This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json) Hash identifier: H73dg/2llpx7o95F/19l0jl8XCsleHBRWrUVCAqi2zs= Subject key identifier: E7:55:A6:63:B7:A9:D7:89:91:BB:D4:24:BE:85:F3:27:3D:28:BA:78 Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d Certificate serial: 019AF2AD7A9F7BBB3C0B228ECF9D9A9B0178 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 08:00:46 +0000 Manifest this update: Sat 06 Dec 2025 08:00:46 +0000 Manifest next update: Sun 07 Dec 2025 08:00:46 +0000 Files and hashes: 1: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: 4INo7lceHSnV3ORibFCtVQsJH/FmxyA+vlocb3pTMfw=) 2: _qAUmpmDNefd9UH0oGsDdu0Dm10.roa (hash: dhnP4xuQumbVUsoW5XRDL/9RukaAPXCZivf9aCXaQyU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:7a:9f:7b:bb:3c:0b:22:8e:cf:9d:9a:9b:01:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d Validity Not Before: Dec 6 08:00:46 2025 GMT Not After : Dec 7 08:00:46 2025 GMT Subject: CN=e755a663b7a9d78991bbd424be85f3273d28ba78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:b8:91:c2:2e:ca:17:2b:20:fd:e8:12:a9:cf: e3:23:7b:4d:7b:7a:d8:a4:71:03:56:3b:5b:22:38: 92:53:20:ad:b9:41:6b:95:dd:a0:fb:8c:9a:f1:81: 49:08:56:73:11:e5:ef:e8:d0:7d:29:cc:15:16:79: 27:f8:86:26:79:42:5b:5f:3b:18:1c:69:42:08:92: bd:e4:89:4d:43:ba:fc:e9:7f:35:11:1e:ba:cd:bb: a0:48:8b:62:b3:a2:49:48:71:40:29:3f:cd:0a:3a: 60:92:15:b9:80:20:d2:b7:83:95:dd:5c:e4:68:b0: 77:1b:5b:e0:1b:74:d8:db:f3:53:fa:ac:92:83:e3: 64:e8:e3:f7:d8:43:34:f4:73:3c:5b:fa:50:ac:34: 46:c3:c2:86:c3:86:ed:78:8b:c4:10:a5:b5:e5:11: 34:9f:34:1b:49:37:6b:b2:ab:03:71:36:86:7b:df: be:fe:f2:cc:7d:fa:29:a8:49:ff:48:b1:ec:50:1c: 6a:90:73:10:1e:59:5f:69:3c:a5:07:da:90:20:35: 7b:3c:ed:f4:a3:be:02:bf:79:62:48:13:89:b2:d7: fc:12:f0:c7:79:be:d1:ca:af:3e:b4:57:b6:52:94: ea:3d:db:cf:ff:0c:fb:58:6b:0a:d3:a5:16:d9:07: 02:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:55:A6:63:B7:A9:D7:89:91:BB:D4:24:BE:85:F3:27:3D:28:BA:78 X509v3 Authority Key Identifier: keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:65:81:e1:c0:96:c2:5f:1e:86:ad:9e:85:07:3c:71:6d:00: ee:9e:82:3e:e5:c5:c7:b8:3b:da:ed:07:41:41:10:4d:c1:8c: 4d:7c:44:d1:3b:b5:19:00:a7:2f:a6:cc:49:a0:37:ff:6b:9e: de:81:4a:11:4b:ff:e6:e2:e5:1c:27:16:ed:95:b0:28:d0:a4: 32:1c:86:03:8b:68:92:10:ce:66:4b:7a:65:45:b8:bc:82:8c: a8:2c:16:49:f4:41:d6:94:b2:b9:04:54:f3:62:f9:23:3c:d4: 47:17:72:69:ea:9c:54:6a:bb:85:a9:91:60:20:e4:fd:cd:86: 23:06:45:b6:63:23:57:fe:b3:fb:dc:e6:f2:8e:d0:bb:c6:23: 48:40:9a:e3:37:4c:c3:7b:7a:02:4a:47:38:2e:15:e8:b6:81: 00:11:d4:f9:5d:e9:31:46:35:8e:7a:fb:a8:cc:8f:25:be:18: 14:5c:37:5d:63:85:6e:e4:09:a9:ff:90:22:0b:a9:4b:b5:65: 6b:e3:15:1f:ad:14:82:f6:b4:d5:bf:a2:b7:cb:32:67:55:30: fa:c7:b1:2b:35:cb:7f:ac:92:b2:57:80:27:f9:4b:1b:e9:e4: 56:78:db:62:4d:75:39:db:41:b2:1b:48:bc:81:81:e9:94:1a: ce:06:09:f8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrXqfe7s8CyKOz52amwF4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm MWRhMWQwHhcNMjUxMjA2MDgwMDQ2WhcNMjUxMjA3MDgwMDQ2WjAzMTEwLwYDVQQD EyhlNzU1YTY2M2I3YTlkNzg5OTFiYmQ0MjRiZTg1ZjMyNzNkMjhiYTc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbiRwi7KFysg/egSqc/jI3tNe3rY pHEDVjtbIjiSUyCtuUFrld2g+4ya8YFJCFZzEeXv6NB9KcwVFnkn+IYmeUJbXzsY HGlCCJK95IlNQ7r86X81ER66zbugSItis6JJSHFAKT/NCjpgkhW5gCDSt4OV3Vzk aLB3G1vgG3TY2/NT+qySg+Nk6OP32EM09HM8W/pQrDRGw8KGw4bteIvEEKW15RE0 nzQbSTdrsqsDcTaGe9++/vLMffopqEn/SLHsUBxqkHMQHllfaTylB9qQIDV7PO30 o74Cv3liSBOJstf8EvDHeb7Ryq8+tFe2UpTqPdvP/wz7WGsK06UW2QcC+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOdVpmO3qdeJkbvUJL6F8yc9KLp4MB8GA1UdIwQY MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1 LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC2WB4cCW wl8ehq2ehQc8cW0A7p6CPuXFx7g72u0HQUEQTcGMTXxE0Tu1GQCnL6bMSaA3/2ue 3oFKEUv/5uLlHCcW7ZWwKNCkMhyGA4tokhDOZkt6ZUW4vIKMqCwWSfRB1pSyuQRU 82L5IzzURxdyaeqcVGq7hamRYCDk/c2GIwZFtmMjV/6z+9zm8o7Qu8YjSECa4zdM w3t6AkpHOC4V6LaBABHU+V3pMUY1jnr7qMyPJb4YFFw3XWOFbuQJqf+QIgupS7Vl a+MVH60Ugva01b+it8syZ1Uw+sexKzXLf6ySsleAJ/lLG+nkVnjbYk11OdtBshtI vIGB6ZQazgYJ+A== -----END CERTIFICATE-----Generated at Sat Dec 6 10:56:11 2025 by rpki-client