This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/d2bbf6-3b69-442e-b490-7e54c32abed8/1/CFeH5l60_NZuM0C2Kt5HygCRnc4.mft File: CFeH5l60_NZuM0C2Kt5HygCRnc4.mft (raw, json) Hash identifier: D1zl1Ys4yhkG77ZNwxsKhuWIF6zZFwNCDrPGFWiL97E= Subject key identifier: AD:B9:51:BF:1E:13:B1:5E:B7:95:D9:92:F8:90:ED:AF:D3:4D:65:D0 Authority key identifier: 08:57:87:E6:5E:B4:FC:D6:6E:33:40:B6:2A:DE:47:CA:00:91:9D:CE Certificate issuer: /CN=085787e65eb4fcd66e3340b62ade47ca00919dce Certificate serial: 019AF2ADB209489BAD1306A31A95946CEEC8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFeH5l60_NZuM0C2Kt5HygCRnc4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/d2bbf6-3b69-442e-b490-7e54c32abed8/1/CFeH5l60_NZuM0C2Kt5HygCRnc4.mft Manifest number: 06D2 Signing time: Sat 06 Dec 2025 08:01:00 +0000 Manifest this update: Sat 06 Dec 2025 08:01:00 +0000 Manifest next update: Sun 07 Dec 2025 08:01:00 +0000 Files and hashes: 1: ADwJyFTnSoqJo76cybY4gze7w-A.roa (hash: ywnZb2Gs7P4sK9InqI7FaEEZlSRwjtQHnM1qlayDDgw=) 2: CFeH5l60_NZuM0C2Kt5HygCRnc4.crl (hash: T+Vc8j6epHxcm4FO8NnVWRFqFFQM1grHdDyWxvSwGPs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/d2bbf6-3b69-442e-b490-7e54c32abed8/1/CFeH5l60_NZuM0C2Kt5HygCRnc4.crl rsync://rpki.ripe.net/repository/DEFAULT/03/d2bbf6-3b69-442e-b490-7e54c32abed8/1/CFeH5l60_NZuM0C2Kt5HygCRnc4.mft rsync://rpki.ripe.net/repository/DEFAULT/CFeH5l60_NZuM0C2Kt5HygCRnc4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:b2:09:48:9b:ad:13:06:a3:1a:95:94:6c:ee:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=085787e65eb4fcd66e3340b62ade47ca00919dce Validity Not Before: Dec 6 08:01:00 2025 GMT Not After : Dec 7 08:01:00 2025 GMT Subject: CN=adb951bf1e13b15eb795d992f890edafd34d65d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:53:8a:09:4a:e0:23:c8:eb:c2:06:09:48:8b: f3:a3:17:fe:59:00:74:7b:8f:9d:21:4f:4b:a2:b8: fc:d9:5a:62:8b:95:b8:ae:be:5a:c4:da:b7:68:b4: 8c:d7:9e:3c:6d:14:bd:06:7a:c7:70:17:9d:1a:98: 1c:4b:0f:b3:13:6e:3c:d3:1b:da:82:73:a0:06:00: d4:80:8c:05:c3:2d:c9:94:4f:2b:a3:ad:e6:75:67: e4:b6:03:d6:39:e4:73:fc:23:a0:49:53:30:f7:79: 3e:d1:1b:4f:61:ea:39:9f:c4:8f:ff:6c:82:2b:4d: 0a:ec:69:f2:21:6d:15:4d:9a:a0:6d:a2:a3:89:68: 6a:41:8f:8f:fe:4c:bb:21:87:7b:c1:e4:eb:fa:a9: dc:85:e0:a3:6d:b5:b8:56:76:da:de:12:c8:14:ba: 78:6b:4b:fe:e7:06:d7:cb:1b:cf:4c:5a:ab:bb:24: e4:a9:9a:cc:7c:8e:7f:1b:7a:6c:53:a4:8b:98:6f: a4:53:e0:55:0e:f2:38:63:90:1e:88:0b:82:1a:2d: d5:c2:fc:7b:58:50:7d:92:2e:10:2a:13:c3:25:01: e4:94:80:2e:dd:cb:3c:6b:54:59:6f:bd:37:a7:fd: 76:7a:93:c5:a9:dc:a8:39:b0:1c:26:32:49:f3:b7: 2c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:B9:51:BF:1E:13:B1:5E:B7:95:D9:92:F8:90:ED:AF:D3:4D:65:D0 X509v3 Authority Key Identifier: keyid:08:57:87:E6:5E:B4:FC:D6:6E:33:40:B6:2A:DE:47:CA:00:91:9D:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFeH5l60_NZuM0C2Kt5HygCRnc4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d2bbf6-3b69-442e-b490-7e54c32abed8/1/CFeH5l60_NZuM0C2Kt5HygCRnc4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d2bbf6-3b69-442e-b490-7e54c32abed8/1/CFeH5l60_NZuM0C2Kt5HygCRnc4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:63:dd:99:ce:f1:39:dc:bc:94:21:ce:d1:01:57:04:2c:09: 10:b5:fd:a8:24:7b:08:35:29:d2:07:c1:3a:c0:a2:a1:65:80: e5:d7:33:18:1a:49:5d:62:3f:c3:8c:52:5b:c3:c1:87:ed:db: fa:8d:76:31:94:e2:ae:63:59:07:ad:d8:5c:bb:b6:06:39:e9: 53:cb:fd:05:b2:bd:6e:61:a9:21:57:67:2f:1d:f7:7f:52:14: 68:26:99:35:c1:35:b5:df:1e:85:6b:6f:22:28:a8:c2:b7:de: bc:01:1f:7b:21:de:e7:a2:35:da:d8:36:77:9f:42:e7:8b:a9: 2e:b5:a6:df:9d:94:da:8c:b5:24:00:f9:89:4f:ef:33:1a:cf: d6:a6:82:84:41:33:64:22:9e:85:9a:cc:22:d1:9b:57:ae:99: fd:e7:d3:a3:11:3e:09:ff:9a:7e:db:cc:cb:d5:49:d0:54:51: a2:ce:aa:e7:4c:f2:60:b2:44:ea:72:39:cb:a3:48:0c:cc:50: d5:7c:9b:36:c6:dd:7a:76:cc:f9:d5:fa:74:f3:d8:c4:20:c5: f7:d1:51:79:c7:6a:83:53:06:fc:44:99:bb:2e:23:65:99:a8: 82:1d:23:89:46:a4:18:31:7c:40:4b:08:4d:1b:e0:71:58:8f: cf:16:e9:0d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrbIJSJutEwajGpWUbO7IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NTc4N2U2NWViNGZjZDY2ZTMzNDBiNjJhZGU0N2NhMDA5 MTlkY2UwHhcNMjUxMjA2MDgwMTAwWhcNMjUxMjA3MDgwMTAwWjAzMTEwLwYDVQQD EyhhZGI5NTFiZjFlMTNiMTVlYjc5NWQ5OTJmODkwZWRhZmQzNGQ2NWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1OKCUrgI8jrwgYJSIvzoxf+WQB0 e4+dIU9Lorj82Vpii5W4rr5axNq3aLSM1548bRS9BnrHcBedGpgcSw+zE2480xva gnOgBgDUgIwFwy3JlE8ro63mdWfktgPWOeRz/COgSVMw93k+0RtPYeo5n8SP/2yC K00K7GnyIW0VTZqgbaKjiWhqQY+P/ky7IYd7weTr+qncheCjbbW4Vnba3hLIFLp4 a0v+5wbXyxvPTFqruyTkqZrMfI5/G3psU6SLmG+kU+BVDvI4Y5AeiAuCGi3Vwvx7 WFB9ki4QKhPDJQHklIAu3cs8a1RZb703p/12epPFqdyoObAcJjJJ87csKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK25Ub8eE7Fet5XZkviQ7a/TTWXQMB8GA1UdIwQY MBaAFAhXh+ZetPzWbjNAtireR8oAkZ3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0ZlSDVsNjBfTlp1TTBDMkt0NUh5Z0NSbmM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kMmJiZjYtM2I2OS00NDJlLWI0OTAt N2U1NGMzMmFiZWQ4LzEvQ0ZlSDVsNjBfTlp1TTBDMkt0NUh5Z0NSbmM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9kMmJiZjYtM2I2OS00NDJlLWI0OTAtN2U1NGMzMmFiZWQ4 LzEvQ0ZlSDVsNjBfTlp1TTBDMkt0NUh5Z0NSbmM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUmPdmc7x Ody8lCHO0QFXBCwJELX9qCR7CDUp0gfBOsCioWWA5dczGBpJXWI/w4xSW8PBh+3b +o12MZTirmNZB63YXLu2BjnpU8v9BbK9bmGpIVdnLx33f1IUaCaZNcE1td8ehWtv IiiowrfevAEfeyHe56I12tg2d59C54upLrWm352U2oy1JAD5iU/vMxrP1qaChEEz ZCKehZrMItGbV66Z/efToxE+Cf+aftvMy9VJ0FRRos6q50zyYLJE6nI5y6NIDMxQ 1XybNsbdenbM+dX6dPPYxCDF99FRecdqg1MG/ESZuy4jZZmogh0jiUakGDF8QEsI TRvgcViPzxbpDQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:59:35 2025 by rpki-client