This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft File: 0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft (raw, json) Hash identifier: gSZ+gfaoA1QxuMHs3JEo/8Bt57d7yF9JdmzP9uZmFkU= Subject key identifier: D4:4D:87:04:C7:D6:20:B0:E5:9F:B9:4E:52:13:BA:A4:72:16:3E:92 Authority key identifier: D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0 Certificate issuer: /CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0 Certificate serial: 019AF20968279EB4C50BDE7439937D9D0AAA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft Manifest number: 0CE4 Signing time: Sat 06 Dec 2025 05:01:33 +0000 Manifest this update: Sat 06 Dec 2025 05:01:33 +0000 Manifest next update: Sun 07 Dec 2025 05:01:33 +0000 Files and hashes: 1: 0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl (hash: 3bvvrSGbuEvEaGqFAC7y4t/mowJG6TjYA5mmmJepTKM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:68:27:9e:b4:c5:0b:de:74:39:93:7d:9d:0a:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0 Validity Not Before: Dec 6 05:01:33 2025 GMT Not After : Dec 7 05:01:33 2025 GMT Subject: CN=d44d8704c7d620b0e59fb94e5213baa472163e92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:51:87:64:0a:b1:91:2f:11:d5:30:2f:26:e6: 88:19:50:97:bf:0a:fb:93:8b:6c:97:6c:8c:74:31: 4e:2c:68:05:b5:35:99:ea:ba:0e:cf:bc:ee:0b:eb: b6:4f:8b:90:39:91:89:a8:9c:ce:20:c1:a6:eb:8c: 1e:01:86:b7:5a:f2:d4:10:1e:02:0f:b1:4d:6b:ed: 2d:d9:68:55:12:fd:2d:de:f0:c4:ed:73:bc:46:af: 84:fd:11:8b:44:1b:11:6f:30:15:57:15:eb:99:6c: 3d:58:f7:00:f4:91:0b:88:b6:bb:a1:bb:a3:19:6e: b8:c7:38:a9:60:a1:14:1d:2e:90:c1:30:98:45:44: 49:91:b1:a0:5a:ed:f2:51:fc:6d:8c:0b:6c:34:03: f6:1e:d1:30:79:14:d9:10:ff:5f:5d:61:fa:87:6b: d6:b2:1a:5a:8b:93:36:49:71:cd:e1:c9:a1:d3:f9: d4:bd:82:05:0a:d8:4a:b1:2b:7a:92:21:b1:49:26: 3d:cd:c9:96:49:8c:fd:3b:12:25:0e:bd:4c:b2:8f: 2f:e1:58:68:37:c4:56:35:6f:12:73:e7:23:ea:b2: 82:b5:c4:a7:e5:44:fc:f5:06:e3:88:43:ca:56:f5: d7:fa:99:79:0f:1e:09:cb:1d:f2:3a:b7:14:d9:69: 95:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:4D:87:04:C7:D6:20:B0:E5:9F:B9:4E:52:13:BA:A4:72:16:3E:92 X509v3 Authority Key Identifier: keyid:D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:f6:46:f9:74:f6:51:67:0d:d1:0e:b5:cc:68:5e:0a:33:5c: 8b:89:e7:a1:05:0a:35:54:21:f8:6c:cb:17:aa:74:99:af:c6: d3:8c:9c:2e:eb:34:96:14:06:55:0f:77:9c:96:b1:9c:82:dc: 63:29:45:55:dc:06:43:67:52:62:00:1d:78:47:ae:e2:30:7e: a5:ac:d5:84:82:dd:e0:3c:86:80:cc:46:a3:5a:a4:6c:eb:82: 4b:2c:04:e8:df:c0:6b:de:42:4e:5c:5d:3c:88:b5:a3:9e:3d: 95:30:6e:32:07:d6:09:96:ae:26:57:74:f4:ad:dd:61:71:a8: 41:70:b6:6e:fc:14:1b:9e:1d:33:32:97:3e:d2:17:49:9f:60: 8b:44:9b:2f:dd:34:4a:5f:94:5b:cf:92:48:4e:71:5c:d3:2e: c5:ec:f7:1c:bf:52:bf:4f:a0:cc:28:c7:5f:0b:a1:87:be:11: 85:1b:b1:c3:eb:b0:dd:83:bf:3b:f9:88:3d:b0:d9:9e:10:cc: 7f:e5:68:2e:a5:f8:f2:18:52:d7:95:d1:46:e2:aa:5d:f7:2b: 1b:f0:fc:f3:15:40:1d:63:ed:ae:fb:fb:e2:d0:cd:6a:b5:84: 74:69:19:1a:77:03:0d:1a:d3:32:90:45:b9:50:d7:85:31:b2: 60:31:df:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCWgnnrTFC950OZN9nQqqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzMDk4ZTVlMjBkNzhmOTRlNjk2YzEzNzJiNTYyM2ZmYTcx ZDk0ZDAwHhcNMjUxMjA2MDUwMTMzWhcNMjUxMjA3MDUwMTMzWjAzMTEwLwYDVQQD EyhkNDRkODcwNGM3ZDYyMGIwZTU5ZmI5NGU1MjEzYmFhNDcyMTYzZTkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlGHZAqxkS8R1TAvJuaIGVCXvwr7 k4tsl2yMdDFOLGgFtTWZ6roOz7zuC+u2T4uQOZGJqJzOIMGm64weAYa3WvLUEB4C D7FNa+0t2WhVEv0t3vDE7XO8Rq+E/RGLRBsRbzAVVxXrmWw9WPcA9JELiLa7obuj GW64xzipYKEUHS6QwTCYRURJkbGgWu3yUfxtjAtsNAP2HtEweRTZEP9fXWH6h2vW shpai5M2SXHN4cmh0/nUvYIFCthKsSt6kiGxSSY9zcmWSYz9OxIlDr1Mso8v4Vho N8RWNW8Sc+cj6rKCtcSn5UT89QbjiEPKVvXX+pl5Dx4Jyx3yOrcU2WmV1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNRNhwTH1iCw5Z+5TlITuqRyFj6SMB8GA1UdIwQY MBaAFNMJjl4g14+U5pbBNytWI/+nHZTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQt NjE3YTI2MzI3ZTk4LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQtNjE3YTI2MzI3ZTk4 LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASvZG+XT2 UWcN0Q61zGheCjNci4nnoQUKNVQh+GzLF6p0ma/G04ycLus0lhQGVQ93nJaxnILc YylFVdwGQ2dSYgAdeEeu4jB+pazVhILd4DyGgMxGo1qkbOuCSywE6N/Aa95CTlxd PIi1o549lTBuMgfWCZauJld09K3dYXGoQXC2bvwUG54dMzKXPtIXSZ9gi0SbL900 Sl+UW8+SSE5xXNMuxez3HL9Sv0+gzCjHXwuhh74RhRuxw+uw3YO/O/mIPbDZnhDM f+VoLqX48hhS15XRRuKqXfcrG/D88xVAHWPtrvv74tDNarWEdGkZGncDDRrTMpBF uVDXhTGyYDHfBg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:45:59 2025 by rpki-client