This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json) Hash identifier: uLa3VtZ6OiFcMi3hDj974DMADb1JF8EBOmZdA2x2ezM= Subject key identifier: 93:93:13:F6:A4:FB:92:AE:A7:F7:E7:FE:12:10:A9:5E:4F:33:92:0A Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c Certificate serial: 019AF19B8FCF2EF1E8BAE3355616733B93F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft Manifest number: 15AB Signing time: Sat 06 Dec 2025 03:01:35 +0000 Manifest this update: Sat 06 Dec 2025 03:01:35 +0000 Manifest next update: Sun 07 Dec 2025 03:01:35 +0000 Files and hashes: 1: LPL5COduulE_WMolEzZwrGXijT4.roa (hash: H3PvlGhuhwCJd5x48Dt0jme9fPhyxLV/+QRuAD/R+ek=) 2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: 8dzkxe9GbfLe0HoOkY9x2tVsqJHd4dMbV9SCPrKMBmI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:8f:cf:2e:f1:e8:ba:e3:35:56:16:73:3b:93:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c Validity Not Before: Dec 6 03:01:35 2025 GMT Not After : Dec 7 03:01:35 2025 GMT Subject: CN=939313f6a4fb92aea7f7e7fe1210a95e4f33920a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:dd:ef:00:28:c8:6d:34:3a:f5:86:ec:cd:35: d0:82:0f:6d:3a:b2:ad:b1:f2:c7:35:0a:d4:fe:af: c2:46:4c:cd:0d:2f:d3:e9:a0:3b:53:50:a5:bb:2a: 99:e6:f0:66:d1:35:2a:67:bb:52:ae:2e:91:17:b2: ab:6d:84:e3:ef:e1:bc:cc:84:3e:36:23:bc:41:53: 91:34:ee:c7:77:e8:36:4b:6e:1c:55:ff:21:03:ea: 28:12:87:1c:2a:1d:b3:20:96:8a:29:3e:b3:98:50: e9:2f:4c:23:1d:c5:be:06:27:4c:ae:9c:6a:13:66: ee:a5:23:68:d5:d0:85:79:12:26:14:c0:94:44:93: a4:9d:65:ab:51:49:a3:e4:33:b1:ed:9e:52:3a:22: 6d:4b:60:31:bc:b3:2a:a6:25:ef:62:a1:38:a8:2a: a5:4c:a2:71:a2:34:f1:53:87:e1:1f:21:fb:d9:98: 9f:28:b6:cc:23:c4:82:d4:5f:38:31:b3:6b:a8:9d: 3c:97:67:5a:e7:bb:06:a1:b8:cf:80:b7:d4:5c:64: ed:97:27:43:19:c4:cc:ba:c7:7e:17:6e:ce:a9:82: de:2e:2e:5c:d2:1a:d1:81:21:3f:f7:99:de:3c:7e: be:4a:bb:52:3a:cd:5e:e7:43:bd:49:5a:61:67:cc: e2:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:93:13:F6:A4:FB:92:AE:A7:F7:E7:FE:12:10:A9:5E:4F:33:92:0A X509v3 Authority Key Identifier: keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:71:cb:ae:b9:21:55:19:21:81:86:68:dc:80:f6:f7:9b:af: 68:88:d8:af:6f:15:d2:c8:e8:24:fc:f2:64:27:5a:ad:98:6f: 3e:d9:12:59:66:2f:65:05:52:6d:e0:b3:69:5c:ff:3b:5d:c1: eb:2b:b3:a5:a3:7b:97:15:26:c9:a5:7a:55:0b:43:a8:c8:c2: 2c:d1:19:95:d6:2f:c6:65:47:58:48:11:c6:92:22:58:c6:47: df:f9:fa:3d:72:6e:37:4c:2e:83:be:f7:93:7c:49:2f:70:62: fd:d7:ef:5a:0d:d9:a2:64:26:cd:17:b6:57:d6:d0:d5:d0:06: 94:cf:c9:db:7f:a0:8f:2c:f6:34:5e:8c:18:4c:f6:5c:9f:0d: 9a:bf:8c:99:40:0e:ef:d0:9c:ec:3b:3d:4c:11:b0:e8:71:99: 94:4b:17:42:5a:f8:f1:0b:71:a8:dc:54:8d:07:a8:66:b2:94: a5:9d:c1:32:9d:c0:79:f3:7c:a3:d8:4f:1d:de:83:f5:be:6a: 4e:2d:54:c5:51:cb:cb:91:b5:05:e7:49:6a:02:22:ff:4e:1a: 23:81:92:26:35:7d:dd:f8:cb:b5:1e:67:5b:70:34:dc:ea:de: 0a:4f:7b:86:f9:1e:09:0d:98:34:b5:5a:0f:86:81:1b:79:2b: ff:b9:2f:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm4/PLvHouuM1VhZzO5PxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3 NTkwOGMwHhcNMjUxMjA2MDMwMTM1WhcNMjUxMjA3MDMwMTM1WjAzMTEwLwYDVQQD Eyg5MzkzMTNmNmE0ZmI5MmFlYTdmN2U3ZmUxMjEwYTk1ZTRmMzM5MjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv93vACjIbTQ69YbszTXQgg9tOrKt sfLHNQrU/q/CRkzNDS/T6aA7U1CluyqZ5vBm0TUqZ7tSri6RF7KrbYTj7+G8zIQ+ NiO8QVORNO7Hd+g2S24cVf8hA+ooEoccKh2zIJaKKT6zmFDpL0wjHcW+BidMrpxq E2bupSNo1dCFeRImFMCURJOknWWrUUmj5DOx7Z5SOiJtS2AxvLMqpiXvYqE4qCql TKJxojTxU4fhHyH72ZifKLbMI8SC1F84MbNrqJ08l2da57sGobjPgLfUXGTtlydD GcTMusd+F27OqYLeLi5c0hrRgSE/95nePH6+SrtSOs1e50O9SVphZ8ziFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJOTE/ak+5Kup/fn/hIQqV5PM5IKMB8GA1UdIwQY MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqHHLrrkh VRkhgYZo3ID295uvaIjYr28V0sjoJPzyZCdarZhvPtkSWWYvZQVSbeCzaVz/O13B 6yuzpaN7lxUmyaV6VQtDqMjCLNEZldYvxmVHWEgRxpIiWMZH3/n6PXJuN0wug773 k3xJL3Bi/dfvWg3ZomQmzRe2V9bQ1dAGlM/J23+gjyz2NF6MGEz2XJ8Nmr+MmUAO 79Cc7Ds9TBGw6HGZlEsXQlr48QtxqNxUjQeoZrKUpZ3BMp3AefN8o9hPHd6D9b5q Ti1UxVHLy5G1BedJagIi/04aI4GSJjV93fjLtR5nW3A03OreCk97hvkeCQ2YNLVa D4aBG3kr/7kvAA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:04:56 2025 by rpki-client