This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/0ed33a-1f1d-4281-ab39-40890130dd18/1/rmRaywIXx0oP004XpT297lbwEeU.mft File: rmRaywIXx0oP004XpT297lbwEeU.mft (raw, json) Hash identifier: bZfZ78wywYg/Q40dalI7Vynj02zwiI4R/DX5xtlyK7s= Subject key identifier: 95:4A:C3:D1:12:7B:34:C3:BC:1E:1A:67:0A:A9:BC:02:87:78:01:EB Authority key identifier: AE:64:5A:CB:02:17:C7:4A:0F:D3:4E:17:A5:3D:BD:EE:56:F0:11:E5 Certificate issuer: /CN=ae645acb0217c74a0fd34e17a53dbdee56f011e5 Certificate serial: 019AF3F7AD221C769FB1DADA7A11DF1AD173 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rmRaywIXx0oP004XpT297lbwEeU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/0ed33a-1f1d-4281-ab39-40890130dd18/1/rmRaywIXx0oP004XpT297lbwEeU.mft Manifest number: 115A Signing time: Sat 06 Dec 2025 14:01:26 +0000 Manifest this update: Sat 06 Dec 2025 14:01:26 +0000 Manifest next update: Sun 07 Dec 2025 14:01:26 +0000 Files and hashes: 1: 9gPdnlu8pzrUW3Ji0sxUHZw4ZQ4.roa (hash: tZpT15jv998HP7FRsRavbx2dzEDkME8mtW6HPMKG8Zg=) 2: rmRaywIXx0oP004XpT297lbwEeU.crl (hash: 1we0WTzTLBl4P1e3N0JN2yqkYYUX9Q0N9UkNGVWYvTA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/0ed33a-1f1d-4281-ab39-40890130dd18/1/rmRaywIXx0oP004XpT297lbwEeU.crl rsync://rpki.ripe.net/repository/DEFAULT/68/0ed33a-1f1d-4281-ab39-40890130dd18/1/rmRaywIXx0oP004XpT297lbwEeU.mft rsync://rpki.ripe.net/repository/DEFAULT/rmRaywIXx0oP004XpT297lbwEeU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:ad:22:1c:76:9f:b1:da:da:7a:11:df:1a:d1:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae645acb0217c74a0fd34e17a53dbdee56f011e5 Validity Not Before: Dec 6 14:01:26 2025 GMT Not After : Dec 7 14:01:26 2025 GMT Subject: CN=954ac3d1127b34c3bc1e1a670aa9bc02877801eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:61:a5:fa:e9:4a:33:72:f6:13:76:37:7a:8b: 31:66:39:bf:2b:fb:e0:f7:6d:8e:f1:48:0d:5a:ed: c3:18:28:75:1e:f9:58:09:15:06:58:a4:25:e6:23: f1:24:d9:53:bc:41:bf:56:a4:a7:3f:96:64:12:01: 2b:76:3c:4b:1a:63:84:62:13:af:71:3f:95:12:06: 25:86:5b:8b:2c:88:7d:62:0c:d5:34:2f:e8:52:db: 2a:8a:72:36:ee:08:55:c5:72:74:75:ff:ae:65:3c: de:35:96:8e:61:14:3b:55:5d:cb:e8:af:f4:97:ed: 31:08:d3:40:5c:f5:36:37:4a:40:73:03:1a:53:36: 7b:89:17:5e:90:52:62:10:38:ff:a8:ab:1e:9c:6b: fc:b0:26:40:f5:8a:99:a0:06:ca:1c:35:2d:44:7f: 43:cb:80:3a:9d:ed:5e:fd:8e:33:d7:be:6e:0d:eb: 5a:93:d8:1e:65:9f:81:40:20:97:46:dd:a1:92:a1: dd:92:24:ea:97:5d:47:2b:89:7d:3b:dd:72:ce:84: e1:a5:ab:d1:cc:fd:74:e2:24:2e:12:f2:49:44:16: c5:30:77:9a:68:23:aa:80:13:22:31:45:2e:23:da: e2:7f:50:05:99:fc:e2:74:89:d3:4e:59:79:80:6d: 20:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:4A:C3:D1:12:7B:34:C3:BC:1E:1A:67:0A:A9:BC:02:87:78:01:EB X509v3 Authority Key Identifier: keyid:AE:64:5A:CB:02:17:C7:4A:0F:D3:4E:17:A5:3D:BD:EE:56:F0:11:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rmRaywIXx0oP004XpT297lbwEeU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/0ed33a-1f1d-4281-ab39-40890130dd18/1/rmRaywIXx0oP004XpT297lbwEeU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/0ed33a-1f1d-4281-ab39-40890130dd18/1/rmRaywIXx0oP004XpT297lbwEeU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:29:15:84:e0:79:b2:bf:b4:63:75:aa:09:69:98:ca:a4:85: 02:cd:49:39:d7:d5:a9:a9:b1:f4:df:bb:51:90:23:0f:36:2d: b9:ae:29:85:39:12:16:d8:3a:09:d7:46:13:4b:43:99:2b:c3: 1a:f0:0b:4f:f3:a4:45:0f:11:ef:f3:19:32:13:cb:a7:ed:e6: 68:69:13:43:fa:d4:42:24:6e:e1:68:13:f8:a7:e9:d3:78:52: e0:31:1d:27:a6:65:ec:c6:04:55:fc:78:b1:02:c9:62:a0:fd: 44:bc:96:de:9a:1f:64:8e:44:88:4c:00:b1:26:52:b2:81:6f: ed:21:3d:4c:fd:a4:f1:72:72:2a:f4:71:ea:d1:09:02:60:da: a0:32:fb:29:fa:04:61:76:e4:da:20:e2:a7:a1:43:fb:d6:dc: 49:ef:30:30:be:04:11:7c:03:e4:33:e2:95:4b:41:6a:e8:35: 28:c2:3c:fc:1e:39:8b:f9:8d:e7:28:24:17:bf:94:8c:08:66: 38:1f:eb:ad:2e:59:6b:11:65:5a:11:3e:3b:75:06:86:8f:bd: 98:6e:05:69:f2:cd:47:fc:a4:9a:a0:b2:a5:7a:c9:72:94:4c: 8f:18:88:cb:cf:89:e4:f9:e9:e5:09:75:a5:e5:30:17:e2:92: ab:10:3a:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz960iHHafsdraehHfGtFzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlNjQ1YWNiMDIxN2M3NGEwZmQzNGUxN2E1M2RiZGVlNTZm MDExZTUwHhcNMjUxMjA2MTQwMTI2WhcNMjUxMjA3MTQwMTI2WjAzMTEwLwYDVQQD Eyg5NTRhYzNkMTEyN2IzNGMzYmMxZTFhNjcwYWE5YmMwMjg3NzgwMWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWGl+ulKM3L2E3Y3eosxZjm/K/vg 922O8UgNWu3DGCh1HvlYCRUGWKQl5iPxJNlTvEG/VqSnP5ZkEgErdjxLGmOEYhOv cT+VEgYlhluLLIh9YgzVNC/oUtsqinI27ghVxXJ0df+uZTzeNZaOYRQ7VV3L6K/0 l+0xCNNAXPU2N0pAcwMaUzZ7iRdekFJiEDj/qKsenGv8sCZA9YqZoAbKHDUtRH9D y4A6ne1e/Y4z175uDetak9geZZ+BQCCXRt2hkqHdkiTql11HK4l9O91yzoThpavR zP104iQuEvJJRBbFMHeaaCOqgBMiMUUuI9rif1AFmfzidInTTll5gG0gfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJVKw9ESezTDvB4aZwqpvAKHeAHrMB8GA1UdIwQY MBaAFK5kWssCF8dKD9NOF6U9ve5W8BHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcm1SYXl3SVh4MG9QMDA0WHBUMjk3bGJ3RWVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8wZWQzM2EtMWYxZC00MjgxLWFiMzkt NDA4OTAxMzBkZDE4LzEvcm1SYXl3SVh4MG9QMDA0WHBUMjk3bGJ3RWVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8wZWQzM2EtMWYxZC00MjgxLWFiMzktNDA4OTAxMzBkZDE4 LzEvcm1SYXl3SVh4MG9QMDA0WHBUMjk3bGJ3RWVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASCkVhOB5 sr+0Y3WqCWmYyqSFAs1JOdfVqamx9N+7UZAjDzYtua4phTkSFtg6CddGE0tDmSvD GvALT/OkRQ8R7/MZMhPLp+3maGkTQ/rUQiRu4WgT+Kfp03hS4DEdJ6Zl7MYEVfx4 sQLJYqD9RLyW3pofZI5EiEwAsSZSsoFv7SE9TP2k8XJyKvRx6tEJAmDaoDL7KfoE YXbk2iDip6FD+9bcSe8wML4EEXwD5DPilUtBaug1KMI8/B45i/mN5ygkF7+UjAhm OB/rrS5ZaxFlWhE+O3UGho+9mG4FafLNR/ykmqCypXrJcpRMjxiIy8+J5Pnp5Ql1 peUwF+KSqxA6KQ== -----END CERTIFICATE-----Generated at Sat Dec 6 17:46:36 2025 by rpki-client