This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft File: CWmio5Y1t5dHbx8WM66PJ78ztTM.mft (raw, json) Hash identifier: 5AU4a29cf+uNSPXI2PkoamidA4+GRj0TGi0pRXSsVTU= Subject key identifier: D5:37:5F:80:BC:97:61:7C:87:F4:FE:FD:32:E1:B2:73:9F:50:F3:D7 Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33 Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533 Certificate serial: 019B1081085BF16C1938CC92028E13B73778 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft Manifest number: 08D8 Signing time: Fri 12 Dec 2025 03:00:50 +0000 Manifest this update: Fri 12 Dec 2025 03:00:50 +0000 Manifest next update: Sat 13 Dec 2025 03:00:50 +0000 Files and hashes: 1: CWmio5Y1t5dHbx8WM66PJ78ztTM.crl (hash: miSX6ag1zym5a++A12hrcgFkHIxD0XADq+1Gs16tqjE=) 2: NsSedmTQW8OnTTsqv3X8CBZy-xU.roa (hash: WFkKh3bAC4MDDNtqyFfpo7GUVyreugPfu/r7LcM/fN4=) 3: TeB088r0q83Xt0BxDsUFRJ09n_w.roa (hash: G48KXbKrX68pg0VWA7DNE58/xU413WQGSqX5xHVo4rY=) 4: eZ1oRKw2ZmvD0_NWa-kdmh2g-eo.roa (hash: 2jAE9EFeYAI0mBmHLdLHHE90HLI9cIG+7iKSbXwklN4=) 5: l5LQQJ1hscP11M9PGOZJoYipJjA.roa (hash: 1Qefj38Zjj0ROOLLrKtBW86/Osz3b9lr4tBY77Lptdo=) 6: xpGPm8doChOtU-RLJwfI6J2_2pE.roa (hash: Q+zp0nrHHDLtwJs9nHZ2VnA34/82Rp5NA50n42Hv6uk=) 7: zV6ZdwRwY22YxnJ7o5KrLFiOSks.roa (hash: CU+aUbdKG8+gc+SLXpNeHe0gAI7HsoYH7L1e2ZbkQtc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 03:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:81:08:5b:f1:6c:19:38:cc:92:02:8e:13:b7:37:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533 Validity Not Before: Dec 12 03:00:50 2025 GMT Not After : Dec 13 03:00:50 2025 GMT Subject: CN=d5375f80bc97617c87f4fefd32e1b2739f50f3d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:87:13:75:34:9f:3b:d6:c8:3c:af:49:64:ab: cd:b8:48:4a:5e:3e:62:6e:a6:ea:7e:0a:68:f3:c2: a1:14:34:b8:6d:fb:e8:ea:94:a6:6f:10:fc:1c:68: 62:bf:99:65:68:73:2d:76:4a:74:d3:a6:29:bc:ad: 5a:89:23:5e:d5:0a:fb:12:d5:f9:95:07:94:99:2e: 76:6c:86:4f:b7:8c:6a:48:86:c1:0a:b2:0d:48:d8: 26:eb:af:6f:ba:10:38:4e:ca:cb:9d:da:6d:a7:c2: c1:b0:ff:00:cd:51:50:d8:20:8f:05:94:9d:70:db: 40:3a:6f:6d:9c:fc:60:ce:45:00:d3:e1:06:e2:b8: c8:f1:51:15:31:4e:21:55:67:7e:b7:70:2e:89:1e: 74:8b:81:bb:c7:00:85:59:64:ed:a7:ce:0f:70:ba: 0a:fa:c8:f8:8b:2e:92:88:59:4a:2b:18:65:a0:c7: d9:bf:df:b8:9b:7f:9a:d5:8e:8a:00:df:19:75:49: 06:c7:d1:f9:b9:a9:59:17:ca:ab:86:e3:58:41:35: d1:4e:1f:12:6a:91:5e:bc:eb:ec:ef:93:e4:bc:7c: 56:13:61:d2:14:1d:75:fa:fc:a5:fd:68:d0:80:a1: 44:50:e2:cd:37:6f:03:6a:ec:ca:0d:53:1e:81:0c: 34:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:37:5F:80:BC:97:61:7C:87:F4:FE:FD:32:E1:B2:73:9F:50:F3:D7 X509v3 Authority Key Identifier: keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:52:43:35:76:18:ff:17:b2:99:7e:d6:d1:ca:50:dd:e6:65: 6e:06:b3:22:21:85:6c:9f:55:13:bd:44:7a:4f:17:44:99:fb: 1c:03:ce:60:17:e3:63:0b:25:ab:5e:f4:4a:e2:52:d1:bf:27: 17:6e:f5:45:64:96:56:23:cd:1b:32:07:cd:eb:d8:a2:e8:22: df:9a:a1:ca:3f:be:45:7d:7f:ef:47:af:64:1d:d8:68:c9:95: 05:23:80:da:ac:ef:72:00:a4:0c:46:31:3b:4d:dd:0e:0d:52: 61:64:ce:64:db:1f:80:6e:ab:25:57:b0:6e:a1:1f:c9:1b:2d: b2:bf:5b:17:c2:f5:15:50:b2:54:77:65:9f:64:d0:45:cc:df: c5:09:a1:27:3d:1b:66:08:dc:58:0d:68:ad:1b:a8:9b:3c:0b: 4c:4a:02:89:ac:88:90:f7:fb:a6:36:11:f9:06:26:66:a3:d1: 0f:e7:a1:1f:55:6d:ea:b9:c6:18:68:15:7b:26:17:db:54:be: a5:78:40:0d:66:11:f3:63:fb:03:c9:10:5c:52:f0:c9:7f:ff: 45:c5:19:07:e3:96:5b:6c:89:5f:09:8b:8d:d7:d6:31:91:3d: c2:74:3d:05:ac:4e:d1:e2:31:8b:3e:04:e6:d6:e6:91:c3:06: 46:1c:e6:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQgQhb8WwZOMySAo4Ttzd4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz M2I1MzMwHhcNMjUxMjEyMDMwMDUwWhcNMjUxMjEzMDMwMDUwWjAzMTEwLwYDVQQD EyhkNTM3NWY4MGJjOTc2MTdjODdmNGZlZmQzMmUxYjI3MzlmNTBmM2Q3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIcTdTSfO9bIPK9JZKvNuEhKXj5i bqbqfgpo88KhFDS4bfvo6pSmbxD8HGhiv5llaHMtdkp006YpvK1aiSNe1Qr7EtX5 lQeUmS52bIZPt4xqSIbBCrINSNgm669vuhA4TsrLndptp8LBsP8AzVFQ2CCPBZSd cNtAOm9tnPxgzkUA0+EG4rjI8VEVMU4hVWd+t3AuiR50i4G7xwCFWWTtp84PcLoK +sj4iy6SiFlKKxhloMfZv9+4m3+a1Y6KAN8ZdUkGx9H5ualZF8qrhuNYQTXRTh8S apFevOvs75PkvHxWE2HSFB11+vyl/WjQgKFEUOLNN28DauzKDVMegQw0WwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNU3X4C8l2F8h/T+/TLhsnOfUPPXMB8GA1UdIwQY MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt NDE0OTA4NzJmYzRlLzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYFJDNXYY /xeymX7W0cpQ3eZlbgazIiGFbJ9VE71Eek8XRJn7HAPOYBfjYwslq170SuJS0b8n F271RWSWViPNGzIHzevYougi35qhyj++RX1/70evZB3YaMmVBSOA2qzvcgCkDEYx O03dDg1SYWTOZNsfgG6rJVewbqEfyRstsr9bF8L1FVCyVHdln2TQRczfxQmhJz0b ZgjcWA1orRuomzwLTEoCiayIkPf7pjYR+QYmZqPRD+ehH1Vt6rnGGGgVeyYX21S+ pXhADWYR82P7A8kQXFLwyX//RcUZB+OWW2yJXwmLjdfWMZE9wnQ9BaxO0eIxiz4E 5tbmkcMGRhzm0Q== -----END CERTIFICATE-----Generated at Fri Dec 12 10:08:16 2025 by rpki-client