This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft File: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json) Hash identifier: YYIWleEE4z9FxJNpq0Kps6G13ngWTqMV2nEh+eM/B6w= Subject key identifier: 39:B5:F5:AC:4D:BC:C2:3A:8B:E8:75:F0:FE:30:42:19:1B:2E:8A:DC Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32 Certificate issuer: /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232 Certificate serial: 019B4280157653014E8187712CAC463A31EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft Manifest number: 0E10 Signing time: Sun 21 Dec 2025 20:00:48 +0000 Manifest this update: Sun 21 Dec 2025 20:00:48 +0000 Manifest next update: Mon 22 Dec 2025 20:00:48 +0000 Files and hashes: 1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: kBSCiPViCrN7hKMWloCF6w5E8Kcftd4T+d8ztHhbOjI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 20:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:80:15:76:53:01:4e:81:87:71:2c:ac:46:3a:31:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232 Validity Not Before: Dec 21 20:00:48 2025 GMT Not After : Dec 22 20:00:48 2025 GMT Subject: CN=39b5f5ac4dbcc23a8be875f0fe3042191b2e8adc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:02:b6:6c:26:15:b5:f2:9d:b7:e7:df:3e:f5: d6:8d:81:c5:bf:f3:ce:a3:af:29:db:79:c4:cc:6c: db:85:76:88:14:79:00:e4:2c:1c:4d:8c:6e:10:da: 9a:85:e7:43:01:7a:83:49:3e:fe:31:a1:94:db:fe: 87:0d:3f:d3:fc:2c:3b:b3:20:f2:e9:a6:6c:54:02: b2:05:5a:e1:f7:e2:1c:c9:06:04:e5:89:1b:6d:08: 6b:a8:32:89:ce:54:b1:dd:2d:6c:4a:5a:09:27:19: 2a:9f:99:a2:29:2a:ca:bd:76:27:d2:ba:88:bb:b1: c0:d2:41:ad:88:b6:9a:50:81:4d:23:38:5b:3d:4d: ac:a9:42:14:e0:c9:b1:de:d2:69:fe:37:2e:78:78: 85:b7:28:33:59:05:f0:57:0a:2e:b1:65:4c:27:b2: b2:a7:e1:ea:bb:55:30:15:9c:5e:13:98:e4:eb:03: 73:d5:b2:82:c2:c5:4b:f4:60:33:0c:0c:80:f5:93: 28:6f:c6:b3:52:3e:a6:df:6f:a7:05:4c:b5:ad:8e: 8d:fd:fc:e2:52:f7:d7:da:90:db:53:b3:84:fa:ca: d1:59:c7:85:67:25:98:ac:39:7f:35:09:2c:ba:f3: 4c:e8:de:05:16:6f:39:ba:a6:6e:d9:bc:48:4c:2d: 4b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:B5:F5:AC:4D:BC:C2:3A:8B:E8:75:F0:FE:30:42:19:1B:2E:8A:DC X509v3 Authority Key Identifier: keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:71:2f:1e:5a:d3:52:fc:78:2a:76:8d:16:6e:da:6c:a0:b2: 07:2b:18:ac:c1:80:b3:dd:e1:1a:c5:5f:22:27:c1:18:96:34: b4:c1:43:3c:40:84:45:4d:87:01:1d:2f:c4:2e:dd:c7:b7:54: 82:d2:3b:fb:18:31:f8:9d:7e:4f:3e:a4:07:07:66:81:b7:1d: 6c:11:ec:ab:65:af:93:a0:d5:9c:72:5b:a5:53:64:71:4e:b2: a3:2c:b0:0b:de:42:0d:db:de:9c:88:25:1e:53:b5:7a:9c:75: 8f:bf:7f:14:a5:05:1f:55:0f:5a:5b:9a:73:a0:38:9d:8e:a3: 77:41:58:eb:33:25:f7:c0:39:69:7e:a2:07:b8:d2:1f:c0:48: 9f:10:bb:3d:da:21:b3:e2:aa:e5:dd:18:36:b9:cb:69:56:b7: 0a:51:1d:ca:51:b7:c9:ef:31:a9:16:e3:33:a8:0f:61:6e:14: b1:7a:66:82:ab:a3:af:53:ea:cd:25:53:58:49:f8:1a:d8:d0: 46:c3:d0:56:a0:e6:92:74:4d:8d:55:df:74:d4:13:ec:39:7c: e8:36:49:b6:17:a2:89:81:7a:f4:79:aa:63:95:6e:c3:b8:2a: 46:a0:ae:d5:25:a7:29:54:aa:13:77:98:3e:83:a5:a5:e9:39: c1:c5:4b:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCgBV2UwFOgYdxLKxGOjHvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3 ZGMyMzIwHhcNMjUxMjIxMjAwMDQ4WhcNMjUxMjIyMjAwMDQ4WjAzMTEwLwYDVQQD EygzOWI1ZjVhYzRkYmNjMjNhOGJlODc1ZjBmZTMwNDIxOTFiMmU4YWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AK2bCYVtfKdt+ffPvXWjYHFv/PO o68p23nEzGzbhXaIFHkA5CwcTYxuENqahedDAXqDST7+MaGU2/6HDT/T/Cw7syDy 6aZsVAKyBVrh9+IcyQYE5YkbbQhrqDKJzlSx3S1sSloJJxkqn5miKSrKvXYn0rqI u7HA0kGtiLaaUIFNIzhbPU2sqUIU4Mmx3tJp/jcueHiFtygzWQXwVwousWVMJ7Ky p+Hqu1UwFZxeE5jk6wNz1bKCwsVL9GAzDAyA9ZMob8azUj6m32+nBUy1rY6N/fzi UvfX2pDbU7OE+srRWceFZyWYrDl/NQksuvNM6N4FFm85uqZu2bxITC1L5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDm19axNvMI6i+h18P4wQhkbLorcMB8GA1UdIwQY MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAInEvHlrT Uvx4KnaNFm7abKCyBysYrMGAs93hGsVfIifBGJY0tMFDPECERU2HAR0vxC7dx7dU gtI7+xgx+J1+Tz6kBwdmgbcdbBHsq2Wvk6DVnHJbpVNkcU6yoyywC95CDdvenIgl HlO1epx1j79/FKUFH1UPWluac6A4nY6jd0FY6zMl98A5aX6iB7jSH8BInxC7Pdoh s+Kq5d0YNrnLaVa3ClEdylG3ye8xqRbjM6gPYW4UsXpmgqujr1PqzSVTWEn4GtjQ RsPQVqDmknRNjVXfdNQT7Dl86DZJtheiiYF69HmqY5Vuw7gqRqCu1SWnKVSqE3eY PoOlpek5wcVLsw== -----END CERTIFICATE-----Generated at Mon Dec 22 04:19:16 2025 by rpki-client