This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft File: CWnLIVY-Ju22r7INHZLok6jduB0.mft (raw, json) Hash identifier: pDCZFfCg/VTH5iGV5MQW7aeF+MI1ZlSt5FeryDmFwZE= Subject key identifier: 0E:9B:C2:41:FE:48:F4:E9:EA:EC:13:09:4B:F1:EB:CF:72:AB:96:E1 Authority key identifier: 09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D Certificate issuer: /CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d Certificate serial: 019AF12EE714FDBA1665264FCF719C1EDF98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft Manifest number: 030E Signing time: Sat 06 Dec 2025 01:02:54 +0000 Manifest this update: Sat 06 Dec 2025 01:02:54 +0000 Manifest next update: Sun 07 Dec 2025 01:02:54 +0000 Files and hashes: 1: CWnLIVY-Ju22r7INHZLok6jduB0.crl (hash: CD5CrFTxGufdkHMSizn+9RC7cv/8t40O4w/QpMp6S0I=) 2: DyBY2wfHB6a4dl33U3SXwgLJDGU.roa (hash: WRQJvvPjJahE1qm/vBTCrYOROs7sZwpvslZhT6hCk+s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:e7:14:fd:ba:16:65:26:4f:cf:71:9c:1e:df:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d Validity Not Before: Dec 6 01:02:54 2025 GMT Not After : Dec 7 01:02:54 2025 GMT Subject: CN=0e9bc241fe48f4e9eaec13094bf1ebcf72ab96e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:d2:66:d6:e1:ec:e3:75:19:19:c4:ec:d7:9c: fc:19:56:d1:3c:0f:fe:e5:de:f4:49:d9:71:d5:af: c5:27:cf:c5:0d:12:31:8b:3b:86:d1:28:71:e3:54: e5:af:5d:59:c1:0e:e9:87:a2:12:d8:c2:3a:65:8e: b0:22:2e:cb:e0:ed:50:06:0e:9a:8a:2f:3f:96:92: 12:d2:d2:34:be:99:b4:f5:9a:b2:48:e9:a9:ce:be: 76:c8:65:0c:4e:79:65:c2:f9:70:3c:24:dd:15:87: 67:f7:9e:b8:56:30:6e:d4:44:47:bc:6c:07:b2:89: 77:68:cf:3c:55:ac:4e:1e:2d:a9:84:ee:50:80:ca: 01:14:af:e9:1c:e3:46:60:fd:6f:d8:82:ac:d0:f4: b8:71:73:43:ae:53:0a:b3:3b:63:59:d3:51:41:21: 62:d7:1d:c8:a2:82:34:3c:78:87:95:51:63:2d:80: b0:da:54:a3:42:08:79:7e:58:cd:3a:15:94:9d:e8: 0e:82:f8:a1:52:a1:5a:69:74:c8:33:ab:36:55:16: 90:a2:5d:e8:36:74:8d:a2:03:4c:e0:60:93:d6:00: 86:db:70:c5:ff:f0:3b:e9:f9:19:0d:49:16:8b:de: f3:c5:dc:3b:c3:62:10:f0:ae:01:c6:d6:cf:4b:3c: 79:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:9B:C2:41:FE:48:F4:E9:EA:EC:13:09:4B:F1:EB:CF:72:AB:96:E1 X509v3 Authority Key Identifier: keyid:09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:09:80:07:e1:24:ce:eb:a6:80:c8:35:46:1d:3f:90:12:1a: 08:40:c0:5d:99:0b:c8:43:dd:49:15:77:34:14:fe:4a:8e:cc: 99:76:fd:ef:20:d1:48:34:73:61:53:6e:05:2a:e0:99:00:cc: 97:5d:22:08:d2:c1:10:d6:b2:f3:8b:d7:9a:88:fa:ee:4d:6e: a9:c2:8d:14:bc:f0:15:fb:48:f0:7c:fe:b1:a9:69:fa:1c:17: fa:ae:8d:2b:ae:41:cc:d2:9b:c5:2d:34:6d:ac:6e:1b:81:1e: a1:94:c1:6e:74:a4:3d:f8:cc:50:a2:39:c9:eb:e2:37:c6:16: fe:4f:f0:cf:4d:2b:44:e6:40:67:8e:75:60:23:17:82:39:8e: 2d:51:dc:bf:3c:aa:40:7e:2b:9d:38:22:52:24:a6:44:b5:30: 10:ee:16:78:b6:83:0f:ce:33:64:98:1e:82:4b:76:3f:f6:0c: e1:52:81:fc:c1:f8:eb:06:84:f0:22:44:1d:08:6d:96:7c:fa: 8b:31:1f:20:be:90:84:96:d8:79:58:63:f4:98:b0:b7:05:81: 50:60:39:5e:56:f1:5b:b5:28:64:c0:aa:15:ad:eb:d6:40:0c: ed:83:f9:24:3d:b2:aa:b4:1c:43:cd:19:90:2c:aa:f0:18:11: d5:9d:15:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLucU/boWZSZPz3GcHt+YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NjljYjIxNTYzZTI2ZWRiNmFmYjIwZDFkOTJlODkzYThk ZGI4MWQwHhcNMjUxMjA2MDEwMjU0WhcNMjUxMjA3MDEwMjU0WjAzMTEwLwYDVQQD EygwZTliYzI0MWZlNDhmNGU5ZWFlYzEzMDk0YmYxZWJjZjcyYWI5NmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tJm1uHs43UZGcTs15z8GVbRPA/+ 5d70Sdlx1a/FJ8/FDRIxizuG0Shx41Tlr11ZwQ7ph6IS2MI6ZY6wIi7L4O1QBg6a ii8/lpIS0tI0vpm09ZqySOmpzr52yGUMTnllwvlwPCTdFYdn9564VjBu1ERHvGwH sol3aM88VaxOHi2phO5QgMoBFK/pHONGYP1v2IKs0PS4cXNDrlMKsztjWdNRQSFi 1x3IooI0PHiHlVFjLYCw2lSjQgh5fljNOhWUnegOgvihUqFaaXTIM6s2VRaQol3o NnSNogNM4GCT1gCG23DF//A76fkZDUkWi97zxdw7w2IQ8K4BxtbPSzx5LQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA6bwkH+SPTp6uwTCUvx689yq5bhMB8GA1UdIwQY MBaAFAlpyyFWPibttq+yDR2S6JOo3bgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQt MzYwMGQwMmE2ZjBlLzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQtMzYwMGQwMmE2ZjBl LzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAewmAB+Ek zuumgMg1Rh0/kBIaCEDAXZkLyEPdSRV3NBT+So7MmXb97yDRSDRzYVNuBSrgmQDM l10iCNLBENay84vXmoj67k1uqcKNFLzwFftI8Hz+salp+hwX+q6NK65BzNKbxS00 baxuG4EeoZTBbnSkPfjMUKI5yeviN8YW/k/wz00rROZAZ451YCMXgjmOLVHcvzyq QH4rnTgiUiSmRLUwEO4WeLaDD84zZJgegkt2P/YM4VKB/MH46waE8CJEHQhtlnz6 izEfIL6QhJbYeVhj9JiwtwWBUGA5XlbxW7UoZMCqFa3r1kAM7YP5JD2yqrQcQ80Z kCyq8BgR1Z0V4w== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:06 2025 by rpki-client