This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft File: 5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json) Hash identifier: Z7jWZ03asJthY6EvQbI/BvChstA3cDklvpHKxdyN5XQ= Subject key identifier: 7B:C5:61:76:51:30:8E:47:F6:64:82:1D:A4:4D:A3:60:98:D4:6B:FD Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D Certificate issuer: /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d Certificate serial: 019B40C89DE0CDB975C6750145F0A18DFD5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft Manifest number: 0DF1 Signing time: Sun 21 Dec 2025 12:00:47 +0000 Manifest this update: Sun 21 Dec 2025 12:00:47 +0000 Manifest next update: Mon 22 Dec 2025 12:00:47 +0000 Files and hashes: 1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: tXvLx7Ughs9R6O7apEZBftqx86k3EMiwAyL2wUeefg4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:9d:e0:cd:b9:75:c6:75:01:45:f0:a1:8d:fd:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d Validity Not Before: Dec 21 12:00:47 2025 GMT Not After : Dec 22 12:00:47 2025 GMT Subject: CN=7bc5617651308e47f664821da44da36098d46bfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:9f:61:eb:e5:8a:7f:94:20:92:14:c4:69:15: 66:b4:91:86:00:1e:ec:3f:71:9b:bf:43:12:59:da: 26:3c:08:ff:0f:58:ca:c5:d1:e6:25:a9:10:28:19: 19:cd:57:c3:98:fa:90:2e:aa:74:3e:ec:0a:12:0a: 58:8a:d3:d3:ca:c0:bc:50:25:58:d4:e0:b3:94:b7: bc:7a:9c:5c:f8:8c:d8:cd:25:3d:95:89:3a:ec:e1: 46:c4:9b:00:22:5f:6f:2d:02:df:93:1d:46:55:09: 4d:37:98:00:af:14:e4:79:3d:59:0a:08:b6:47:99: d8:d8:68:6e:42:03:d1:72:42:3b:c3:8c:48:94:7b: 40:7d:1b:02:20:be:ec:46:be:96:48:f9:a1:7f:85: fe:3e:f9:ef:0c:5f:c6:47:3a:51:82:e7:01:45:52: 43:e7:16:99:90:4d:92:b1:e8:f6:25:81:66:6b:dd: a1:50:ac:ee:e5:84:ad:86:8b:ee:eb:2c:a9:af:bc: 0c:75:f7:69:91:ea:25:5b:c3:f7:b6:53:cb:19:2b: 91:0a:01:5c:7d:ac:ef:f7:b4:58:86:79:f2:30:7d: e4:1f:a1:ae:df:92:8c:6d:cb:e9:23:97:2e:70:ac: 50:eb:0c:e6:dd:b7:af:01:e2:e7:78:01:06:0c:0a: d9:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:C5:61:76:51:30:8E:47:F6:64:82:1D:A4:4D:A3:60:98:D4:6B:FD X509v3 Authority Key Identifier: keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:a3:44:54:e0:06:a9:07:b7:e2:00:10:fc:d9:19:3d:74:48: e3:c7:8f:93:62:28:44:6b:99:da:00:25:83:32:81:83:c3:b5: 02:56:fb:df:b0:3c:9a:b4:59:52:83:11:67:4c:29:d8:11:bc: 6e:47:74:d4:94:8e:64:c4:58:cb:db:c7:2d:c1:e6:5c:40:59: b4:68:98:97:d0:92:4e:39:4c:08:70:4a:1c:97:a5:87:9f:5c: 64:5f:8d:d6:38:ab:c4:d2:3e:29:1b:a0:c2:7d:5a:3a:b4:39: 89:20:8f:e0:e8:34:25:3d:56:e3:79:b9:a2:3b:0e:48:95:21: 1d:d5:be:c9:d1:c7:54:ab:92:d7:53:63:66:7c:10:66:46:d7: c0:cc:d3:31:35:1c:62:cd:5e:2c:86:cb:17:45:8e:26:34:68: 48:a6:10:9f:d9:d7:cc:30:81:c9:a6:93:e5:98:bd:87:15:eb: 20:95:de:ea:53:0a:43:11:4b:8b:55:b9:1d:36:c7:ed:3b:41: c4:15:91:2a:f1:d0:6d:96:df:22:5d:9a:76:27:0f:ef:92:70: 0b:1a:ff:88:77:96:b2:de:02:6b:72:ff:fc:c4:dd:98:83:65: 70:23:7f:27:5d:0a:18:23:16:9e:6c:d2:7d:fb:aa:c3:a1:14: e4:7a:2c:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyJ3gzbl1xnUBRfChjf1dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2 MmMwMWQwHhcNMjUxMjIxMTIwMDQ3WhcNMjUxMjIyMTIwMDQ3WjAzMTEwLwYDVQQD Eyg3YmM1NjE3NjUxMzA4ZTQ3ZjY2NDgyMWRhNDRkYTM2MDk4ZDQ2YmZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ9h6+WKf5QgkhTEaRVmtJGGAB7s P3Gbv0MSWdomPAj/D1jKxdHmJakQKBkZzVfDmPqQLqp0PuwKEgpYitPTysC8UCVY 1OCzlLe8epxc+IzYzSU9lYk67OFGxJsAIl9vLQLfkx1GVQlNN5gArxTkeT1ZCgi2 R5nY2GhuQgPRckI7w4xIlHtAfRsCIL7sRr6WSPmhf4X+PvnvDF/GRzpRgucBRVJD 5xaZkE2Ssej2JYFma92hUKzu5YSthovu6yypr7wMdfdpkeolW8P3tlPLGSuRCgFc fazv97RYhnnyMH3kH6Gu35KMbcvpI5cucKxQ6wzm3bevAeLneAEGDArZwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHvFYXZRMI5H9mSCHaRNo2CY1Gv9MB8GA1UdIwQY MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu6NEVOAG qQe34gAQ/NkZPXRI48ePk2IoRGuZ2gAlgzKBg8O1Alb737A8mrRZUoMRZ0wp2BG8 bkd01JSOZMRYy9vHLcHmXEBZtGiYl9CSTjlMCHBKHJelh59cZF+N1jirxNI+KRug wn1aOrQ5iSCP4Og0JT1W43m5ojsOSJUhHdW+ydHHVKuS11NjZnwQZkbXwMzTMTUc Ys1eLIbLF0WOJjRoSKYQn9nXzDCByaaT5Zi9hxXrIJXe6lMKQxFLi1W5HTbH7TtB xBWRKvHQbZbfIl2adicP75JwCxr/iHeWst4Ca3L//MTdmINlcCN/J10KGCMWnmzS ffuqw6EU5Hosfw== -----END CERTIFICATE-----Generated at Sun Dec 21 21:10:35 2025 by rpki-client