This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft File: RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft (raw, json) Hash identifier: wyNR5KDsHGoYZ5LDNSgJE2bdU3BdNJ5dn9lKutTNES4= Subject key identifier: 36:70:D7:97:58:A2:7E:E4:E1:E1:D6:2C:81:AF:71:06:00:40:3D:44 Authority key identifier: 44:05:86:C5:46:14:B9:6E:DB:84:70:95:24:A3:34:B3:1C:99:99:FD Certificate issuer: /CN=440586c54614b96edb84709524a334b31c9999fd Certificate serial: 019B4BF10A94B489B3064D4A4EB1796DB7AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RAWGxUYUuW7bhHCVJKM0sxyZmf0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft Manifest number: 0A98 Signing time: Tue 23 Dec 2025 16:00:46 +0000 Manifest this update: Tue 23 Dec 2025 16:00:46 +0000 Manifest next update: Wed 24 Dec 2025 16:00:46 +0000 Files and hashes: 1: RAWGxUYUuW7bhHCVJKM0sxyZmf0.crl (hash: kWcekY4f/rsrwE5AgeMgKQR0FmYhlxEZrejDMLdYwKU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft rsync://rpki.ripe.net/repository/DEFAULT/RAWGxUYUuW7bhHCVJKM0sxyZmf0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:f1:0a:94:b4:89:b3:06:4d:4a:4e:b1:79:6d:b7:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=440586c54614b96edb84709524a334b31c9999fd Validity Not Before: Dec 23 16:00:46 2025 GMT Not After : Dec 24 16:00:46 2025 GMT Subject: CN=3670d79758a27ee4e1e1d62c81af710600403d44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:69:47:ac:b6:aa:9b:89:fc:9a:e5:b8:f2:21: be:1b:90:3b:08:02:7a:ee:b7:c7:7d:e4:c7:3f:ea: 3d:37:49:53:db:7b:1d:45:39:e4:2e:b4:cd:a1:9c: e2:58:bd:56:1e:92:7e:e1:9f:62:fb:fe:8f:44:f9: 21:bc:06:bb:bc:1e:e3:cf:e3:a7:22:20:94:ea:62: 3b:2f:09:40:a4:13:ca:03:3c:b8:15:af:74:58:0b: f1:81:00:26:a1:77:ea:7d:91:5d:f1:64:44:71:eb: 58:51:6c:26:ef:12:56:ad:f0:eb:87:e2:d6:00:d9: f5:29:74:95:cf:01:62:7f:d0:ac:62:75:8e:7c:61: 31:b5:ee:25:5c:3f:0c:fb:88:1c:e1:31:e4:b7:2d: 6a:62:32:8c:21:0f:d4:7e:c9:88:83:f0:4e:cf:ab: d4:6e:ed:b5:be:fe:b9:f5:00:ba:da:6e:a4:15:d7: 18:4b:f3:6b:08:01:1c:fa:b4:75:7c:0d:1f:86:50: 0c:e5:d1:e2:ac:70:39:50:c3:67:a0:50:95:53:3a: 6a:9c:d8:36:6c:b3:c1:d1:57:8e:99:e5:0b:d2:c8: 7a:0a:4c:85:4f:94:ca:2c:ae:8a:99:a3:6e:38:54: 09:fc:81:27:9c:0a:3e:95:14:18:e6:d1:4b:e2:d6: b9:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:70:D7:97:58:A2:7E:E4:E1:E1:D6:2C:81:AF:71:06:00:40:3D:44 X509v3 Authority Key Identifier: keyid:44:05:86:C5:46:14:B9:6E:DB:84:70:95:24:A3:34:B3:1C:99:99:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RAWGxUYUuW7bhHCVJKM0sxyZmf0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:f0:b3:dd:f5:cc:ea:8e:d1:da:24:cf:4d:34:9d:7f:13:f2: 87:8c:36:3a:58:84:72:01:9e:b8:a3:59:db:12:c8:d0:66:f3: b7:a9:ae:30:f4:46:cc:b2:a1:6a:7e:e2:7a:26:cb:20:c3:7d: fd:cd:f7:aa:6f:a3:2d:01:68:28:ce:ef:4c:38:c3:71:8c:1a: 32:c0:8b:c1:35:fc:a7:84:6d:1f:7e:95:f0:af:78:f4:7d:8d: 39:44:0e:f9:77:6f:57:43:8e:fe:94:62:a5:e8:02:70:41:48: d4:5f:b4:c2:04:e9:3e:3e:7d:b8:b9:c5:b9:6c:44:75:87:40: 61:ee:ae:9c:a2:16:c0:a6:68:3a:4e:3e:5a:ea:c6:9b:66:74: 7c:ac:8b:54:55:e9:2e:ad:f6:dc:c3:08:fc:48:7d:d9:62:07: f7:0f:17:50:4b:74:8d:1e:49:47:aa:af:fa:da:13:30:60:87: 92:3b:dc:85:1f:97:99:78:a7:a6:d7:a2:b0:44:ce:19:35:69: 86:4c:79:0a:2e:12:64:85:bd:61:96:f5:51:42:a7:91:94:ca: cc:46:24:2a:75:e7:4d:6d:a7:e4:15:3b:01:f9:a8:d2:fc:4f: fc:28:8f:85:d3:5a:0c:9a:47:6c:14:39:2d:ae:5f:e4:26:4a: d7:e2:4a:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtL8QqUtImzBk1KTrF5bbesMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0MDU4NmM1NDYxNGI5NmVkYjg0NzA5NTI0YTMzNGIzMWM5 OTk5ZmQwHhcNMjUxMjIzMTYwMDQ2WhcNMjUxMjI0MTYwMDQ2WjAzMTEwLwYDVQQD EygzNjcwZDc5NzU4YTI3ZWU0ZTFlMWQ2MmM4MWFmNzEwNjAwNDAzZDQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+2lHrLaqm4n8muW48iG+G5A7CAJ6 7rfHfeTHP+o9N0lT23sdRTnkLrTNoZziWL1WHpJ+4Z9i+/6PRPkhvAa7vB7jz+On IiCU6mI7LwlApBPKAzy4Fa90WAvxgQAmoXfqfZFd8WREcetYUWwm7xJWrfDrh+LW ANn1KXSVzwFif9CsYnWOfGExte4lXD8M+4gc4THkty1qYjKMIQ/UfsmIg/BOz6vU bu21vv659QC62m6kFdcYS/NrCAEc+rR1fA0fhlAM5dHirHA5UMNnoFCVUzpqnNg2 bLPB0VeOmeUL0sh6CkyFT5TKLK6KmaNuOFQJ/IEnnAo+lRQY5tFL4ta5LQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDZw15dYon7k4eHWLIGvcQYAQD1EMB8GA1UdIwQY MBaAFEQFhsVGFLlu24RwlSSjNLMcmZn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkFXR3hVWVV1VzdiaEhDVkpLTTBzeHlabWYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy82YmMwYzgtMWFkNy00NmVkLThlYzIt Yzc0Y2M1NGE3ZTg1LzEvUkFXR3hVWVV1VzdiaEhDVkpLTTBzeHlabWYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy82YmMwYzgtMWFkNy00NmVkLThlYzItYzc0Y2M1NGE3ZTg1 LzEvUkFXR3hVWVV1VzdiaEhDVkpLTTBzeHlabWYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/Cz3fXM 6o7R2iTPTTSdfxPyh4w2OliEcgGeuKNZ2xLI0Gbzt6muMPRGzLKhan7ieibLIMN9 /c33qm+jLQFoKM7vTDjDcYwaMsCLwTX8p4RtH36V8K949H2NOUQO+XdvV0OO/pRi pegCcEFI1F+0wgTpPj59uLnFuWxEdYdAYe6unKIWwKZoOk4+WurGm2Z0fKyLVFXp Lq323MMI/Eh92WIH9w8XUEt0jR5JR6qv+toTMGCHkjvchR+XmXinpteisETOGTVp hkx5Ci4SZIW9YZb1UUKnkZTKzEYkKnXnTW2n5BU7Afmo0vxP/CiPhdNaDJpHbBQ5 La5f5CZK1+JKeQ== -----END CERTIFICATE-----Generated at Tue Dec 23 20:52:58 2025 by rpki-client