This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json) Hash identifier: yYn0oW3mDgG84Oc6UcJccvZ60GLFm9FiGWYyG1fsGSE= Subject key identifier: 03:CC:67:9A:5E:4E:51:42:ED:F7:B6:88:84:B5:65:D9:CE:5C:37:49 Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c Certificate serial: 019B27ADB68F09176A885AB7C4C68D05376A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft Manifest number: 15C7 Signing time: Tue 16 Dec 2025 15:00:54 +0000 Manifest this update: Tue 16 Dec 2025 15:00:54 +0000 Manifest next update: Wed 17 Dec 2025 15:00:54 +0000 Files and hashes: 1: LPL5COduulE_WMolEzZwrGXijT4.roa (hash: H3PvlGhuhwCJd5x48Dt0jme9fPhyxLV/+QRuAD/R+ek=) 2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: QEdcwElDebCGAfx9z7y/6+a6ckRTo1iT+zVThzOEM0o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:ad:b6:8f:09:17:6a:88:5a:b7:c4:c6:8d:05:37:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c Validity Not Before: Dec 16 15:00:54 2025 GMT Not After : Dec 17 15:00:54 2025 GMT Subject: CN=03cc679a5e4e5142edf7b68884b565d9ce5c3749 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:45:e3:37:69:d8:e3:07:22:7d:6f:79:4a:63: 78:04:c0:a7:6b:e3:45:d5:a5:32:48:9f:6e:36:80: 2e:5f:5c:e1:89:ee:9c:8c:f0:5a:f5:98:9c:dc:fe: 87:0b:da:d7:28:8f:87:f1:10:93:ae:34:59:d2:67: c0:aa:9f:0e:b2:11:de:50:be:02:f5:18:e8:2a:da: 84:07:80:11:75:78:80:53:c8:fb:19:1f:04:cc:13: 2b:31:7d:65:3e:aa:60:6e:37:d1:cd:64:c1:5e:c6: f3:a8:36:ac:c9:7d:4c:b0:b7:34:77:21:9c:37:dc: 3f:b7:a1:bb:a5:b7:51:70:d5:3b:7c:31:d5:b5:21: 26:42:df:8c:5f:e2:c1:5d:4f:71:63:aa:36:74:7b: f1:13:f5:95:0f:78:d0:d7:81:ec:18:06:68:9e:0e: 22:d0:15:e8:a4:51:7c:9a:30:f3:cb:d2:32:c1:8f: 36:0c:c7:4e:1e:55:03:d7:da:ba:20:db:b4:be:fc: 86:23:36:f6:95:a9:07:d2:e2:1f:e8:bd:fa:64:c6: 65:2c:dc:8a:0d:b9:06:68:bd:c8:3c:b5:29:0f:01: 34:60:ee:6f:9e:59:be:60:38:f3:78:3b:f1:8f:6c: fa:75:4e:f0:22:dd:9c:65:f1:1c:45:76:a0:4c:8c: ba:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:CC:67:9A:5E:4E:51:42:ED:F7:B6:88:84:B5:65:D9:CE:5C:37:49 X509v3 Authority Key Identifier: keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:30:1a:1d:9d:a2:f5:48:4e:2c:e9:98:35:d8:98:86:c5:2e: f3:42:2b:f8:b6:f8:c7:49:78:c7:f2:dc:e4:f7:c4:12:ac:aa: 71:cf:35:c0:2c:53:74:df:11:6b:26:c8:ed:c9:7d:e9:c9:bf: f0:1d:e3:34:a4:d0:a6:fd:0f:a7:2a:61:d0:ec:71:23:69:28: 2a:37:92:8e:b8:63:e9:b6:93:a7:dd:84:6c:53:d4:07:ba:99: f8:00:ae:bb:c5:9a:61:0a:10:0a:66:5b:b4:bb:db:30:c6:c0: 86:c3:ce:c1:96:d7:ef:60:d7:b9:b8:e3:0c:ad:83:9a:49:14: 4a:ef:ba:47:ef:0f:94:63:44:40:d8:07:bd:7c:be:c2:8a:9a: 63:11:00:34:8a:f3:95:b8:29:76:0e:6b:1f:eb:ad:5e:c0:32: 88:99:4f:7f:b8:73:ff:43:2b:f8:f1:c5:58:5d:2a:a3:48:45: 58:37:cd:26:be:d9:7b:c9:ce:59:71:c7:0e:7f:59:16:ac:ff: 9f:f9:01:f3:3d:ce:d3:46:78:e2:ff:fb:40:c8:b4:7a:5c:95: 0f:db:d1:85:7b:c3:2c:9c:c0:e3:67:4d:77:ce:a1:55:c6:bd: 83:9a:69:0d:3d:06:89:70:fb:61:c7:cd:eb:b0:3e:82:d9:d4: 50:61:e1:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsnrbaPCRdqiFq3xMaNBTdqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3 NTkwOGMwHhcNMjUxMjE2MTUwMDU0WhcNMjUxMjE3MTUwMDU0WjAzMTEwLwYDVQQD EygwM2NjNjc5YTVlNGU1MTQyZWRmN2I2ODg4NGI1NjVkOWNlNWMzNzQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEXjN2nY4wcifW95SmN4BMCna+NF 1aUySJ9uNoAuX1zhie6cjPBa9Zic3P6HC9rXKI+H8RCTrjRZ0mfAqp8OshHeUL4C 9RjoKtqEB4ARdXiAU8j7GR8EzBMrMX1lPqpgbjfRzWTBXsbzqDasyX1MsLc0dyGc N9w/t6G7pbdRcNU7fDHVtSEmQt+MX+LBXU9xY6o2dHvxE/WVD3jQ14HsGAZong4i 0BXopFF8mjDzy9IywY82DMdOHlUD19q6INu0vvyGIzb2lakH0uIf6L36ZMZlLNyK DbkGaL3IPLUpDwE0YO5vnlm+YDjzeDvxj2z6dU7wIt2cZfEcRXagTIy63wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAPMZ5peTlFC7fe2iIS1ZdnOXDdJMB8GA1UdIwQY MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMDAaHZ2i 9UhOLOmYNdiYhsUu80Ir+Lb4x0l4x/Lc5PfEEqyqcc81wCxTdN8RaybI7cl96cm/ 8B3jNKTQpv0Ppyph0OxxI2koKjeSjrhj6baTp92EbFPUB7qZ+ACuu8WaYQoQCmZb tLvbMMbAhsPOwZbX72DXubjjDK2DmkkUSu+6R+8PlGNEQNgHvXy+woqaYxEANIrz lbgpdg5rH+utXsAyiJlPf7hz/0Mr+PHFWF0qo0hFWDfNJr7Ze8nOWXHHDn9ZFqz/ n/kB8z3O00Z44v/7QMi0elyVD9vRhXvDLJzA42dNd86hVca9g5ppDT0GiXD7YcfN 67A+gtnUUGHh5A== -----END CERTIFICATE-----Generated at Wed Dec 17 00:25:40 2025 by rpki-client