This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft File: dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft (raw, json) Hash identifier: ooDBbqNL++Yhq63SO9zqLYRQ7rwvSuGKFE3pJ+C9M8o= Subject key identifier: D7:D4:D4:05:FC:65:3E:20:DE:C3:CE:5B:1B:3E:1B:98:30:AA:9D:09 Authority key identifier: 76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91 Certificate issuer: /CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91 Certificate serial: 019B49276C5F3D68C9EB7600F36E48C00321 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft Manifest number: 14D9 Signing time: Tue 23 Dec 2025 03:01:18 +0000 Manifest this update: Tue 23 Dec 2025 03:01:18 +0000 Manifest next update: Wed 24 Dec 2025 03:01:18 +0000 Files and hashes: 1: P5ZnswUpMLyVjWj9pVZS-hlIw7A.roa (hash: 3hJsA3Q3EQecJR3hJHgLTYYEIcnWflx0DcKeSfNvhRM=) 2: dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl (hash: w2haCe8adFBmLLatJ2uis1bESTtIMmczPVfV7RcHlEE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:27:6c:5f:3d:68:c9:eb:76:00:f3:6e:48:c0:03:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91 Validity Not Before: Dec 23 03:01:18 2025 GMT Not After : Dec 24 03:01:18 2025 GMT Subject: CN=d7d4d405fc653e20dec3ce5b1b3e1b9830aa9d09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:50:c8:12:e9:ce:51:02:ad:52:ab:3e:3e:70: d5:99:8f:ba:47:1b:2c:99:e1:73:a1:99:85:bf:11: c6:e5:6d:2d:fa:03:8f:26:0a:16:35:67:2d:d0:2f: 6b:2c:43:c2:eb:04:30:8b:24:d3:48:19:6f:db:ae: 83:ae:26:da:00:10:f4:67:1a:d7:94:0a:1c:7b:d1: aa:b1:8e:76:f8:f0:99:a9:0b:a8:6c:9b:a7:0a:cb: ac:dc:86:37:8f:19:c4:77:02:e3:26:52:02:d8:8f: 84:c5:db:97:75:7d:81:17:fa:39:c8:2a:97:f8:fd: 16:d8:c1:3f:39:4d:4b:20:22:9a:be:4c:19:0c:bc: d0:9b:18:5c:03:1d:3a:16:4b:cb:66:72:4b:13:4f: fa:b3:b8:b3:7c:01:0e:41:14:9d:14:d6:13:28:98: 05:77:af:2e:1d:5d:79:fe:50:79:3e:37:e0:c9:a0: 5b:3b:fd:aa:c7:93:3a:12:41:cf:55:0d:59:a3:86: 79:df:f4:10:21:6d:e8:9e:32:a5:ee:f3:2f:23:ba: 9c:79:f5:fa:38:b5:72:fe:8b:9d:df:37:5a:94:f5: cf:09:fe:36:c4:4f:c5:fb:5f:9f:a6:a2:6e:35:0d: f4:ed:1e:9f:04:c5:65:54:65:88:6f:20:69:89:1c: 0d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:D4:D4:05:FC:65:3E:20:DE:C3:CE:5B:1B:3E:1B:98:30:AA:9D:09 X509v3 Authority Key Identifier: keyid:76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:98:f1:40:09:7f:db:3c:7f:4e:3a:5d:63:79:f6:e5:74:db: 60:9e:e4:f1:fc:77:47:38:cc:17:55:15:8b:1b:eb:c4:71:12: 13:49:f6:7c:dc:6e:2e:7a:05:fa:b9:59:59:ac:76:4f:e8:b8: c9:1e:41:79:f6:5a:4d:63:41:00:d6:87:a7:64:ef:6f:ec:d2: d1:f9:a5:fc:d5:ac:b7:ca:a5:62:70:a1:05:ad:51:04:78:c9: 29:74:e1:3b:dd:0a:c1:5d:25:2d:d8:4b:ed:43:35:a7:74:28: 3c:8d:7a:96:46:4b:a7:b4:42:de:62:10:a3:50:21:7b:76:ad: 89:b3:49:18:fa:02:29:8b:88:f7:b6:89:6f:13:4e:ec:d8:d1: 7a:5f:69:8f:73:03:74:30:b6:02:f5:0b:4d:cb:5f:8a:6f:1c: 79:09:1b:4f:1c:44:cd:67:3b:11:03:46:e9:de:89:0b:98:9f: ec:a1:eb:f4:ba:50:e3:cc:7c:fa:e1:53:ca:2e:07:ee:83:a3: 77:34:cc:3d:57:8c:e8:42:3c:bc:f5:fb:64:47:29:de:ad:46: 2b:52:bf:05:14:ee:1b:5b:b3:f8:a0:e9:95:74:e9:82:62:64: 1d:93:0d:3c:f9:b6:12:3a:1d:85:fb:12:52:a2:8f:d6:0c:d9: c9:7d:b3:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJJ2xfPWjJ63YA825IwAMhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2N2JjMDJhNTg1OTYyM2Y1NjNlYTg0YTZiYjBhMjkyMGQ1 YjNlOTEwHhcNMjUxMjIzMDMwMTE4WhcNMjUxMjI0MDMwMTE4WjAzMTEwLwYDVQQD EyhkN2Q0ZDQwNWZjNjUzZTIwZGVjM2NlNWIxYjNlMWI5ODMwYWE5ZDA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FDIEunOUQKtUqs+PnDVmY+6Rxss meFzoZmFvxHG5W0t+gOPJgoWNWct0C9rLEPC6wQwiyTTSBlv266DribaABD0ZxrX lAoce9GqsY52+PCZqQuobJunCsus3IY3jxnEdwLjJlIC2I+ExduXdX2BF/o5yCqX +P0W2ME/OU1LICKavkwZDLzQmxhcAx06FkvLZnJLE0/6s7izfAEOQRSdFNYTKJgF d68uHV15/lB5PjfgyaBbO/2qx5M6EkHPVQ1Zo4Z53/QQIW3onjKl7vMvI7qcefX6 OLVy/oud3zdalPXPCf42xE/F+1+fpqJuNQ307R6fBMVlVGWIbyBpiRwNTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNfU1AX8ZT4g3sPOWxs+G5gwqp0JMB8GA1UdIwQY MBaAFHZ7wCpYWWI/Vj6oSmuwopINWz6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTct NjgxNTU0OGJmMzNmLzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTctNjgxNTU0OGJmMzNm LzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZjxQAl/ 2zx/TjpdY3n25XTbYJ7k8fx3RzjMF1UVixvrxHESE0n2fNxuLnoF+rlZWax2T+i4 yR5BefZaTWNBANaHp2Tvb+zS0fml/NWst8qlYnChBa1RBHjJKXThO90KwV0lLdhL 7UM1p3QoPI16lkZLp7RC3mIQo1Ahe3atibNJGPoCKYuI97aJbxNO7NjRel9pj3MD dDC2AvULTctfim8ceQkbTxxEzWc7EQNG6d6JC5if7KHr9LpQ48x8+uFTyi4H7oOj dzTMPVeM6EI8vPX7ZEcp3q1GK1K/BRTuG1uz+KDplXTpgmJkHZMNPPm2EjodhfsS UqKP1gzZyX2zTw== -----END CERTIFICATE-----Generated at Tue Dec 23 07:54:20 2025 by rpki-client