This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft File: CVAiiQS52-tHkqaXcn42qv2E0uk.mft (raw, json) Hash identifier: UmkGp16AwJUirXnhmTZsGQV7WYeleblReQXeaeSGVgY= Subject key identifier: D9:07:0A:CF:A2:7F:7F:63:95:49:6A:1F:5A:C9:61:FC:40:14:30:78 Authority key identifier: 09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9 Certificate issuer: /CN=0950228904b9dbeb4792a697727e36aafd84d2e9 Certificate serial: 019AF5AEDC0221E7F693235AA192212EB9C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft Manifest number: 0E77 Signing time: Sat 06 Dec 2025 22:01:08 +0000 Manifest this update: Sat 06 Dec 2025 22:01:08 +0000 Manifest next update: Sun 07 Dec 2025 22:01:08 +0000 Files and hashes: 1: CVAiiQS52-tHkqaXcn42qv2E0uk.crl (hash: z7TUymn4w8dYK2EIvU8oZQZI1/bbhilWt3a1usOJeLk=) 2: P2VGtgj0Ve3JifdhxGXEPs8bYHw.roa (hash: krJRUyY9FgbmyjCpGEy7bhvyTA1VoPtEkFekALAvh2k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.crl rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:dc:02:21:e7:f6:93:23:5a:a1:92:21:2e:b9:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0950228904b9dbeb4792a697727e36aafd84d2e9 Validity Not Before: Dec 6 22:01:08 2025 GMT Not After : Dec 7 22:01:08 2025 GMT Subject: CN=d9070acfa27f7f6395496a1f5ac961fc40143078 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:63:c0:8f:29:5c:41:af:82:3c:be:6c:a2:56: d5:b4:40:20:52:40:ae:cb:49:02:db:d7:4a:24:aa: f8:12:37:d9:28:91:b5:7e:0e:bf:60:c6:98:02:3d: 5e:1a:2b:68:1a:eb:5f:f2:49:86:ae:9a:9a:5e:a6: 6a:9f:fa:b0:cc:58:99:5e:b7:74:ba:0b:41:67:e1: 49:6f:cb:fb:82:94:36:df:52:2e:bb:da:44:7b:8c: fa:9e:05:2b:a7:a8:59:8a:35:10:53:26:e8:a9:6f: 32:10:18:5f:2c:eb:21:2f:ae:d1:8d:57:1e:4b:17: 99:55:34:ef:44:70:46:a5:4a:4b:f6:c1:9e:d6:6e: c7:e2:fc:be:04:1b:e1:f3:ce:77:dd:de:0e:cd:3f: 74:eb:50:86:53:fd:da:4d:3a:d9:89:eb:62:10:80: 07:6d:3a:15:fe:59:64:8b:27:8c:e8:e2:c5:fe:72: 80:e0:79:85:a9:b7:90:76:6b:d3:75:bd:94:b3:88: 8e:6d:87:a2:b7:5c:d8:af:16:07:a2:42:f4:96:3c: 05:a1:26:65:9b:1d:b8:9b:f0:c3:a9:e0:56:be:d4: 39:bc:9e:ad:7d:ea:b8:35:6a:91:c8:9a:92:7c:bb: 4e:b1:33:0b:fa:6b:00:27:ae:49:17:0f:5b:85:37: 58:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:07:0A:CF:A2:7F:7F:63:95:49:6A:1F:5A:C9:61:FC:40:14:30:78 X509v3 Authority Key Identifier: keyid:09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:97:9f:66:06:2d:1a:3f:bf:c4:03:29:34:45:76:77:18:2a: b7:05:e6:47:b0:de:fb:03:69:09:84:23:52:e6:cf:6f:7d:ed: 2c:f5:15:8c:3f:6f:ed:34:a9:53:76:0c:b9:d2:22:90:6b:82: 9b:02:d7:52:4b:7b:76:ed:bc:66:df:3a:37:a0:a5:90:86:e1: 9f:5d:f4:3b:0c:eb:7a:dd:22:92:53:05:e2:32:d3:9d:cf:b8: 7f:64:0d:66:23:9c:0c:04:57:ce:1d:bf:b4:7c:86:f1:89:83: 0a:eb:a5:10:43:6a:5c:f8:22:78:3f:e6:39:5c:41:54:ba:c9: 0b:dd:c7:7e:1c:4b:c3:ec:9d:2c:00:2d:c9:44:6e:65:43:d4: fd:45:2e:af:54:a3:0e:2c:99:c1:52:10:4d:10:37:93:18:d9: 3d:58:c9:87:2d:4d:f9:61:ed:b2:88:fc:0c:0f:eb:67:5b:e2: 4b:b8:b1:5e:74:0d:18:42:72:70:4e:a2:3c:90:49:19:92:5c: 0d:86:16:9a:ab:7c:4e:52:a4:ed:cc:b6:95:fd:b2:12:6b:15: 28:ac:6b:fc:b2:41:e9:2f:4d:24:b1:0b:13:ef:c4:8b:03:74: 56:eb:93:c2:72:6c:ca:9f:aa:40:a5:e6:bb:4b:24:16:13:12: f0:b2:5a:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rtwCIef2kyNaoZIhLrnHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NTAyMjg5MDRiOWRiZWI0NzkyYTY5NzcyN2UzNmFhZmQ4 NGQyZTkwHhcNMjUxMjA2MjIwMTA4WhcNMjUxMjA3MjIwMTA4WjAzMTEwLwYDVQQD EyhkOTA3MGFjZmEyN2Y3ZjYzOTU0OTZhMWY1YWM5NjFmYzQwMTQzMDc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2PAjylcQa+CPL5solbVtEAgUkCu y0kC29dKJKr4EjfZKJG1fg6/YMaYAj1eGitoGutf8kmGrpqaXqZqn/qwzFiZXrd0 ugtBZ+FJb8v7gpQ231Iuu9pEe4z6ngUrp6hZijUQUyboqW8yEBhfLOshL67RjVce SxeZVTTvRHBGpUpL9sGe1m7H4vy+BBvh88533d4OzT9061CGU/3aTTrZietiEIAH bToV/llkiyeM6OLF/nKA4HmFqbeQdmvTdb2Us4iObYeit1zYrxYHokL0ljwFoSZl mx24m/DDqeBWvtQ5vJ6tfeq4NWqRyJqSfLtOsTML+msAJ65JFw9bhTdYfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNkHCs+if39jlUlqH1rJYfxAFDB4MB8GA1UdIwQY MBaAFAlQIokEudvrR5Kml3J+Nqr9hNLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQt NjI4MjFjMmMyOTlmLzEvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQtNjI4MjFjMmMyOTlm LzEvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbpefZgYt Gj+/xAMpNEV2dxgqtwXmR7De+wNpCYQjUubPb33tLPUVjD9v7TSpU3YMudIikGuC mwLXUkt7du28Zt86N6ClkIbhn130Owzret0iklMF4jLTnc+4f2QNZiOcDARXzh2/ tHyG8YmDCuulEENqXPgieD/mOVxBVLrJC93HfhxLw+ydLAAtyURuZUPU/UUur1Sj DiyZwVIQTRA3kxjZPVjJhy1N+WHtsoj8DA/rZ1viS7ixXnQNGEJycE6iPJBJGZJc DYYWmqt8TlKk7cy2lf2yEmsVKKxr/LJB6S9NJLELE+/EiwN0VuuTwnJsyp+qQKXm u0skFhMS8LJayA== -----END CERTIFICATE-----Generated at Sun Dec 7 01:09:21 2025 by rpki-client