This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft File: cNvqB1PfCD5XgrufOAtdeZy3igY.mft (raw, json) Hash identifier: C/iBgz8AAlqf8kYQAY0i5i7Xfi5JCetrSBJ8zudeKIU= Subject key identifier: 13:40:E8:CF:1A:78:8C:1D:CF:D7:78:BF:F8:76:2A:A3:39:20:ED:BA Authority key identifier: 70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06 Certificate issuer: /CN=70dbea0753df083e5782bb9f380b5d799cb78a06 Certificate serial: 019B3BA289051964154F428225B10D0D001B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft Manifest number: 171B Signing time: Sat 20 Dec 2025 12:01:06 +0000 Manifest this update: Sat 20 Dec 2025 12:01:06 +0000 Manifest next update: Sun 21 Dec 2025 12:01:06 +0000 Files and hashes: 1: AMYHtkdmm7JS4Ofjibck2cl30Kc.roa (hash: UzWr7n7jg70LK3JVYb3K3qtMIw+QPEK/C5HkvTLOsNw=) 2: cNvqB1PfCD5XgrufOAtdeZy3igY.crl (hash: vR3rBzDsVUq9vwvLhw/OaR76eJs4EBo2c/a7ip2AGOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 12:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:89:05:19:64:15:4f:42:82:25:b1:0d:0d:00:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70dbea0753df083e5782bb9f380b5d799cb78a06 Validity Not Before: Dec 20 12:01:06 2025 GMT Not After : Dec 21 12:01:06 2025 GMT Subject: CN=1340e8cf1a788c1dcfd778bff8762aa33920edba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:b6:86:17:09:91:09:77:ee:96:9a:cf:44:aa: 7c:78:14:36:71:90:ec:c6:25:ce:fb:b8:88:a7:93: b8:c7:5c:1f:6b:76:14:63:be:76:33:3f:66:5b:b4: 3b:cd:1d:18:bb:ba:0f:dc:32:4c:37:f6:22:08:12: e8:33:07:d1:62:ff:cf:b5:f4:08:ce:87:f2:b7:73: 6e:a6:ed:97:60:75:1a:7a:3c:a9:5c:95:9c:a6:49: 4a:16:5b:86:54:5f:a1:2a:d7:9c:e6:da:e5:26:d0: 45:33:08:d1:29:5f:74:76:d0:86:b7:cc:e6:31:35: f5:64:85:44:4e:bb:24:83:0d:c4:22:02:aa:2d:f2: e3:43:4a:35:af:65:98:4e:f0:43:31:63:f4:2f:4b: 4f:1c:98:08:7f:29:b1:91:a5:12:88:a9:4b:94:72: 1e:96:e4:fe:70:e4:9f:0d:ea:18:f6:9b:6f:91:7c: 72:c1:c2:bf:46:71:55:79:31:78:d3:e4:9e:cb:59: 27:48:d6:6a:83:f1:07:df:5e:8b:39:1b:98:9d:2b: fc:e5:a7:ba:49:8d:17:48:2b:2e:ad:ba:6a:f4:28: 5d:b3:cc:b8:f9:4c:cf:f2:8b:78:35:a2:67:41:48: bf:4e:4d:72:9c:17:a8:fb:3f:ba:96:a9:69:ae:43: 32:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:40:E8:CF:1A:78:8C:1D:CF:D7:78:BF:F8:76:2A:A3:39:20:ED:BA X509v3 Authority Key Identifier: keyid:70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:d9:84:83:c0:4c:54:30:e8:a6:e8:41:57:bf:d5:63:a4:1a: d6:0d:6d:a7:10:7f:38:27:6e:cc:e5:cd:5b:1c:d6:83:84:1c: de:33:05:d3:29:18:81:fb:d6:a9:25:ab:35:cf:07:87:4d:14: 17:7e:12:9b:db:d0:2e:7a:e6:df:2c:ea:da:83:d0:02:c2:80: 4d:e6:42:1c:39:19:fd:46:33:32:6c:a1:28:a7:f2:7e:c2:98: 67:f3:7f:22:d5:1a:c4:e7:99:9f:af:3a:f0:8f:e5:61:15:42: 25:8a:4f:1f:4b:05:b8:3f:28:f0:ab:7a:f8:29:0e:99:fa:c3: 04:9b:86:64:f4:1a:21:5d:b0:f8:c7:b8:63:88:fc:53:74:a9: cf:23:8d:fe:db:c9:79:9f:12:84:45:4e:d4:a8:41:1c:6c:2a: 9b:6f:e9:c4:36:74:75:df:5e:61:31:00:e7:95:df:40:0d:ae: cb:7d:26:d3:9e:08:5c:d9:26:ec:b0:62:c2:a8:5d:c7:73:bc: d9:69:f3:3c:69:b5:f2:42:0e:75:56:d2:5b:b3:f7:28:d0:62: 46:0f:ac:c3:71:b2:86:87:4e:32:a4:67:d6:ed:ca:31:a4:48: 64:ca:8e:f8:74:b8:92:22:f6:d0:11:20:4d:5b:36:49:49:aa: 51:67:87:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7ookFGWQVT0KCJbENDQAbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZGJlYTA3NTNkZjA4M2U1NzgyYmI5ZjM4MGI1ZDc5OWNi NzhhMDYwHhcNMjUxMjIwMTIwMTA2WhcNMjUxMjIxMTIwMTA2WjAzMTEwLwYDVQQD EygxMzQwZThjZjFhNzg4YzFkY2ZkNzc4YmZmODc2MmFhMzM5MjBlZGJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3raGFwmRCXfulprPRKp8eBQ2cZDs xiXO+7iIp5O4x1wfa3YUY752Mz9mW7Q7zR0Yu7oP3DJMN/YiCBLoMwfRYv/PtfQI zofyt3Nupu2XYHUaejypXJWcpklKFluGVF+hKtec5trlJtBFMwjRKV90dtCGt8zm MTX1ZIVETrskgw3EIgKqLfLjQ0o1r2WYTvBDMWP0L0tPHJgIfymxkaUSiKlLlHIe luT+cOSfDeoY9ptvkXxywcK/RnFVeTF40+Sey1knSNZqg/EH316LORuYnSv85ae6 SY0XSCsurbpq9Chds8y4+UzP8ot4NaJnQUi/Tk1ynBeo+z+6lqlprkMyWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBNA6M8aeIwdz9d4v/h2KqM5IO26MB8GA1UdIwQY MBaAFHDb6gdT3wg+V4K7nzgLXXmct4oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjkt MmEwY2YxMzE3M2Q4LzEvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjktMmEwY2YxMzE3M2Q4 LzEvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjNmEg8BM VDDopuhBV7/VY6Qa1g1tpxB/OCduzOXNWxzWg4Qc3jMF0ykYgfvWqSWrNc8Hh00U F34Sm9vQLnrm3yzq2oPQAsKATeZCHDkZ/UYzMmyhKKfyfsKYZ/N/ItUaxOeZn686 8I/lYRVCJYpPH0sFuD8o8Kt6+CkOmfrDBJuGZPQaIV2w+Me4Y4j8U3SpzyON/tvJ eZ8ShEVO1KhBHGwqm2/pxDZ0dd9eYTEA55XfQA2uy30m054IXNkm7LBiwqhdx3O8 2WnzPGm18kIOdVbSW7P3KNBiRg+sw3GyhodOMqRn1u3KMaRIZMqO+HS4kiL20BEg TVs2SUmqUWeHBw== -----END CERTIFICATE-----Generated at Sat Dec 20 21:30:18 2025 by rpki-client