This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft File: dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft (raw, json) Hash identifier: c6ULRUc0B496X2f8bIhSz+fEGeknamZ0ZtO8KGJ9uKo= Subject key identifier: 4D:2B:7A:B2:9D:D6:E2:7D:9E:52:FE:CD:44:67:E7:30:DE:44:8F:7B Authority key identifier: 76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91 Certificate issuer: /CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91 Certificate serial: 019AF42E6735C7B16E9BC8FA5F9AAF11B9FE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft Manifest number: 14AD Signing time: Sat 06 Dec 2025 15:01:12 +0000 Manifest this update: Sat 06 Dec 2025 15:01:12 +0000 Manifest next update: Sun 07 Dec 2025 15:01:12 +0000 Files and hashes: 1: P5ZnswUpMLyVjWj9pVZS-hlIw7A.roa (hash: 3hJsA3Q3EQecJR3hJHgLTYYEIcnWflx0DcKeSfNvhRM=) 2: dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl (hash: tI7EunQIimN9t1CtdC0WfqMWcZN3XM5BV1JdWhHIcRo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:67:35:c7:b1:6e:9b:c8:fa:5f:9a:af:11:b9:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91 Validity Not Before: Dec 6 15:01:12 2025 GMT Not After : Dec 7 15:01:12 2025 GMT Subject: CN=4d2b7ab29dd6e27d9e52fecd4467e730de448f7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:9b:b1:f4:88:ac:57:4e:65:82:d2:7e:8d:c1: 8d:0e:75:2f:9d:fc:78:fd:f1:fd:64:c6:a5:28:db: 35:d3:2d:87:48:39:2c:8f:b5:4f:53:99:e5:75:25: dd:cf:29:c0:2b:f4:1d:3d:49:75:6f:c6:5b:c3:cd: 20:87:1f:6a:c2:f8:03:2a:77:db:3c:99:54:78:0a: 28:35:1d:9a:bd:96:3e:1c:26:b9:72:b3:b4:a5:a9: aa:22:ff:21:3d:a1:53:cc:a0:96:f5:0f:16:8d:34: c9:26:3a:79:49:a0:e1:69:06:2b:27:bf:b2:26:74: 27:ef:6a:84:2a:e4:47:ed:17:21:0c:e1:b2:ee:73: 67:d7:c8:45:fd:43:57:a3:b6:5b:30:8b:98:53:a8: 68:7a:a2:5e:1e:d4:4d:a2:e6:49:bc:a0:b5:40:af: 99:46:b6:44:23:3d:fb:bc:01:a6:5c:3e:25:03:1b: 06:2a:df:b2:80:b9:88:bf:bc:4b:84:e7:56:62:99: 02:9e:f8:43:a7:ba:57:bc:04:73:48:2c:9f:4d:b4: 1b:49:55:04:ff:1b:58:95:a4:19:21:88:a2:29:31: 77:62:40:b0:04:82:68:47:53:75:3a:3b:ec:0c:43: 0d:8d:9b:07:ed:41:34:ac:5d:2c:ab:d8:5f:3c:bb: a2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:2B:7A:B2:9D:D6:E2:7D:9E:52:FE:CD:44:67:E7:30:DE:44:8F:7B X509v3 Authority Key Identifier: keyid:76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:43:d5:fd:b9:24:46:20:a9:24:ea:84:39:e6:6e:38:50:e6: 3b:56:e3:1b:91:2e:1d:81:62:62:dd:ad:03:1e:8b:51:64:b6: f2:84:f1:f5:17:08:e0:de:d6:4d:30:ec:32:7c:33:74:6e:58: 5c:a9:28:31:4b:53:1d:ef:fc:29:cd:3e:3d:06:34:97:fd:ea: 41:e6:d8:19:99:f7:ef:f2:6c:be:68:d8:53:60:6e:7f:ed:18: 6a:2c:52:2c:f8:c3:9b:ab:09:74:57:70:b3:c6:6f:33:98:4e: 3a:cf:71:03:d7:41:f5:1a:16:2d:2b:2a:46:cc:21:22:50:a3: 73:e8:0b:ed:38:3f:61:1b:69:13:d3:f8:25:b9:0d:ca:ec:ff: 69:39:5b:1e:67:ec:96:ba:bb:79:61:5b:a4:62:1d:43:c8:ff: 08:87:0c:63:d3:e3:c1:88:e8:01:8b:80:4e:bd:6d:ad:7c:41: 46:95:91:f4:83:d2:86:33:db:e1:94:47:19:12:e9:2d:f7:e2: f4:e5:6d:b4:51:4e:79:b6:da:75:b9:67:a6:e0:a1:f5:77:08: 89:83:8b:e7:ac:9a:4c:32:76:8b:47:e1:e0:3e:56:3f:88:92: 2d:e4:08:b1:77:68:37:9d:84:7e:ec:cd:26:92:88:20:cc:95: fc:44:eb:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0Lmc1x7Fum8j6X5qvEbn+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2N2JjMDJhNTg1OTYyM2Y1NjNlYTg0YTZiYjBhMjkyMGQ1 YjNlOTEwHhcNMjUxMjA2MTUwMTEyWhcNMjUxMjA3MTUwMTEyWjAzMTEwLwYDVQQD Eyg0ZDJiN2FiMjlkZDZlMjdkOWU1MmZlY2Q0NDY3ZTczMGRlNDQ4ZjdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5ux9IisV05lgtJ+jcGNDnUvnfx4 /fH9ZMalKNs10y2HSDksj7VPU5nldSXdzynAK/QdPUl1b8Zbw80ghx9qwvgDKnfb PJlUeAooNR2avZY+HCa5crO0pamqIv8hPaFTzKCW9Q8WjTTJJjp5SaDhaQYrJ7+y JnQn72qEKuRH7RchDOGy7nNn18hF/UNXo7ZbMIuYU6hoeqJeHtRNouZJvKC1QK+Z RrZEIz37vAGmXD4lAxsGKt+ygLmIv7xLhOdWYpkCnvhDp7pXvARzSCyfTbQbSVUE /xtYlaQZIYiiKTF3YkCwBIJoR1N1OjvsDEMNjZsH7UE0rF0sq9hfPLuiRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE0rerKd1uJ9nlL+zURn5zDeRI97MB8GA1UdIwQY MBaAFHZ7wCpYWWI/Vj6oSmuwopINWz6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTct NjgxNTU0OGJmMzNmLzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTctNjgxNTU0OGJmMzNm LzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbkPV/bkk RiCpJOqEOeZuOFDmO1bjG5EuHYFiYt2tAx6LUWS28oTx9RcI4N7WTTDsMnwzdG5Y XKkoMUtTHe/8Kc0+PQY0l/3qQebYGZn37/JsvmjYU2Buf+0YaixSLPjDm6sJdFdw s8ZvM5hOOs9xA9dB9RoWLSsqRswhIlCjc+gL7Tg/YRtpE9P4JbkNyuz/aTlbHmfs lrq7eWFbpGIdQ8j/CIcMY9PjwYjoAYuATr1trXxBRpWR9IPShjPb4ZRHGRLpLffi 9OVttFFOebbadblnpuCh9XcIiYOL56yaTDJ2i0fh4D5WP4iSLeQIsXdoN52EfuzN JpKIIMyV/ETrOg== -----END CERTIFICATE-----Generated at Sat Dec 6 22:24:09 2025 by rpki-client