This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft File: dHnfUKMVAp6AqhlHr-EtselIYos.mft (raw, json) Hash identifier: Ve5VDNx0scok34DCXz1F1GQdjAjzB/karqcRUhZSvSI= Subject key identifier: 9C:40:38:0B:1B:BD:43:F9:59:88:85:22:4A:FE:88:A2:16:06:24:9C Authority key identifier: 74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B Certificate issuer: /CN=7479df50a315029e80aa1947afe12db1e948628b Certificate serial: 019B39EB68518A10BDD26B6AD5A48F436F18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft Manifest number: 108A Signing time: Sat 20 Dec 2025 04:01:27 +0000 Manifest this update: Sat 20 Dec 2025 04:01:27 +0000 Manifest next update: Sun 21 Dec 2025 04:01:27 +0000 Files and hashes: 1: KvOchdw6AYfLt261W6RR4KIthYY.roa (hash: WXdEqSkBC/gQsasA/7q/ZdUFdpwAbrzjieJX5Z97f4U=) 2: dHnfUKMVAp6AqhlHr-EtselIYos.crl (hash: O7Nk3k78B5WthHky63HnpcvmD3bph4ztBKeHhkMQfPE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:eb:68:51:8a:10:bd:d2:6b:6a:d5:a4:8f:43:6f:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7479df50a315029e80aa1947afe12db1e948628b Validity Not Before: Dec 20 04:01:27 2025 GMT Not After : Dec 21 04:01:27 2025 GMT Subject: CN=9c40380b1bbd43f9598885224afe88a21606249c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:39:63:50:96:30:99:0f:72:c0:ca:44:7f:27: fe:14:ac:18:b1:fd:82:ed:23:f7:67:d1:ed:3f:1c: c5:f2:dc:f5:21:43:58:29:5f:40:24:b6:e2:f5:b9: 8a:14:2c:f0:9d:13:06:f2:a1:cd:84:00:24:2e:cb: a7:d5:12:a7:a8:2c:30:0b:74:d5:b2:a0:f6:fb:5c: 98:b2:7b:dc:45:e1:ea:b2:ce:09:83:13:43:0e:d8: 51:f8:a0:4f:e5:2a:a8:c4:c1:4d:69:7e:74:df:a6: d0:be:1f:01:7b:bd:02:0d:07:8c:7b:54:7c:a2:ce: 03:45:25:fd:91:08:3d:ca:c7:2a:63:84:f7:e5:a7: 07:94:68:92:ff:e1:12:4e:b5:01:6d:46:79:70:bc: fb:e8:e3:74:54:16:c6:58:b7:ec:6a:a5:0a:7f:8a: db:21:33:a1:76:b6:cd:0f:55:ae:eb:cb:fd:11:52: fa:95:c5:b9:49:f3:25:55:b6:5e:33:fe:34:21:87: 8b:d5:e9:55:c4:09:fd:ef:f1:49:4b:e9:58:a3:05: 5b:81:34:69:ad:34:4a:a5:2f:77:9e:8f:53:fb:af: 54:a4:9d:2c:31:0b:6a:b6:1b:cf:e1:6c:74:af:53: 6e:4f:3d:f4:96:98:24:c6:56:51:12:71:5e:d3:da: ed:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:40:38:0B:1B:BD:43:F9:59:88:85:22:4A:FE:88:A2:16:06:24:9C X509v3 Authority Key Identifier: keyid:74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:71:d1:13:a1:a8:6b:68:a8:52:30:49:c9:26:dd:9d:e8:4d: 3a:41:4d:bd:6f:b7:ed:30:fd:75:aa:26:30:6a:8f:1e:ab:4d: 94:a0:a2:8d:09:d0:34:40:01:9d:4a:13:0b:f6:7e:1b:6f:60: 09:9a:7a:95:92:e6:0a:8a:ed:07:d2:c2:15:e6:d8:81:cf:de: c7:98:c9:3c:be:0b:0a:9d:bd:f7:fa:e1:f8:c2:0b:c1:48:39: 69:ce:eb:4a:b1:3b:81:08:37:24:f5:67:e2:8d:65:d6:2e:bb: c9:fe:53:34:9f:54:ff:8e:48:af:8c:7b:05:02:5b:a6:1f:6b: 76:5a:af:bc:7b:1c:b8:8d:99:9f:a5:12:a9:e9:29:f3:5d:07: 9d:b5:19:a6:09:49:58:d4:6c:3c:39:98:e6:a3:86:24:c7:09: 35:5d:72:6d:f3:7a:83:32:71:67:70:72:db:52:b3:ec:38:53: af:1b:66:dd:ac:d2:29:ff:f5:14:86:32:a2:01:d5:47:b8:24: b7:88:86:51:75:7d:40:c0:6c:9e:59:37:ec:58:12:b9:3b:63: 4c:38:a5:41:2c:0d:60:77:e2:71:ef:90:4c:98:ad:a2:73:8c: 0c:be:1f:8b:b2:63:2a:f2:62:4d:9d:2c:4d:fb:92:99:dd:ed: 3a:d2:c2:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs562hRihC90mtq1aSPQ28YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0NzlkZjUwYTMxNTAyOWU4MGFhMTk0N2FmZTEyZGIxZTk0 ODYyOGIwHhcNMjUxMjIwMDQwMTI3WhcNMjUxMjIxMDQwMTI3WjAzMTEwLwYDVQQD Eyg5YzQwMzgwYjFiYmQ0M2Y5NTk4ODg1MjI0YWZlODhhMjE2MDYyNDljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTljUJYwmQ9ywMpEfyf+FKwYsf2C 7SP3Z9HtPxzF8tz1IUNYKV9AJLbi9bmKFCzwnRMG8qHNhAAkLsun1RKnqCwwC3TV sqD2+1yYsnvcReHqss4JgxNDDthR+KBP5SqoxMFNaX5036bQvh8Be70CDQeMe1R8 os4DRSX9kQg9yscqY4T35acHlGiS/+ESTrUBbUZ5cLz76ON0VBbGWLfsaqUKf4rb ITOhdrbND1Wu68v9EVL6lcW5SfMlVbZeM/40IYeL1elVxAn97/FJS+lYowVbgTRp rTRKpS93no9T+69UpJ0sMQtqthvP4Wx0r1NuTz30lpgkxlZREnFe09rthwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJxAOAsbvUP5WYiFIkr+iKIWBiScMB8GA1UdIwQY MBaAFHR531CjFQKegKoZR6/hLbHpSGKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEt OTdiYTM3MzQ1YWE4LzEvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEtOTdiYTM3MzQ1YWE4 LzEvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3HRE6Go a2ioUjBJySbdnehNOkFNvW+37TD9daomMGqPHqtNlKCijQnQNEABnUoTC/Z+G29g CZp6lZLmCortB9LCFebYgc/ex5jJPL4LCp299/rh+MILwUg5ac7rSrE7gQg3JPVn 4o1l1i67yf5TNJ9U/45Ir4x7BQJbph9rdlqvvHscuI2Zn6USqekp810HnbUZpglJ WNRsPDmY5qOGJMcJNV1ybfN6gzJxZ3By21Kz7DhTrxtm3azSKf/1FIYyogHVR7gk t4iGUXV9QMBsnlk37FgSuTtjTDilQSwNYHfice+QTJitonOMDL4fi7JjKvJiTZ0s TfuSmd3tOtLCKA== -----END CERTIFICATE-----Generated at Sat Dec 20 10:38:35 2025 by rpki-client