This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft File: CvFmObpIfvljxWzLMm8lCNGoPv0.mft (raw, json) Hash identifier: gBHOGrRxqaurY33tSrZr1ZciKY4KujVls1bG+QvGQr8= Subject key identifier: 45:71:CE:1E:EF:09:01:35:2F:3F:08:9F:33:EA:1F:97:7B:30:02:12 Authority key identifier: 0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD Certificate issuer: /CN=0af16639ba487ef963c56ccb326f2508d1a83efd Certificate serial: 019B34C43DECD99B3FE817AA6F61DACD79FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft Manifest number: 0A73 Signing time: Fri 19 Dec 2025 04:00:34 +0000 Manifest this update: Fri 19 Dec 2025 04:00:34 +0000 Manifest next update: Sat 20 Dec 2025 04:00:34 +0000 Files and hashes: 1: CvFmObpIfvljxWzLMm8lCNGoPv0.crl (hash: xkd7JriYw77u7AX3XabDG7vpQUsBDVDrawWtq1C/2Xs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:3d:ec:d9:9b:3f:e8:17:aa:6f:61:da:cd:79:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0af16639ba487ef963c56ccb326f2508d1a83efd Validity Not Before: Dec 19 04:00:34 2025 GMT Not After : Dec 20 04:00:34 2025 GMT Subject: CN=4571ce1eef0901352f3f089f33ea1f977b300212 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:0f:17:1c:5e:14:30:ed:48:d3:69:85:76:f6: 58:7f:58:8f:d0:f8:2d:17:5e:1b:52:d4:00:e5:9d: ef:96:4b:33:e2:c5:83:fb:bd:a4:d7:f3:12:4b:ea: 10:33:ef:57:3f:8f:6a:1f:67:e1:6b:ba:e3:1b:c0: 11:a5:20:4c:e0:51:09:2c:27:cd:53:15:48:6f:18: 6a:76:e0:cf:c5:c1:f6:2e:63:da:6c:94:64:21:82: 54:eb:60:cd:43:8a:c3:61:84:c3:01:0e:4d:c7:0b: 8a:c5:5b:56:84:59:d7:5f:e7:a5:7c:9c:2b:6c:6a: 05:09:db:39:de:d8:48:85:49:1b:e4:ff:28:3f:1e: ba:09:19:5c:d9:f7:aa:e3:d9:fd:c0:a7:70:c1:09: f9:cd:49:97:41:28:e3:73:15:4b:9d:4c:10:ed:a4: 22:26:c5:64:e0:4c:10:b6:44:3e:fe:52:09:8c:ed: b8:cb:7c:7d:3b:ef:cf:81:1f:45:af:bf:38:f8:3c: 8a:55:1c:38:fe:b6:7f:d4:9d:91:6b:da:75:24:e4: 82:de:16:4f:c0:8b:c7:da:b2:27:eb:72:c9:c4:0c: 9e:e0:74:7b:3e:0b:df:08:3d:2e:99:c8:36:03:24: 10:40:e6:6d:d1:40:6f:53:47:2d:1e:3d:2f:c8:1e: b4:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:71:CE:1E:EF:09:01:35:2F:3F:08:9F:33:EA:1F:97:7B:30:02:12 X509v3 Authority Key Identifier: keyid:0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:e0:5a:b1:40:25:27:68:7d:f1:0c:2f:ab:99:48:fa:b1:28: 34:6c:20:0b:4f:69:d8:4e:92:f1:7e:06:0f:bf:17:4b:f7:60: 2a:b4:2e:99:a2:53:af:f3:86:31:00:52:3e:7c:fb:6e:69:76: 5c:06:3f:2e:d4:c3:59:05:e5:59:6c:5e:69:5f:e9:12:1c:ec: e0:4f:27:9d:26:53:48:70:8a:0c:7c:00:57:f1:c7:30:68:1f: f1:37:cf:46:2a:2c:6c:b8:ef:1d:54:b9:28:22:ba:66:66:cc: d5:e2:b8:38:31:ec:04:25:39:bf:08:f1:05:0f:7e:b6:30:c2: fb:99:83:07:b6:52:f7:a1:a0:b3:6b:aa:a1:e3:d3:ad:d0:61: c0:26:eb:b9:7b:58:0f:d2:40:67:b1:80:74:ee:33:5c:8a:ba: bf:bb:fd:51:ed:2d:e7:29:36:28:eb:8b:5f:65:9e:a8:7d:47: 06:31:41:ad:8a:5e:43:50:96:1c:61:65:af:a4:f6:b9:cd:0a: 0b:43:5e:f7:d1:1f:10:cb:ac:dc:69:8b:53:a2:88:35:31:02: 4e:3f:1e:7f:c7:4f:c8:1f:03:c6:39:22:31:99:2a:2b:90:6d: 7d:fc:c7:60:cf:5c:8a:0b:6b:3c:47:4d:5e:6c:35:ee:eb:6b: 10:62:10:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xD3s2Zs/6Beqb2HazXn6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhZjE2NjM5YmE0ODdlZjk2M2M1NmNjYjMyNmYyNTA4ZDFh ODNlZmQwHhcNMjUxMjE5MDQwMDM0WhcNMjUxMjIwMDQwMDM0WjAzMTEwLwYDVQQD Eyg0NTcxY2UxZWVmMDkwMTM1MmYzZjA4OWYzM2VhMWY5NzdiMzAwMjEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ8XHF4UMO1I02mFdvZYf1iP0Pgt F14bUtQA5Z3vlksz4sWD+72k1/MSS+oQM+9XP49qH2fha7rjG8ARpSBM4FEJLCfN UxVIbxhqduDPxcH2LmPabJRkIYJU62DNQ4rDYYTDAQ5NxwuKxVtWhFnXX+elfJwr bGoFCds53thIhUkb5P8oPx66CRlc2feq49n9wKdwwQn5zUmXQSjjcxVLnUwQ7aQi JsVk4EwQtkQ+/lIJjO24y3x9O+/PgR9Fr784+DyKVRw4/rZ/1J2Ra9p1JOSC3hZP wIvH2rIn63LJxAye4HR7PgvfCD0umcg2AyQQQOZt0UBvU0ctHj0vyB60nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEVxzh7vCQE1Lz8InzPqH5d7MAISMB8GA1UdIwQY MBaAFArxZjm6SH75Y8VsyzJvJQjRqD79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1Mjkt M2M2Mzc2NTE1MDdkLzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1MjktM2M2Mzc2NTE1MDdk LzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFeBasUAl J2h98Qwvq5lI+rEoNGwgC09p2E6S8X4GD78XS/dgKrQumaJTr/OGMQBSPnz7bml2 XAY/LtTDWQXlWWxeaV/pEhzs4E8nnSZTSHCKDHwAV/HHMGgf8TfPRiosbLjvHVS5 KCK6ZmbM1eK4ODHsBCU5vwjxBQ9+tjDC+5mDB7ZS96Ggs2uqoePTrdBhwCbruXtY D9JAZ7GAdO4zXIq6v7v9Ue0t5yk2KOuLX2WeqH1HBjFBrYpeQ1CWHGFlr6T2uc0K C0Ne99EfEMus3GmLU6KINTECTj8ef8dPyB8DxjkiMZkqK5BtffzHYM9cigtrPEdN Xmw17utrEGIQoQ== -----END CERTIFICATE-----Generated at Fri Dec 19 08:51:53 2025 by rpki-client