This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9f43aa-c5c9-4ef7-8766-5a9d702e77e3/1/a0dcb7gDO14R19tfLJl8hLpyXKI.mft File: a0dcb7gDO14R19tfLJl8hLpyXKI.mft (raw, json) Hash identifier: yUI4EGo4EOn1lr9ghdct5IuAsW2A2VwYVWmbvdWY9tA= Subject key identifier: 21:6D:9D:03:F0:DC:88:C4:7A:AF:94:46:BB:D2:3A:BB:E7:4A:42:27 Authority key identifier: 6B:47:5C:6F:B8:03:3B:5E:11:D7:DB:5F:2C:99:7C:84:BA:72:5C:A2 Certificate issuer: /CN=6b475c6fb8033b5e11d7db5f2c997c84ba725ca2 Certificate serial: 019B2176DEB0DBC6176D072D2D356A60916F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0dcb7gDO14R19tfLJl8hLpyXKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9f43aa-c5c9-4ef7-8766-5a9d702e77e3/1/a0dcb7gDO14R19tfLJl8hLpyXKI.mft Manifest number: 170C Signing time: Mon 15 Dec 2025 10:03:16 +0000 Manifest this update: Mon 15 Dec 2025 10:03:16 +0000 Manifest next update: Tue 16 Dec 2025 10:03:16 +0000 Files and hashes: 1: OVBxJN_E7KClOVOyQO1dITqXrDc.roa (hash: gtF4A20X0QOWLiRvuhbFqEg7fy+sAd/zI+eINNfliv0=) 2: a0dcb7gDO14R19tfLJl8hLpyXKI.crl (hash: XfepjgZHkq9jhGVgtDUvGTcWovMm0zjeeC60EoQFIQ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/9f43aa-c5c9-4ef7-8766-5a9d702e77e3/1/a0dcb7gDO14R19tfLJl8hLpyXKI.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/9f43aa-c5c9-4ef7-8766-5a9d702e77e3/1/a0dcb7gDO14R19tfLJl8hLpyXKI.mft rsync://rpki.ripe.net/repository/DEFAULT/a0dcb7gDO14R19tfLJl8hLpyXKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:03:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:76:de:b0:db:c6:17:6d:07:2d:2d:35:6a:60:91:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b475c6fb8033b5e11d7db5f2c997c84ba725ca2 Validity Not Before: Dec 15 10:03:16 2025 GMT Not After : Dec 16 10:03:16 2025 GMT Subject: CN=216d9d03f0dc88c47aaf9446bbd23abbe74a4227 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ca:49:c1:7c:ea:2d:79:b3:cd:5d:7a:3d:cd: a3:b1:c8:df:26:02:a0:96:5e:21:6e:24:34:2e:bf: 84:eb:48:f1:01:cf:c7:45:1c:72:8a:d7:eb:14:b0: 0c:37:f8:96:04:2a:a1:7f:83:93:4e:63:f1:77:25: e1:49:00:28:4e:39:a9:5e:93:48:ba:19:62:62:22: 3b:ef:a8:c8:d9:41:d6:e5:b5:32:dc:4f:bf:e6:e7: f1:c6:49:d4:61:1b:a9:08:5c:64:39:85:72:6f:0b: fa:86:f7:98:b9:28:4e:8e:63:be:cb:d8:ba:61:d5: 9e:bb:c0:62:61:15:85:ff:09:6e:0d:2c:4c:85:40: fd:7a:d7:2f:cf:7b:13:04:21:da:14:f9:51:df:66: bf:82:c7:8c:f5:e3:a7:3b:9e:ce:e4:a2:2d:f2:66: 7b:41:2b:93:d4:d9:d1:22:ee:88:0d:57:de:eb:62: bd:6d:95:4b:7d:cc:e5:28:52:84:eb:16:d8:9a:a5: f2:45:18:f4:6e:92:2c:91:76:72:d0:ba:8b:f2:2f: 90:09:1a:45:6b:84:a4:96:fa:b6:26:fd:ab:1a:a5: db:2e:0e:6e:02:f3:41:05:12:0b:6c:60:11:8c:c9: 41:f8:62:ef:13:15:03:00:17:45:02:83:1c:08:20: bc:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:6D:9D:03:F0:DC:88:C4:7A:AF:94:46:BB:D2:3A:BB:E7:4A:42:27 X509v3 Authority Key Identifier: keyid:6B:47:5C:6F:B8:03:3B:5E:11:D7:DB:5F:2C:99:7C:84:BA:72:5C:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0dcb7gDO14R19tfLJl8hLpyXKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9f43aa-c5c9-4ef7-8766-5a9d702e77e3/1/a0dcb7gDO14R19tfLJl8hLpyXKI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9f43aa-c5c9-4ef7-8766-5a9d702e77e3/1/a0dcb7gDO14R19tfLJl8hLpyXKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:ff:30:fb:ec:a7:7d:c0:2e:97:1d:4b:87:fa:5d:6f:39:81: b8:20:77:e9:63:bc:94:fe:79:1a:87:5d:8f:e0:fa:3f:29:c6: e9:e8:3a:eb:13:1e:b3:ed:c7:98:38:28:f6:bd:09:1e:56:88: ed:c7:e2:b1:1b:02:4a:3c:bc:b7:38:f1:18:a8:51:2a:55:b4: 97:62:c1:ee:e1:59:81:8b:38:c0:79:09:b1:83:16:14:68:bc: 0b:9f:ff:f2:3d:70:83:ef:6c:10:93:4b:aa:66:d1:53:27:64: d8:f7:4f:20:c1:bf:cc:4f:f5:77:b7:40:c0:0e:ab:6d:0c:0d: 8c:d8:c9:f9:5f:49:f3:0c:b0:6e:bc:05:86:65:c7:fb:df:fa: d5:17:1b:9e:b8:c2:99:09:52:11:06:b1:46:ea:83:bf:cc:8d: 68:c1:34:d2:1c:d2:47:2b:99:8f:bf:b3:da:68:df:df:87:91: a4:d4:1f:9b:85:46:42:55:64:e7:96:d4:28:18:b0:05:84:2c: 3c:e0:ec:f4:44:6d:ff:2b:91:fb:3c:a6:93:a5:52:75:85:82: e6:94:6c:97:78:10:dd:c0:bf:bc:b8:37:1a:bd:56:41:51:c6: 17:49:84:e4:82:a3:1e:f0:b5:78:3c:c5:c4:73:df:22:7e:aa: 31:aa:e3:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdt6w28YXbQctLTVqYJFvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNDc1YzZmYjgwMzNiNWUxMWQ3ZGI1ZjJjOTk3Yzg0YmE3 MjVjYTIwHhcNMjUxMjE1MTAwMzE2WhcNMjUxMjE2MTAwMzE2WjAzMTEwLwYDVQQD EygyMTZkOWQwM2YwZGM4OGM0N2FhZjk0NDZiYmQyM2FiYmU3NGE0MjI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MpJwXzqLXmzzV16Pc2jscjfJgKg ll4hbiQ0Lr+E60jxAc/HRRxyitfrFLAMN/iWBCqhf4OTTmPxdyXhSQAoTjmpXpNI uhliYiI776jI2UHW5bUy3E+/5ufxxknUYRupCFxkOYVybwv6hveYuShOjmO+y9i6 YdWeu8BiYRWF/wluDSxMhUD9etcvz3sTBCHaFPlR32a/gseM9eOnO57O5KIt8mZ7 QSuT1NnRIu6IDVfe62K9bZVLfczlKFKE6xbYmqXyRRj0bpIskXZy0LqL8i+QCRpF a4Sklvq2Jv2rGqXbLg5uAvNBBRILbGARjMlB+GLvExUDABdFAoMcCCC8zwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCFtnQPw3IjEeq+URrvSOrvnSkInMB8GA1UdIwQY MBaAFGtHXG+4AzteEdfbXyyZfIS6clyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTBkY2I3Z0RPMTRSMTl0ZkxKbDhoTHB5WEtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85ZjQzYWEtYzVjOS00ZWY3LTg3NjYt NWE5ZDcwMmU3N2UzLzEvYTBkY2I3Z0RPMTRSMTl0ZkxKbDhoTHB5WEtJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi85ZjQzYWEtYzVjOS00ZWY3LTg3NjYtNWE5ZDcwMmU3N2Uz LzEvYTBkY2I3Z0RPMTRSMTl0ZkxKbDhoTHB5WEtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfP8w++yn fcAulx1Lh/pdbzmBuCB36WO8lP55Goddj+D6PynG6eg66xMes+3HmDgo9r0JHlaI 7cfisRsCSjy8tzjxGKhRKlW0l2LB7uFZgYs4wHkJsYMWFGi8C5//8j1wg+9sEJNL qmbRUydk2PdPIMG/zE/1d7dAwA6rbQwNjNjJ+V9J8wywbrwFhmXH+9/61RcbnrjC mQlSEQaxRuqDv8yNaME00hzSRyuZj7+z2mjf34eRpNQfm4VGQlVk55bUKBiwBYQs PODs9ERt/yuR+zymk6VSdYWC5pRsl3gQ3cC/vLg3Gr1WQVHGF0mE5IKjHvC1eDzF xHPfIn6qMarjtw== -----END CERTIFICATE-----Generated at Mon Dec 15 19:44:08 2025 by rpki-client