This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft File: FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json) Hash identifier: uTr+YLZ8JXL5l6XNO74Z9dcwngZuDjONnl9u3ZuvnKU= Subject key identifier: 26:63:D2:98:7E:EB:4A:DE:54:52:FE:69:CC:A2:5E:CD:5A:3F:C0:AC Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08 Certificate issuer: /CN=16536fc756a5864aaa2c1e77bb764248dabe2608 Certificate serial: 019B37212DF46BAC103B78572A740D7789EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft Manifest number: 07D7 Signing time: Fri 19 Dec 2025 15:01:19 +0000 Manifest this update: Fri 19 Dec 2025 15:01:19 +0000 Manifest next update: Sat 20 Dec 2025 15:01:19 +0000 Files and hashes: 1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: vxeFNsrt84dpWbrPrBrV8CnjTW5dPVQuRSsWsGP1wNU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 15:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:21:2d:f4:6b:ac:10:3b:78:57:2a:74:0d:77:89:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608 Validity Not Before: Dec 19 15:01:19 2025 GMT Not After : Dec 20 15:01:19 2025 GMT Subject: CN=2663d2987eeb4ade5452fe69cca25ecd5a3fc0ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:cb:31:11:f3:7f:8c:1c:7b:96:73:9c:ad:c3: 1a:c9:df:de:85:9a:15:31:a3:fe:f5:03:90:9c:14: 05:47:e0:4f:38:f0:32:ac:ac:45:ac:de:9d:7e:db: 11:97:95:4a:da:2b:e4:d1:4b:1b:29:06:99:d4:e7: 12:81:89:58:8b:22:12:b5:40:7f:fe:33:de:a7:8e: 30:74:dd:d0:bd:90:50:c4:b7:8c:46:ac:1d:8a:f8: 87:6d:eb:67:eb:4a:b3:be:05:69:64:5a:ab:54:5d: fb:9a:21:7b:d7:70:c4:6b:2d:90:63:85:2b:ab:a6: 44:ac:87:11:93:e5:36:4b:5c:a0:b5:b1:ad:f5:38: f7:88:ef:62:b5:6b:cd:59:05:22:71:d7:38:91:85: 35:9a:1a:4f:e5:26:63:48:64:3d:56:a0:e8:f0:3d: 7b:46:c4:bc:86:70:31:33:a4:14:58:d6:59:08:01: e8:31:e2:f4:cc:09:ce:4a:d2:af:7e:3f:4c:6c:09: dc:d7:a4:4c:33:8e:b7:af:e6:bf:69:fd:20:3c:55: a0:ac:88:b5:a5:54:5d:9b:3f:6c:ab:c4:5f:48:21: 19:48:2e:bc:af:cf:a9:d2:44:e1:b6:99:4f:d5:95: e0:a2:5f:c3:b8:dc:c4:09:c9:71:65:8f:db:e0:e5: c4:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:63:D2:98:7E:EB:4A:DE:54:52:FE:69:CC:A2:5E:CD:5A:3F:C0:AC X509v3 Authority Key Identifier: keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:e3:a6:e4:ba:23:ba:25:09:0c:51:41:39:26:84:2e:85:7b: 88:50:7e:79:3d:40:aa:d9:4c:34:2c:7c:67:8d:36:63:30:9e: 8c:9e:60:8b:21:65:94:9a:03:7b:4e:9a:02:9b:37:08:d7:93: 02:96:44:cd:30:2a:d1:83:8a:91:aa:de:72:e4:14:cc:27:b4: ed:0a:c1:db:97:9a:c1:52:d4:4f:65:8d:b7:68:e0:a8:07:25: 75:19:cc:27:a6:c9:89:c2:db:27:d4:84:77:17:e3:63:40:3c: 9b:b1:1c:a0:25:2e:2c:60:b8:c8:b5:df:1c:25:34:b3:dc:89: be:3c:22:52:e6:11:0d:06:1a:e1:73:4a:c5:f4:9a:e0:ae:c8: 24:0f:fd:75:80:94:44:f8:2e:79:d6:1e:ed:af:43:26:54:4c: 6d:59:89:48:24:1f:70:d7:f6:ad:bd:1d:c7:57:dd:b3:15:ec: 37:cd:77:74:a8:5e:1c:5c:55:b7:86:b8:41:78:f9:c1:89:53: 72:58:5c:3b:98:fe:56:9a:bc:14:ff:fd:22:61:ad:e7:4c:74: c2:82:87:a0:8c:c1:52:50:82:25:74:7a:ec:0f:4d:8a:92:ff: e5:7f:00:1a:04:3b:03:fb:73:68:56:ec:13:19:94:29:3f:27: bc:f6:69:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3IS30a6wQO3hXKnQNd4nrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi ZTI2MDgwHhcNMjUxMjE5MTUwMTE5WhcNMjUxMjIwMTUwMTE5WjAzMTEwLwYDVQQD EygyNjYzZDI5ODdlZWI0YWRlNTQ1MmZlNjljY2EyNWVjZDVhM2ZjMGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8sxEfN/jBx7lnOcrcMayd/ehZoV MaP+9QOQnBQFR+BPOPAyrKxFrN6dftsRl5VK2ivk0UsbKQaZ1OcSgYlYiyIStUB/ /jPep44wdN3QvZBQxLeMRqwdiviHbetn60qzvgVpZFqrVF37miF713DEay2QY4Ur q6ZErIcRk+U2S1ygtbGt9Tj3iO9itWvNWQUicdc4kYU1mhpP5SZjSGQ9VqDo8D17 RsS8hnAxM6QUWNZZCAHoMeL0zAnOStKvfj9MbAnc16RMM463r+a/af0gPFWgrIi1 pVRdmz9sq8RfSCEZSC68r8+p0kThtplP1ZXgol/DuNzECclxZY/b4OXEYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCZj0ph+60reVFL+acyiXs1aP8CsMB8GA1UdIwQY MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJeOm5Loj uiUJDFFBOSaELoV7iFB+eT1AqtlMNCx8Z402YzCejJ5giyFllJoDe06aAps3CNeT ApZEzTAq0YOKkarecuQUzCe07QrB25eawVLUT2WNt2jgqAcldRnMJ6bJicLbJ9SE dxfjY0A8m7EcoCUuLGC4yLXfHCU0s9yJvjwiUuYRDQYa4XNKxfSa4K7IJA/9dYCU RPguedYe7a9DJlRMbVmJSCQfcNf2rb0dx1fdsxXsN813dKheHFxVt4a4QXj5wYlT clhcO5j+Vpq8FP/9ImGt50x0woKHoIzBUlCCJXR67A9NipL/5X8AGgQ7A/tzaFbs ExmUKT8nvPZpNg== -----END CERTIFICATE-----Generated at Fri Dec 19 23:06:14 2025 by rpki-client