This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft File: 0wUa-GYelCUtF1k103l-nsos2Aw.mft (raw, json) Hash identifier: bgBhwbVr5ZP6k347FWgg29Dzr0YJZl2g/6D42CB6l0U= Subject key identifier: 5D:C1:F6:24:00:0A:76:3A:36:36:BA:9D:A5:DC:8B:70:CB:61:5E:61 Authority key identifier: D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C Certificate issuer: /CN=d3051af8661e94252d175935d3797e9eca2cd80c Certificate serial: 019AF389FF550111F5C808290ED49DFB7F1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft Manifest number: 10CA Signing time: Sat 06 Dec 2025 12:01:38 +0000 Manifest this update: Sat 06 Dec 2025 12:01:38 +0000 Manifest next update: Sun 07 Dec 2025 12:01:38 +0000 Files and hashes: 1: 0wUa-GYelCUtF1k103l-nsos2Aw.crl (hash: DP1GRCmmpgKVTzJ2dlj17p6eA+OA/C+7fKh8lJw+CJ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:ff:55:01:11:f5:c8:08:29:0e:d4:9d:fb:7f:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3051af8661e94252d175935d3797e9eca2cd80c Validity Not Before: Dec 6 12:01:38 2025 GMT Not After : Dec 7 12:01:38 2025 GMT Subject: CN=5dc1f624000a763a3636ba9da5dc8b70cb615e61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3a:98:20:af:65:c1:9a:b1:d1:6e:b9:82:7b: 7a:73:24:d6:73:7a:4a:a9:cb:f6:8e:ad:26:7c:b9: 0f:11:f6:26:3b:43:1b:e7:57:21:17:14:47:a4:4e: a4:55:fe:56:ad:e6:c1:0c:26:d3:8f:d1:6e:cc:2c: b4:a9:58:d6:89:ed:2a:39:37:77:b4:a0:41:79:d3: 4d:99:6d:2d:9f:7e:dd:8d:84:f1:e2:f0:c2:11:85: ca:9f:c9:db:f8:0d:57:a4:fc:a3:10:cd:5a:c2:64: 7a:d0:4a:ee:1e:b1:72:95:2b:18:0e:9c:bf:f6:07: 97:85:d1:0f:4d:39:7b:e8:d5:b8:5a:56:24:eb:14: 77:0e:0d:5f:22:b3:47:ca:16:9e:6c:16:fd:27:19: a5:77:95:8b:0c:7b:3a:1a:c6:b2:bc:b5:9f:f7:8c: 4b:eb:7a:aa:ec:38:2a:03:5d:67:ef:c1:3f:d5:cd: 22:0d:3e:c2:6a:5a:ee:ef:1d:4a:05:65:b4:ff:b8: 2e:5a:f5:b9:e1:77:8d:b7:f7:f9:d2:0d:5b:74:fc: 00:d9:3b:b8:bf:43:bb:a3:f4:1b:03:ca:fa:03:5b: 94:ec:1d:67:7a:58:50:18:7a:4a:e3:39:57:7f:ec: 97:20:e2:ba:5f:99:db:23:d5:f0:a2:b5:19:4a:86: 68:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:C1:F6:24:00:0A:76:3A:36:36:BA:9D:A5:DC:8B:70:CB:61:5E:61 X509v3 Authority Key Identifier: keyid:D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:75:3d:1c:b6:a6:05:0d:0f:47:02:c7:b3:fa:f1:82:28:e0: 7a:1e:13:69:db:1b:79:e8:92:94:fd:64:3c:b9:79:bf:59:72: 47:41:a4:3d:dd:90:ed:0d:74:2c:03:ea:3f:59:8b:0e:55:a7: 90:00:f1:e2:b6:c4:e3:22:49:fe:d9:f5:e2:94:bd:c6:dd:8a: 80:da:72:18:31:60:cd:2f:34:f8:5b:3c:f8:95:db:84:bb:dd: e8:8b:ca:8c:b1:0f:6d:ec:40:b5:06:f8:d1:07:0c:02:c0:e4: 90:c7:94:ce:73:7b:66:84:18:03:9b:76:3a:6b:54:92:25:a3: e7:e4:e4:cb:0f:65:d8:7c:c7:85:94:be:de:37:13:16:a3:ea: 0f:4d:c2:4b:87:4c:6d:06:80:09:ea:ed:55:25:69:e7:85:1c: fc:92:35:15:eb:82:fb:7e:13:14:6d:fc:2b:61:88:8a:bb:c5: 35:bf:51:ae:b7:b0:03:1b:d6:75:ca:d6:40:33:c4:69:6d:cf: 1b:c9:46:c6:28:07:03:dc:f8:23:0e:42:b1:a1:df:d7:95:db: be:84:36:35:f1:f6:17:ad:26:6e:6f:47:38:e6:58:b2:99:d7: d3:6d:33:b4:aa:bf:d4:e7:fa:48:05:ea:39:93:34:33:cd:1f: 2b:8d:f8:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzif9VARH1yAgpDtSd+38bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzMDUxYWY4NjYxZTk0MjUyZDE3NTkzNWQzNzk3ZTllY2Ey Y2Q4MGMwHhcNMjUxMjA2MTIwMTM4WhcNMjUxMjA3MTIwMTM4WjAzMTEwLwYDVQQD Eyg1ZGMxZjYyNDAwMGE3NjNhMzYzNmJhOWRhNWRjOGI3MGNiNjE1ZTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTqYIK9lwZqx0W65gnt6cyTWc3pK qcv2jq0mfLkPEfYmO0Mb51chFxRHpE6kVf5WrebBDCbTj9FuzCy0qVjWie0qOTd3 tKBBedNNmW0tn37djYTx4vDCEYXKn8nb+A1XpPyjEM1awmR60EruHrFylSsYDpy/ 9geXhdEPTTl76NW4WlYk6xR3Dg1fIrNHyhaebBb9Jxmld5WLDHs6GsayvLWf94xL 63qq7DgqA11n78E/1c0iDT7Calru7x1KBWW0/7guWvW54XeNt/f50g1bdPwA2Tu4 v0O7o/QbA8r6A1uU7B1nelhQGHpK4zlXf+yXIOK6X5nbI9XworUZSoZo6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF3B9iQACnY6Nja6naXci3DLYV5hMB8GA1UdIwQY MBaAFNMFGvhmHpQlLRdZNdN5fp7KLNgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEt YzI2YzNlMjNiYWY2LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEtYzI2YzNlMjNiYWY2 LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwHU9HLam BQ0PRwLHs/rxgijgeh4TadsbeeiSlP1kPLl5v1lyR0GkPd2Q7Q10LAPqP1mLDlWn kADx4rbE4yJJ/tn14pS9xt2KgNpyGDFgzS80+Fs8+JXbhLvd6IvKjLEPbexAtQb4 0QcMAsDkkMeUznN7ZoQYA5t2OmtUkiWj5+Tkyw9l2HzHhZS+3jcTFqPqD03CS4dM bQaACertVSVp54Uc/JI1FeuC+34TFG38K2GIirvFNb9RrrewAxvWdcrWQDPEaW3P G8lGxigHA9z4Iw5CsaHf15XbvoQ2NfH2F60mbm9HOOZYspnX020ztKq/1Of6SAXq OZM0M80fK4346g== -----END CERTIFICATE-----Generated at Sat Dec 6 19:20:13 2025 by rpki-client