This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft File: X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json) Hash identifier: enayBlY5gXYWb1yxVXQyXPIM29Qe1zxKWNysZulKqcs= Subject key identifier: 8F:A4:40:B4:1E:B4:F0:1C:36:3D:C4:03:D0:2B:77:3A:42:F1:E3:32 Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A Certificate issuer: /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a Certificate serial: 019B51BD24F34B1BB0543868C3CC8506A766 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft Manifest number: 0285 Signing time: Wed 24 Dec 2025 19:01:48 +0000 Manifest this update: Wed 24 Dec 2025 19:01:48 +0000 Manifest next update: Thu 25 Dec 2025 19:01:48 +0000 Files and hashes: 1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: F5XFLOzuru7FtMSMz+o6n/bP0i30MoaxlNhdLF7I3cM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bd:24:f3:4b:1b:b0:54:38:68:c3:cc:85:06:a7:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a Validity Not Before: Dec 24 19:01:48 2025 GMT Not After : Dec 25 19:01:48 2025 GMT Subject: CN=8fa440b41eb4f01c363dc403d02b773a42f1e332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ec:ef:9c:78:85:7b:f1:71:2e:56:66:f2:a0: 2c:33:51:4c:5d:ca:43:3a:be:bf:84:24:7a:1e:8b: 00:50:bb:9c:c5:33:c0:ca:24:e8:f2:e5:02:26:57: e9:68:82:23:26:b1:76:47:1f:61:24:9a:47:1e:7b: 5a:01:87:42:51:d0:8c:eb:73:ac:8b:f1:d8:8a:3a: f0:b9:a0:02:c6:3a:68:37:d3:82:5d:47:09:5e:2b: 4f:74:7b:e5:8e:3a:f0:d3:f5:33:2d:7c:8d:8a:78: 0b:6d:ca:81:f6:e1:08:0b:b3:4b:1f:76:de:b0:a8: 9d:02:4e:de:02:69:aa:62:a0:37:89:75:e7:fc:b5: 2f:9e:d5:2e:71:a9:b8:ff:47:86:c2:7a:55:c9:1a: 15:e5:fb:97:7e:01:39:e7:fc:db:b4:ee:49:3b:35: 1b:b5:98:02:53:8c:0c:4e:f4:02:b9:45:2c:6b:e3: a9:7e:21:e5:8e:97:e0:92:3b:22:fd:73:d5:8e:8c: 74:91:3e:4c:8a:25:53:7d:49:54:e1:7f:a1:03:86: 37:7a:17:d0:02:f6:a2:68:4c:ea:bc:d3:fa:91:25: c9:53:e7:55:8d:53:3f:db:49:c5:6a:b1:0f:d5:75: b6:9b:69:2d:ab:ca:e8:6b:14:73:db:2c:96:87:38: 02:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:A4:40:B4:1E:B4:F0:1C:36:3D:C4:03:D0:2B:77:3A:42:F1:E3:32 X509v3 Authority Key Identifier: keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:86:eb:a5:cf:1e:c9:d6:2e:9a:d7:7f:03:1c:a5:33:28:88: 52:cc:d6:b9:cf:57:93:ad:95:e1:a1:73:5e:42:38:b4:de:2d: 5a:d1:21:28:b0:00:7a:18:9d:f4:f5:90:03:96:7e:04:e9:24: ae:53:96:a7:ec:11:34:c1:b8:d7:8d:4d:de:6c:35:55:e4:89: 14:3b:75:e1:6d:2a:5e:1e:34:8a:25:aa:19:0e:e9:e6:2c:39: 2d:26:37:dc:02:ab:bb:fe:e7:ec:5d:c1:85:fe:a4:1e:00:e9: c8:9b:1e:f6:46:25:7f:c4:7d:de:0b:bd:0d:e8:c6:cf:66:24: 58:91:9e:63:83:6a:a8:03:5d:18:9e:ae:84:15:7d:23:09:e8: 29:8a:34:9c:d6:ad:34:2f:89:3a:78:9a:e2:11:de:80:b9:d4: 8c:9f:6f:69:77:7e:7d:35:ed:b3:70:4e:26:69:0a:06:e2:d0: ee:68:65:43:f5:39:8b:52:7b:16:af:03:41:24:e3:0d:77:d6: 9e:5c:14:15:13:02:64:ad:60:7a:63:8e:8c:b8:41:ef:86:50: 21:79:02:f3:c3:f8:dc:70:24:4d:65:8a:28:21:ce:be:19:27: ac:5a:76:f9:a7:e0:50:42:2a:c0:0a:3d:65:3f:6f:33:51:d0: 79:aa:12:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvSTzSxuwVDhow8yFBqdmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy OTRiN2EwHhcNMjUxMjI0MTkwMTQ4WhcNMjUxMjI1MTkwMTQ4WjAzMTEwLwYDVQQD Eyg4ZmE0NDBiNDFlYjRmMDFjMzYzZGM0MDNkMDJiNzczYTQyZjFlMzMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuzvnHiFe/FxLlZm8qAsM1FMXcpD Or6/hCR6HosAULucxTPAyiTo8uUCJlfpaIIjJrF2Rx9hJJpHHntaAYdCUdCM63Os i/HYijrwuaACxjpoN9OCXUcJXitPdHvljjrw0/UzLXyNingLbcqB9uEIC7NLH3be sKidAk7eAmmqYqA3iXXn/LUvntUucam4/0eGwnpVyRoV5fuXfgE55/zbtO5JOzUb tZgCU4wMTvQCuUUsa+OpfiHljpfgkjsi/XPVjox0kT5MiiVTfUlU4X+hA4Y3ehfQ AvaiaEzqvNP6kSXJU+dVjVM/20nFarEP1XW2m2ktq8roaxRz2yyWhzgCJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI+kQLQetPAcNj3EA9ArdzpC8eMyMB8GA1UdIwQY MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQYbrpc8e ydYumtd/AxylMyiIUszWuc9Xk62V4aFzXkI4tN4tWtEhKLAAehid9PWQA5Z+BOkk rlOWp+wRNMG4141N3mw1VeSJFDt14W0qXh40iiWqGQ7p5iw5LSY33AKru/7n7F3B hf6kHgDpyJse9kYlf8R93gu9DejGz2YkWJGeY4NqqANdGJ6uhBV9IwnoKYo0nNat NC+JOnia4hHegLnUjJ9vaXd+fTXts3BOJmkKBuLQ7mhlQ/U5i1J7Fq8DQSTjDXfW nlwUFRMCZK1gemOOjLhB74ZQIXkC88P43HAkTWWKKCHOvhknrFp2+afgUEIqwAo9 ZT9vM1HQeaoSWw== -----END CERTIFICATE-----Generated at Wed Dec 24 20:00:24 2025 by rpki-client