This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft File: CWmio5Y1t5dHbx8WM66PJ78ztTM.mft (raw, json) Hash identifier: wk0QufxfIu3t3vxJEgQj5CmUiUBt09yOyO3J/FoNun0= Subject key identifier: B2:86:70:3C:41:51:88:82:1E:BB:19:B6:46:66:37:2C:61:1C:E7:35 Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33 Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533 Certificate serial: 019B3CEC0AAD037AC31D408B6A172E0E2BA1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft Manifest number: 08EF Signing time: Sat 20 Dec 2025 18:01:00 +0000 Manifest this update: Sat 20 Dec 2025 18:01:00 +0000 Manifest next update: Sun 21 Dec 2025 18:01:00 +0000 Files and hashes: 1: CWmio5Y1t5dHbx8WM66PJ78ztTM.crl (hash: o3pKtExi/WvPcLqTGT4GsPZSyzXmGtlMjY3+YMHDyW4=) 2: NsSedmTQW8OnTTsqv3X8CBZy-xU.roa (hash: WFkKh3bAC4MDDNtqyFfpo7GUVyreugPfu/r7LcM/fN4=) 3: TeB088r0q83Xt0BxDsUFRJ09n_w.roa (hash: G48KXbKrX68pg0VWA7DNE58/xU413WQGSqX5xHVo4rY=) 4: eZ1oRKw2ZmvD0_NWa-kdmh2g-eo.roa (hash: 2jAE9EFeYAI0mBmHLdLHHE90HLI9cIG+7iKSbXwklN4=) 5: l5LQQJ1hscP11M9PGOZJoYipJjA.roa (hash: 1Qefj38Zjj0ROOLLrKtBW86/Osz3b9lr4tBY77Lptdo=) 6: xpGPm8doChOtU-RLJwfI6J2_2pE.roa (hash: Q+zp0nrHHDLtwJs9nHZ2VnA34/82Rp5NA50n42Hv6uk=) 7: zV6ZdwRwY22YxnJ7o5KrLFiOSks.roa (hash: CU+aUbdKG8+gc+SLXpNeHe0gAI7HsoYH7L1e2ZbkQtc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:0a:ad:03:7a:c3:1d:40:8b:6a:17:2e:0e:2b:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533 Validity Not Before: Dec 20 18:01:00 2025 GMT Not After : Dec 21 18:01:00 2025 GMT Subject: CN=b286703c415188821ebb19b64666372c611ce735 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e7:56:7b:bc:61:60:2e:8c:4a:94:99:01:00: e6:d6:e0:7a:3d:04:a7:d0:69:ff:2c:b7:1c:c5:61: 46:71:b4:f4:65:71:0c:7a:19:66:57:3a:90:bd:e0: 93:c1:aa:85:ba:b4:1f:46:d2:51:50:fd:b2:37:49: 90:2a:94:67:cd:20:f5:e7:3d:e6:ac:b8:46:7f:02: a5:4c:c0:ba:04:00:4a:b8:d8:6e:48:6c:94:d0:1b: 70:63:d7:c4:7f:91:ee:27:c6:7b:83:92:e7:e1:d4: 25:4c:7f:c4:31:95:d8:40:69:64:16:73:10:b5:7a: a6:e5:65:22:98:65:dc:05:56:cf:62:3c:de:cc:45: bf:d6:8a:b0:9f:c4:ca:ee:67:f2:bc:32:5f:6f:6f: f2:b4:3d:70:3e:9f:e2:d8:ad:fe:95:bf:48:10:05: 46:eb:96:a9:3f:27:41:ac:4b:b8:66:13:71:5b:d2: e1:e8:36:53:d3:2f:54:e1:42:0c:d3:6d:7d:bf:ae: b0:8d:c9:50:e1:dc:b8:fe:1b:e1:d8:84:7f:6e:cd: 78:32:38:df:dd:cc:ca:a7:8c:a6:0e:da:fa:1b:72: 37:e6:0e:27:a2:cc:65:eb:d0:62:85:38:5c:c8:80: 7b:33:e6:0c:5e:29:9f:f1:e8:6f:ac:00:49:50:b4: c8:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:86:70:3C:41:51:88:82:1E:BB:19:B6:46:66:37:2C:61:1C:E7:35 X509v3 Authority Key Identifier: keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:78:01:3c:83:f8:56:64:ab:10:99:41:de:17:3c:84:c3:3a: 92:42:c7:ff:ec:35:c0:86:69:78:02:19:3f:0a:35:68:07:07: 48:63:58:b7:4e:5f:47:ff:4f:e3:29:da:51:63:8b:2c:be:43: 82:4f:84:7e:8f:ab:7f:e8:6c:6e:cc:62:cf:85:5d:26:b4:4b: fe:5b:56:c3:bc:44:0a:78:cc:02:59:3d:05:b4:7b:5f:63:a0: 6b:5a:cd:f0:64:32:c2:eb:46:44:2e:97:e3:46:30:eb:7c:c0: 1e:b0:d6:fe:90:12:2c:df:7d:1e:af:7f:8e:37:08:17:7c:f6: a6:e5:1f:ab:94:e7:90:e4:46:db:b8:80:c9:4c:3c:43:02:4e: 61:25:36:e0:6b:7d:86:d4:af:b0:fd:9e:bd:92:ca:ff:b8:24: ce:b8:52:5f:34:1a:5a:b4:95:49:ce:a9:c3:b2:28:3d:17:f0: e8:16:5f:8e:66:68:f9:ab:d4:b7:10:2f:b8:d5:e5:24:e2:9d: 94:ea:c6:7f:b2:29:2f:c5:78:08:cf:4a:01:47:09:25:8d:d2: fb:89:a1:70:c1:bc:25:91:de:6a:34:e3:50:1b:ca:29:01:67: 03:7b:d4:25:c2:50:a5:21:86:ff:e3:bb:26:8e:18:f0:00:ac: d9:80:0f:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87AqtA3rDHUCLahcuDiuhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz M2I1MzMwHhcNMjUxMjIwMTgwMTAwWhcNMjUxMjIxMTgwMTAwWjAzMTEwLwYDVQQD EyhiMjg2NzAzYzQxNTE4ODgyMWViYjE5YjY0NjY2MzcyYzYxMWNlNzM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOdWe7xhYC6MSpSZAQDm1uB6PQSn 0Gn/LLccxWFGcbT0ZXEMehlmVzqQveCTwaqFurQfRtJRUP2yN0mQKpRnzSD15z3m rLhGfwKlTMC6BABKuNhuSGyU0BtwY9fEf5HuJ8Z7g5Ln4dQlTH/EMZXYQGlkFnMQ tXqm5WUimGXcBVbPYjzezEW/1oqwn8TK7mfyvDJfb2/ytD1wPp/i2K3+lb9IEAVG 65apPydBrEu4ZhNxW9Lh6DZT0y9U4UIM0219v66wjclQ4dy4/hvh2IR/bs14Mjjf 3czKp4ymDtr6G3I35g4nosxl69BihThcyIB7M+YMXimf8ehvrABJULTI2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKGcDxBUYiCHrsZtkZmNyxhHOc1MB8GA1UdIwQY MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt NDE0OTA4NzJmYzRlLzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACngBPIP4 VmSrEJlB3hc8hMM6kkLH/+w1wIZpeAIZPwo1aAcHSGNYt05fR/9P4ynaUWOLLL5D gk+Efo+rf+hsbsxiz4VdJrRL/ltWw7xECnjMAlk9BbR7X2Oga1rN8GQywutGRC6X 40Yw63zAHrDW/pASLN99Hq9/jjcIF3z2puUfq5TnkORG27iAyUw8QwJOYSU24Gt9 htSvsP2evZLK/7gkzrhSXzQaWrSVSc6pw7IoPRfw6BZfjmZo+avUtxAvuNXlJOKd lOrGf7IpL8V4CM9KAUcJJY3S+4mhcMG8JZHeajTjUBvKKQFnA3vUJcJQpSGG/+O7 Jo4Y8ACs2YAPOA== -----END CERTIFICATE-----Generated at Sun Dec 21 01:12:34 2025 by rpki-client