This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft File: rwlQP8rAF2lRWhny3CZX2S_TUN8.mft (raw, json) Hash identifier: id5/EENx4SNHKwS2BE22LPFoZY6JvdH30y9X8tlEAPw= Subject key identifier: 8B:A7:30:A5:49:75:46:8E:5F:05:A0:2E:1A:AE:3F:37:81:17:ED:3B Authority key identifier: AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF Certificate issuer: /CN=af09503fcac01769515a19f2dc2657d92fd350df Certificate serial: 019AF389E9B182D95BFF8B8BCA27EB593461 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft Manifest number: 16F5 Signing time: Sat 06 Dec 2025 12:01:32 +0000 Manifest this update: Sat 06 Dec 2025 12:01:32 +0000 Manifest next update: Sun 07 Dec 2025 12:01:32 +0000 Files and hashes: 1: bI5hqVT8m0qS2JmySaAVyieiKDc.roa (hash: Ur47592mLsTtDVQWZDc8e3eMtHnqyDHoxs3kpjL/ez4=) 2: rwlQP8rAF2lRWhny3CZX2S_TUN8.crl (hash: sbJT5EbGlojh8YQDUdEZZfPxnBy9RxRHJq0OI5zGNq0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:e9:b1:82:d9:5b:ff:8b:8b:ca:27:eb:59:34:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af09503fcac01769515a19f2dc2657d92fd350df Validity Not Before: Dec 6 12:01:32 2025 GMT Not After : Dec 7 12:01:32 2025 GMT Subject: CN=8ba730a54975468e5f05a02e1aae3f378117ed3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:47:ae:70:d7:55:a6:97:ab:66:57:c5:e1:36: 40:64:35:bf:7d:82:ce:38:25:ee:83:13:c4:a4:38: 81:9b:b4:4d:cc:51:83:a1:23:a1:66:c0:43:06:98: 4b:2e:5e:d5:d2:26:84:4a:9c:42:3f:51:dd:a8:ff: 8d:b8:ae:2e:08:f6:f1:bf:a0:7a:72:05:9f:f6:82: 6d:d2:0d:7c:7f:26:e9:ad:dd:20:6e:6d:93:95:37: 71:17:c4:72:9a:b4:87:6c:52:72:a6:3b:17:a9:d6: cd:cb:67:cf:2a:68:01:55:37:31:b0:fc:73:1e:d5: 4c:b5:ef:e9:cf:5b:49:de:f8:75:06:46:30:17:60: 33:50:e5:1d:88:4b:50:1f:55:6d:13:ca:65:04:e7: ed:82:81:8c:c7:6a:45:54:42:c0:b5:9a:08:2a:b8: 25:9f:28:ff:51:5f:7c:1f:3c:f3:c6:91:ef:b7:66: 46:ef:0b:4a:84:04:19:ef:8f:89:f1:f2:90:e9:04: de:52:29:0d:78:cc:7e:6c:06:03:b3:9c:8e:86:ed: 8b:88:fd:fe:a9:d3:16:17:d4:2d:a6:6d:22:11:97: 21:5c:bd:4e:3c:a0:94:3d:79:50:99:4c:2c:38:4c: dd:23:ca:53:68:ad:89:c2:5c:d4:0d:3a:5d:a1:ba: 1e:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:A7:30:A5:49:75:46:8E:5F:05:A0:2E:1A:AE:3F:37:81:17:ED:3B X509v3 Authority Key Identifier: keyid:AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:bf:1e:cf:67:bc:68:e4:68:49:4e:ce:83:b5:ab:bd:8f:7e: f1:29:a5:d3:27:ee:46:cd:5a:a2:91:1c:f9:85:f2:74:ce:a0: 16:b6:ba:09:d3:dd:42:ab:67:c0:63:3f:b3:b4:99:7b:24:27: eb:69:53:88:89:ac:22:0c:5a:11:21:ab:a5:6a:c3:5e:4b:95: a9:a9:21:e2:73:93:7a:92:32:9c:cd:e0:87:47:a6:b8:08:fa: c7:c5:6f:a2:3c:6e:b2:23:ee:a2:7b:62:b1:50:9a:4e:2e:ea: f8:1e:b7:cb:e4:5d:f5:10:f6:a3:b7:57:59:da:24:09:45:38: 0e:3a:c9:ec:0b:99:47:ab:ae:ca:a5:62:c0:18:a7:13:0e:aa: 4d:b2:d9:01:e3:01:98:64:0f:dc:e7:a6:73:87:c8:b1:8b:5a: 31:97:b0:00:9a:f7:39:63:4b:09:c2:96:b5:94:ca:ec:6d:7f: 9f:17:92:3b:a8:4d:6b:ff:62:23:5d:15:7c:b5:1d:7d:b5:ef: 0f:22:a0:b9:12:f9:7f:b7:57:92:6a:64:78:5f:66:4e:17:f2: 59:c1:5c:3e:53:68:65:7d:e6:54:45:40:c1:90:6c:6e:1e:2b: 7b:f2:6e:9a:9e:d1:38:c7:74:02:0e:40:74:3e:66:2a:48:fa: 96:b8:97:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziemxgtlb/4uLyifrWTRhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMDk1MDNmY2FjMDE3Njk1MTVhMTlmMmRjMjY1N2Q5MmZk MzUwZGYwHhcNMjUxMjA2MTIwMTMyWhcNMjUxMjA3MTIwMTMyWjAzMTEwLwYDVQQD Eyg4YmE3MzBhNTQ5NzU0NjhlNWYwNWEwMmUxYWFlM2YzNzgxMTdlZDNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykeucNdVpperZlfF4TZAZDW/fYLO OCXugxPEpDiBm7RNzFGDoSOhZsBDBphLLl7V0iaESpxCP1HdqP+NuK4uCPbxv6B6 cgWf9oJt0g18fybprd0gbm2TlTdxF8RymrSHbFJypjsXqdbNy2fPKmgBVTcxsPxz HtVMte/pz1tJ3vh1BkYwF2AzUOUdiEtQH1VtE8plBOftgoGMx2pFVELAtZoIKrgl nyj/UV98HzzzxpHvt2ZG7wtKhAQZ74+J8fKQ6QTeUikNeMx+bAYDs5yOhu2LiP3+ qdMWF9Qtpm0iEZchXL1OPKCUPXlQmUwsOEzdI8pTaK2JwlzUDTpdoboe0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIunMKVJdUaOXwWgLhquPzeBF+07MB8GA1UdIwQY MBaAFK8JUD/KwBdpUVoZ8twmV9kv01DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAt MTc1MDJkM2RmOTVmLzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAtMTc1MDJkM2RmOTVm LzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUr8ez2e8 aORoSU7Og7WrvY9+8Sml0yfuRs1aopEc+YXydM6gFra6CdPdQqtnwGM/s7SZeyQn 62lTiImsIgxaESGrpWrDXkuVqakh4nOTepIynM3gh0emuAj6x8VvojxusiPuonti sVCaTi7q+B63y+Rd9RD2o7dXWdokCUU4DjrJ7AuZR6uuyqViwBinEw6qTbLZAeMB mGQP3Oemc4fIsYtaMZewAJr3OWNLCcKWtZTK7G1/nxeSO6hNa/9iI10VfLUdfbXv DyKguRL5f7dXkmpkeF9mThfyWcFcPlNoZX3mVEVAwZBsbh4re/Jump7ROMd0Ag5A dD5mKkj6lriXIQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:49:25 2025 by rpki-client