This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft File: rwMNO0xYnpSj72Hd1UAajz_3m20.mft (raw, json) Hash identifier: DcQBKDCelRTFWjsg0wCd5dTEy9QMjthpLOa65dXcbpA= Subject key identifier: 43:AA:F4:BF:4D:F9:71:16:7C:66:CF:C4:AC:06:E9:8E:E7:63:D7:D6 Authority key identifier: AF:03:0D:3B:4C:58:9E:94:A3:EF:61:DD:D5:40:1A:8F:3F:F7:9B:6D Certificate issuer: /CN=af030d3b4c589e94a3ef61ddd5401a8f3ff79b6d Certificate serial: 019B3CEBA10C44E6FC8106AFF7CD9B904B9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwMNO0xYnpSj72Hd1UAajz_3m20.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft Manifest number: 05BE Signing time: Sat 20 Dec 2025 18:00:33 +0000 Manifest this update: Sat 20 Dec 2025 18:00:33 +0000 Manifest next update: Sun 21 Dec 2025 18:00:33 +0000 Files and hashes: 1: lhPT8Z32dm5HBnSDBqDW1qERmiA.roa (hash: 0NqD/8/FwQf4n6Nk71zoiew6bzyeCyV72ogP7Shiesg=) 2: rwMNO0xYnpSj72Hd1UAajz_3m20.crl (hash: itafJwIcaTcO7yFztkwP9fpslSqvbiGbMIU62MafJmE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft rsync://rpki.ripe.net/repository/DEFAULT/rwMNO0xYnpSj72Hd1UAajz_3m20.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:eb:a1:0c:44:e6:fc:81:06:af:f7:cd:9b:90:4b:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af030d3b4c589e94a3ef61ddd5401a8f3ff79b6d Validity Not Before: Dec 20 18:00:33 2025 GMT Not After : Dec 21 18:00:33 2025 GMT Subject: CN=43aaf4bf4df971167c66cfc4ac06e98ee763d7d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:66:2d:6e:96:4d:34:2a:89:fb:28:59:55:45: 8a:ef:fa:16:74:4c:1b:eb:27:ad:b1:0f:07:1c:c2: bd:61:56:45:30:8b:68:07:c9:73:77:44:5b:df:05: e5:3c:6f:ca:57:8b:51:01:61:ba:10:59:27:6f:7f: c9:73:92:1f:d2:be:36:96:2d:0d:01:b8:10:6b:f4: c6:e7:d6:65:33:6d:f7:21:9d:82:ec:e7:dd:2a:bb: b5:22:f2:cc:ab:48:9e:ac:9a:f4:85:0a:89:e2:6f: bd:a8:02:85:a2:e5:a4:16:42:80:ed:b1:40:fd:0a: a1:a6:b8:86:47:db:f1:c3:45:92:fc:bc:26:47:66: 47:19:7c:3e:4e:b5:33:40:dc:91:bb:4b:2e:81:96: e1:a1:1e:a5:ed:97:f1:4d:c9:37:7b:6a:7e:18:9f: a5:bb:c7:aa:4a:b2:17:c4:ec:89:ea:e4:07:21:98: 89:4b:02:59:34:f1:57:3f:34:a0:10:06:bb:49:60: 97:bb:1f:a5:9f:48:be:c1:b1:5c:b1:ca:c9:8d:e1: e8:6e:53:37:22:77:cb:14:f8:d1:89:62:8c:f7:8d: 99:ee:e9:f3:e3:a2:a1:3d:25:04:1d:e8:d3:91:8e: f3:cd:c4:7b:8d:fe:85:49:eb:5b:db:0e:07:4f:4e: 3e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:AA:F4:BF:4D:F9:71:16:7C:66:CF:C4:AC:06:E9:8E:E7:63:D7:D6 X509v3 Authority Key Identifier: keyid:AF:03:0D:3B:4C:58:9E:94:A3:EF:61:DD:D5:40:1A:8F:3F:F7:9B:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwMNO0xYnpSj72Hd1UAajz_3m20.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:f5:22:05:e3:b3:26:8f:15:07:05:23:06:2e:88:7d:ea:b8: 6c:11:f1:36:46:ac:a9:11:52:fd:a2:d6:ef:4c:ea:81:20:5d: d8:0b:50:27:5f:20:47:22:a9:b8:57:77:23:cd:1e:bb:e3:8f: 59:5a:4c:40:6d:57:37:c1:64:6a:5c:ba:f9:67:a7:e2:c4:8c: e8:37:17:d7:0a:1e:4c:5d:e8:c1:5c:d5:38:09:d2:ad:c6:9c: 33:60:4c:01:f0:06:1a:c6:d4:4c:9f:38:95:b9:19:17:2f:a5: 4f:cd:fb:c4:80:f6:39:fe:84:08:0e:4d:43:34:44:83:5e:6a: d2:8c:f1:56:78:19:e5:69:35:b6:0f:26:cf:86:0e:11:3d:31: f6:1f:08:84:6a:05:9b:db:68:0f:9f:a3:68:44:34:58:53:0e: 13:f1:b7:9b:ad:e2:b5:c3:a6:2d:fe:bb:47:b0:bc:bc:77:77: 5e:df:0e:b0:0c:87:9a:a9:12:5c:ae:50:a4:24:b7:72:18:f9: bb:23:98:23:69:01:a6:5d:bf:28:12:64:79:3e:4b:64:5e:07: a3:94:4f:b4:73:7a:7e:4b:79:32:82:31:2a:2a:7c:f1:bb:0d: 02:3b:ee:b3:2b:3d:c6:83:35:10:ad:0c:d4:93:1e:b0:7e:1c: 3d:6a:32:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs866EMROb8gQav982bkEubMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMDMwZDNiNGM1ODllOTRhM2VmNjFkZGQ1NDAxYThmM2Zm NzliNmQwHhcNMjUxMjIwMTgwMDMzWhcNMjUxMjIxMTgwMDMzWjAzMTEwLwYDVQQD Eyg0M2FhZjRiZjRkZjk3MTE2N2M2NmNmYzRhYzA2ZTk4ZWU3NjNkN2Q2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGYtbpZNNCqJ+yhZVUWK7/oWdEwb 6yetsQ8HHMK9YVZFMItoB8lzd0Rb3wXlPG/KV4tRAWG6EFknb3/Jc5If0r42li0N AbgQa/TG59ZlM233IZ2C7OfdKru1IvLMq0ierJr0hQqJ4m+9qAKFouWkFkKA7bFA /QqhpriGR9vxw0WS/LwmR2ZHGXw+TrUzQNyRu0sugZbhoR6l7ZfxTck3e2p+GJ+l u8eqSrIXxOyJ6uQHIZiJSwJZNPFXPzSgEAa7SWCXux+ln0i+wbFcscrJjeHoblM3 InfLFPjRiWKM942Z7unz46KhPSUEHejTkY7zzcR7jf6FSetb2w4HT04+EQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEOq9L9N+XEWfGbPxKwG6Y7nY9fWMB8GA1UdIwQY MBaAFK8DDTtMWJ6Uo+9h3dVAGo8/95ttMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcndNTk8weFlucFNqNzJIZDFVQWFqel8zbTIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8wZGE4NDctMWFlOS00OTZjLTg5ZmEt OTI0NWE5YWI5NzhiLzEvcndNTk8weFlucFNqNzJIZDFVQWFqel8zbTIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi8wZGE4NDctMWFlOS00OTZjLTg5ZmEtOTI0NWE5YWI5Nzhi LzEvcndNTk8weFlucFNqNzJIZDFVQWFqel8zbTIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfUiBeOz Jo8VBwUjBi6Ifeq4bBHxNkasqRFS/aLW70zqgSBd2AtQJ18gRyKpuFd3I80eu+OP WVpMQG1XN8Fkaly6+Wen4sSM6DcX1woeTF3owVzVOAnSrcacM2BMAfAGGsbUTJ84 lbkZFy+lT837xID2Of6ECA5NQzREg15q0ozxVngZ5Wk1tg8mz4YOET0x9h8IhGoF m9toD5+jaEQ0WFMOE/G3m63itcOmLf67R7C8vHd3Xt8OsAyHmqkSXK5QpCS3chj5 uyOYI2kBpl2/KBJkeT5LZF4Ho5RPtHN6fkt5MoIxKip88bsNAjvusys9xoM1EK0M 1JMesH4cPWoyPw== -----END CERTIFICATE-----Generated at Sun Dec 21 03:00:39 2025 by rpki-client