This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft File: a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json) Hash identifier: 5VbAWwd19xH19Zlznrit/La3xRypvWxPvAtTPp+vAxs= Subject key identifier: 23:1F:EB:F0:56:57:61:1C:B0:E6:6E:4E:69:BF:D8:76:70:93:E4:DF Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61 Certificate issuer: /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61 Certificate serial: 019B665595FA6577A5A63D529BE6696F02AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft Manifest number: 0B5D Signing time: Sun 28 Dec 2025 19:00:43 +0000 Manifest this update: Sun 28 Dec 2025 19:00:43 +0000 Manifest next update: Mon 29 Dec 2025 19:00:43 +0000 Files and hashes: 1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: O7IRBKA5ljmO2U0s3rz5c1lfbOmEFY2g64IWmHMx5nI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 19:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:55:95:fa:65:77:a5:a6:3d:52:9b:e6:69:6f:02:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61 Validity Not Before: Dec 28 19:00:43 2025 GMT Not After : Dec 29 19:00:43 2025 GMT Subject: CN=231febf05657611cb0e66e4e69bfd8767093e4df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:d5:d6:06:9f:cb:92:1e:4d:88:25:1e:f2:c2: 8d:4b:5e:e4:01:f7:c1:79:58:c4:f1:be:f3:3f:f9: 2f:dc:6c:32:74:a2:0c:4a:bf:39:9b:6b:8b:b2:0b: 35:9c:dc:21:4e:6c:c7:d3:34:ee:2e:9b:7d:f0:d6: c3:6e:10:fc:59:2b:03:45:eb:2c:f9:66:a5:b2:81: c0:d1:33:4a:25:00:0a:73:7a:78:db:a3:20:ab:70: 7f:2d:e6:0b:01:8e:28:57:1a:15:bf:dd:b2:b4:56: 6a:a1:65:82:1c:84:fd:b5:80:0c:0c:cf:1c:4f:f9: e9:69:e5:ad:64:0b:83:2c:e8:95:78:ef:70:bc:1f: 53:4b:cd:d2:42:26:fe:67:3d:2a:3b:9e:0d:5f:c0: 21:c2:18:32:ce:ba:87:04:de:ab:80:e2:eb:4b:53: b4:42:1a:36:b5:c2:21:dc:fe:fc:06:22:ba:25:a0: 3d:70:29:86:4f:35:fb:14:48:b4:10:22:f3:54:35: 92:b3:f2:f8:73:e5:f4:2d:6d:9e:36:e9:85:02:b4: eb:89:63:eb:0b:9f:af:b2:48:de:0d:c4:99:9a:27: a4:1b:e7:66:33:0f:c5:63:da:66:df:cf:72:68:25: c9:3f:a7:32:23:95:c4:44:6e:f4:23:c1:29:0e:c7: b7:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:1F:EB:F0:56:57:61:1C:B0:E6:6E:4E:69:BF:D8:76:70:93:E4:DF X509v3 Authority Key Identifier: keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:30:e7:cc:a2:49:0e:b4:75:44:b6:d3:d2:a9:4b:cd:ea:d4: c6:96:42:41:38:bb:76:91:31:58:e2:6a:93:55:41:5d:37:29: 0e:77:81:c3:59:f2:ab:2f:48:ee:cd:16:58:9e:25:f4:d8:6c: 8a:2b:72:86:c8:7b:96:6c:1f:09:4d:af:47:28:ed:a1:39:f9: 32:fc:4c:c9:f0:4a:e3:b5:f2:60:b3:67:ea:35:99:42:cd:a4: 10:81:b5:2d:a5:44:1c:0a:0d:69:5a:21:89:1c:73:3e:68:99: 46:34:f8:02:20:6d:ce:29:ea:63:44:7b:cf:00:84:b2:fe:1a: b9:d2:03:70:eb:87:25:23:d2:d7:6c:69:5e:25:cd:54:47:f5: 43:6c:ce:51:bd:3d:df:a3:8e:d8:6d:a4:14:ac:b4:77:37:97: 2e:98:e3:f1:7b:79:41:d1:f5:70:08:f4:b6:09:62:54:7d:e2: 24:b0:69:05:ea:f8:9c:3c:93:61:bd:a3:15:bb:df:9b:b6:20: 26:15:0b:6a:d8:fd:1a:aa:ee:1b:12:95:f4:8d:61:c0:16:1b: 4d:7b:3e:94:bb:ad:61:36:68:9c:86:53:82:ee:ac:27:d2:00: b0:9f:00:a9:17:ef:bf:fd:2f:21:26:52:11:a8:9f:2e:8c:4a: c3:2a:e3:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtmVZX6ZXelpj1Sm+ZpbwKvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj ZmFkNjEwHhcNMjUxMjI4MTkwMDQzWhcNMjUxMjI5MTkwMDQzWjAzMTEwLwYDVQQD EygyMzFmZWJmMDU2NTc2MTFjYjBlNjZlNGU2OWJmZDg3NjcwOTNlNGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dXWBp/Lkh5NiCUe8sKNS17kAffB eVjE8b7zP/kv3GwydKIMSr85m2uLsgs1nNwhTmzH0zTuLpt98NbDbhD8WSsDRess +WalsoHA0TNKJQAKc3p426Mgq3B/LeYLAY4oVxoVv92ytFZqoWWCHIT9tYAMDM8c T/npaeWtZAuDLOiVeO9wvB9TS83SQib+Zz0qO54NX8AhwhgyzrqHBN6rgOLrS1O0 Qho2tcIh3P78BiK6JaA9cCmGTzX7FEi0ECLzVDWSs/L4c+X0LW2eNumFArTriWPr C5+vskjeDcSZmiekG+dmMw/FY9pm389yaCXJP6cyI5XERG70I8EpDse3ZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCMf6/BWV2EcsOZuTmm/2HZwk+TfMB8GA1UdIwQY MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5 LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOTDnzKJJ DrR1RLbT0qlLzerUxpZCQTi7dpExWOJqk1VBXTcpDneBw1nyqy9I7s0WWJ4l9Nhs iityhsh7lmwfCU2vRyjtoTn5MvxMyfBK47XyYLNn6jWZQs2kEIG1LaVEHAoNaVoh iRxzPmiZRjT4AiBtzinqY0R7zwCEsv4audIDcOuHJSPS12xpXiXNVEf1Q2zOUb09 36OO2G2kFKy0dzeXLpjj8Xt5QdH1cAj0tgliVH3iJLBpBer4nDyTYb2jFbvfm7Yg JhULatj9GqruGxKV9I1hwBYbTXs+lLutYTZonIZTgu6sJ9IAsJ8AqRfvv/0vISZS EaifLoxKwyrjoA== -----END CERTIFICATE-----Generated at Mon Dec 29 00:47:43 2025 by rpki-client