e:43:47:04:f4:9b:e4:ee:9d:ec:65:c2:c0:7e:84:6d:fb: 1b:ce:66:70:dc:02:0c:30:9b:d1:3d:62:d8:9b:2f:58:36:6e: 9d:30:55:57:9b:22:90:6b:d8:f6:fc:e7:ae:b4:a8:8a:b2:63: 52:88:49:ae:3e:b4:30:e4:8e:c3:d9:95:2a:f8:63:c7:c0:97: d8:59:60:07:a9:7c:76:9d:33:d9:21:3e:58:ec:40:f0:d5:0e: 53:a4:fb:04:01:c0:02:89:6b:06:da:7f:42:64:72:52:f4:75: 09:73:2d:87:33:3c:b5:26:91:6f:3e:f5:99:9c:45:e0:75:d6: 3f:74:9f:b8:7e:d4:42:ff:4b:53:8c:24:85:1d:2d:77:d7:49: e2:2f:5c:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskdhW6vo0OaQeZJxRnha0fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZGJlYTA3NTNkZjA4M2U1NzgyYmI5ZjM4MGI1ZDc5OWNi NzhhMDYwHhcNMjUxMjE2MDAwMTE3WhcNMjUxMjE3MDAwMTE3WjAzMTEwLwYDVQQD EygzZjlhMzM4ZmY4M2QwMmVkYzJhZTk3YTg3OWQ1Y2MzYjVkZjNjMTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA423BFa4g/AAekoKzyi0f031s9Zh/ ut4Ms2s79aUgh+EZswNxizBdtyK2L2DokKpNujB8gtBLaG+PzsWvKtqGvNWpcQqx jb83jJ5mqvBFpwYjqRJmbNRsLhol+8kxbUlkSUlFZq/9wtqIgzPxRucSJxkWzi+m uFx3SatRO+U+A6BdkiJH9o77Fm5NQpvp5kyj1iSITJ3b3kHtd1VauP6L/llS3qu2 FKkDoQ9keqiR4bRb9P5Ks9+E+T2FlaW6EvE9TksDvyxNE1YVOEaq4AD7D6pPwZky kkdjvwD0a8TQEVVQgYV9c+9OKANUwrZbpaDNboYrukazF+pTUxYLW7QL+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD+aM4/4PQLtwq6XqHnVzDtd88GbMB8GA1UdIwQY MBaAFHDb6gdT3wg+V4K7nzgLXXmct4oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjkt MmEwY2YxMzE3M2Q4LzEvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjktMmEwY2YxMzE3M2Q4 LzEvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl9cW4Q72 a0gnVimyWdcENyagND8mpOtl2lP8YsbjcDMgfByfKIN+1j7V/FAgQSuefUWkbVDY 41mExzxQ/6NsTacMDLJEaZFmlJqpTSZqZGMi4OQZ8Ml4RPtJcvf6izQL7MfnmWkk HadutyB1MV5DRwT0m+TunexlwsB+hG37G85mcNwCDDCb0T1i2JsvWDZunTBVV5si kGvY9vznrrSoirJjUohJrj60MOSOw9mVKvhjx8CX2FlgB6l8dp0z2SE+WOxA8NUO U6T7BAHAAolrBtp/QmRyUvR1CXMthzM8tSaRbz71mZxF4HXWP3SfuH7UQv9LU4wk hR0td9dJ4i9cbw== -----END CERTIFICATE-----Generated at Tue Dec 16 04:38:50 2025 by rpki-client