This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft File: cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft (raw, json) Hash identifier: 9sqM6eqAzI5OYjdR4pYnxzMEflv0Zi8RPYqVST3SsYA= Subject key identifier: D6:0C:1C:A1:3B:86:6A:2E:D3:05:22:36:97:C4:8A:4E:57:C9:3A:75 Authority key identifier: 73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6 Certificate issuer: /CN=73038cdc62522e484b0615c4241c7e7aa821d8d6 Certificate serial: 019B1BAB38A91854A6BE57A654125E9B322E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft Manifest number: 034B Signing time: Sun 14 Dec 2025 07:02:44 +0000 Manifest this update: Sun 14 Dec 2025 07:02:44 +0000 Manifest next update: Mon 15 Dec 2025 07:02:44 +0000 Files and hashes: 1: cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl (hash: XfJT2EOZBImrlqgraHHlZ3rzjeWvu/OLuIXTNus9ERw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:ab:38:a9:18:54:a6:be:57:a6:54:12:5e:9b:32:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73038cdc62522e484b0615c4241c7e7aa821d8d6 Validity Not Before: Dec 14 07:02:44 2025 GMT Not After : Dec 15 07:02:44 2025 GMT Subject: CN=d60c1ca13b866a2ed305223697c48a4e57c93a75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:3b:d6:75:16:7f:fc:df:15:c1:c7:d0:0f:39: 02:0b:10:94:82:0a:ca:94:d5:60:40:fa:91:1d:8e: 27:e3:1b:16:8c:bf:14:35:83:11:e1:2e:7c:4a:13: f2:4a:c9:c2:5a:9d:fc:76:a4:8d:1a:d6:0b:46:e6: 54:d2:26:dc:54:d1:71:be:37:72:f6:fe:b1:f8:0d: 5c:f1:a6:22:59:58:75:3d:af:47:29:29:c7:a7:04: 2b:62:1a:5c:c6:38:20:4b:e5:da:af:17:fd:78:89: d9:e3:8c:07:3c:80:d2:ce:24:df:21:85:72:20:e1: 90:b2:fe:56:df:a9:e9:6e:81:e9:e6:57:a2:1e:32: 81:8c:f2:e5:2a:70:c2:03:a9:f0:10:9f:08:00:4a: b8:e2:69:f6:75:b5:58:b7:85:a8:66:05:36:91:64: cc:93:84:02:61:01:94:dc:03:e7:c6:5d:1b:df:d3: 1e:1b:17:6e:af:a0:4b:07:33:81:66:d5:c0:1e:44: c2:6c:ea:51:84:e7:9d:c8:07:3c:66:13:b2:d8:28: 2f:5b:e6:48:38:bd:23:92:32:8b:a5:5e:cc:36:1c: 07:86:3e:83:ee:90:db:bd:98:f1:35:75:61:1b:a5: be:f5:94:5a:84:8d:55:ca:89:d4:0b:3a:dd:6b:37: 7a:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:0C:1C:A1:3B:86:6A:2E:D3:05:22:36:97:C4:8A:4E:57:C9:3A:75 X509v3 Authority Key Identifier: keyid:73:03:8C:DC:62:52:2E:48:4B:06:15:C4:24:1C:7E:7A:A8:21:D8:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwOM3GJSLkhLBhXEJBx-eqgh2NY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/df32dd-75ae-48b2-a1b2-2929b9f1d15b/1/cwOM3GJSLkhLBhXEJBx-eqgh2NY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:c0:dd:4d:7a:6a:65:8e:a7:97:fe:61:fd:c4:23:45:bf:41: a3:12:6e:d5:9a:ce:fe:f5:61:d8:e5:b1:5f:f4:6f:a3:28:32: cf:c3:07:19:90:88:fb:57:c3:3d:8a:ef:9c:93:c9:1e:49:d7: ae:71:3e:6f:f0:09:c5:65:5c:31:7a:03:15:ec:11:8b:ac:65: 25:05:ba:c1:d2:d0:b0:9b:4d:e7:00:e3:21:02:a8:ba:1a:07: a2:11:fd:ad:c6:d3:5e:59:2c:32:82:aa:9d:2f:5d:a8:52:1b: b8:69:72:15:4b:86:0f:0a:f6:de:85:e3:9d:a9:9a:12:25:ef: b3:bc:9c:11:2d:85:16:a0:5c:a2:93:b9:c7:4d:de:da:58:19: 17:8e:4e:55:4d:6b:fc:84:6c:15:8c:05:c7:f6:62:6e:05:68: 19:24:57:e5:bb:74:bc:a2:7c:6f:12:90:72:a6:89:d4:12:fd: 43:67:9c:8e:32:26:ac:21:49:6b:f1:9d:0a:e6:e3:77:cc:49: 1e:76:fa:e4:4f:b3:40:d1:1c:c2:da:ab:0f:13:c1:c0:31:99: fe:51:a9:6e:60:ba:1b:9b:43:17:50:da:6a:e6:b2:09:a0:9d: c2:3f:aa:9b:ce:b7:cf:de:16:49:d7:f0:c2:e4:8b:af:9a:e0: 28:04:ed:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbqzipGFSmvlemVBJemzIuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczMDM4Y2RjNjI1MjJlNDg0YjA2MTVjNDI0MWM3ZTdhYTgy MWQ4ZDYwHhcNMjUxMjE0MDcwMjQ0WhcNMjUxMjE1MDcwMjQ0WjAzMTEwLwYDVQQD EyhkNjBjMWNhMTNiODY2YTJlZDMwNTIyMzY5N2M0OGE0ZTU3YzkzYTc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zvWdRZ//N8VwcfQDzkCCxCUggrK lNVgQPqRHY4n4xsWjL8UNYMR4S58ShPySsnCWp38dqSNGtYLRuZU0ibcVNFxvjdy 9v6x+A1c8aYiWVh1Pa9HKSnHpwQrYhpcxjggS+Xarxf9eInZ44wHPIDSziTfIYVy IOGQsv5W36npboHp5leiHjKBjPLlKnDCA6nwEJ8IAEq44mn2dbVYt4WoZgU2kWTM k4QCYQGU3APnxl0b39MeGxdur6BLBzOBZtXAHkTCbOpRhOedyAc8ZhOy2CgvW+ZI OL0jkjKLpV7MNhwHhj6D7pDbvZjxNXVhG6W+9ZRahI1VyonUCzrdazd6NwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNYMHKE7hmou0wUiNpfEik5XyTp1MB8GA1UdIwQY MBaAFHMDjNxiUi5ISwYVxCQcfnqoIdjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjIt MjkyOWI5ZjFkMTViLzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9kZjMyZGQtNzVhZS00OGIyLWExYjItMjkyOWI5ZjFkMTVi LzEvY3dPTTNHSlNMa2hMQmhYRUpCeC1lcWdoMk5ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAicDdTXpq ZY6nl/5h/cQjRb9BoxJu1ZrO/vVh2OWxX/Rvoygyz8MHGZCI+1fDPYrvnJPJHknX rnE+b/AJxWVcMXoDFewRi6xlJQW6wdLQsJtN5wDjIQKouhoHohH9rcbTXlksMoKq nS9dqFIbuGlyFUuGDwr23oXjnamaEiXvs7ycES2FFqBcopO5x03e2lgZF45OVU1r /IRsFYwFx/ZibgVoGSRX5bt0vKJ8bxKQcqaJ1BL9Q2ecjjImrCFJa/GdCubjd8xJ Hnb65E+zQNEcwtqrDxPBwDGZ/lGpbmC6G5tDF1DaauayCaCdwj+qm863z94WSdfw wuSLr5rgKATtXA== -----END CERTIFICATE-----Generated at Sun Dec 14 09:37:58 2025 by rpki-client