This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft File: D5XJyafxmprXF-TapTDIXPmauXU.mft (raw, json) Hash identifier: yzOP1UVvENQ/sDtxp0a5JDWCYAi8C1gejMHo8IkQJk0= Subject key identifier: 9B:3A:34:D8:CB:89:20:5C:09:FC:2B:E0:12:9F:2F:8D:AC:87:46:62 Authority key identifier: 0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75 Certificate issuer: /CN=0f95c9c9a7f19a9ad717e4daa530c85cf99ab975 Certificate serial: 019B44383BBB7492218317FD15818D7C855B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft Manifest number: 07BC Signing time: Mon 22 Dec 2025 04:01:34 +0000 Manifest this update: Mon 22 Dec 2025 04:01:34 +0000 Manifest next update: Tue 23 Dec 2025 04:01:34 +0000 Files and hashes: 1: D5XJyafxmprXF-TapTDIXPmauXU.crl (hash: Hkbj9nFIETLvB0ivA7LwN+kVs9sH+r4+HDRJXBORfGI=) 2: dJjjOIsvcmwG1yw0BY5P71sFVUw.roa (hash: 71ssAltTmbpploHF43pU09n+JXavvKYPHb8mMd4Firs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.crl rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:3b:bb:74:92:21:83:17:fd:15:81:8d:7c:85:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f95c9c9a7f19a9ad717e4daa530c85cf99ab975 Validity Not Before: Dec 22 04:01:34 2025 GMT Not After : Dec 23 04:01:34 2025 GMT Subject: CN=9b3a34d8cb89205c09fc2be0129f2f8dac874662 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:e7:79:03:88:70:96:85:1d:6a:74:50:29:cd: 0e:9e:b8:eb:b9:4a:a4:c8:62:0d:60:6b:41:be:a3: f3:4a:ff:92:0b:41:26:99:02:ac:09:c9:a9:97:4c: d2:0d:3f:d5:e0:30:da:a2:c7:5c:52:d0:71:17:c2: 4d:83:46:ec:2a:84:3b:34:76:e3:26:36:06:48:f5: d7:c1:f8:58:aa:e9:47:d0:83:85:80:4f:6f:d0:d5: 44:8b:94:36:96:dd:d9:8b:6d:53:07:10:b5:b3:c0: 77:bf:65:d3:b9:27:89:f6:20:9f:3e:ee:33:6a:00: 03:3b:a2:d8:2a:aa:93:94:d9:72:95:6f:28:70:49: 5f:54:f0:fa:f2:76:d9:61:65:4c:84:ef:3b:51:a5: aa:99:1d:56:6b:b4:d8:c3:10:3a:2c:47:97:21:50: 5e:b3:e1:c2:7e:80:ca:0e:6d:c0:54:c7:a2:34:4e: d6:b7:5a:c3:b3:00:f5:76:4b:41:a2:6a:40:31:68: e2:b8:b0:85:d0:80:70:2e:a7:95:f3:77:91:42:60: c3:b0:22:7d:e6:8d:fc:0c:3f:28:7d:9e:4e:4c:84: 65:c0:cc:08:c6:59:ad:e6:2a:86:6b:1b:15:a0:f2: 64:d9:3e:ca:7c:50:9c:db:72:03:cb:6a:98:fd:01: 58:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:3A:34:D8:CB:89:20:5C:09:FC:2B:E0:12:9F:2F:8D:AC:87:46:62 X509v3 Authority Key Identifier: keyid:0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:5c:fc:ee:9a:e9:b5:89:1b:da:b7:7e:47:d9:4d:70:ab:4a: 80:72:0e:08:85:85:32:13:44:30:0a:5b:82:21:b1:34:fc:d1: 23:3d:7e:5f:12:b4:c0:85:a7:88:f0:0c:a1:dc:ab:0d:97:23: 7a:ef:41:86:68:54:3b:4c:51:57:74:1b:c8:44:85:f9:38:61: f3:4a:0c:4c:a0:8d:1f:c9:ba:0d:a5:06:75:98:4f:ef:f5:de: c0:d9:ae:a1:8d:98:1d:af:e8:59:16:4e:84:14:a4:a2:02:42: 85:3a:68:b5:83:60:71:44:6d:85:83:31:fd:e9:cb:41:4b:61: 6b:8f:08:2a:34:0c:63:0f:8c:93:77:50:68:73:a6:e5:8a:f1: 0a:c8:90:1b:eb:64:56:00:b0:36:0e:fd:c4:93:7c:f4:ed:72: be:b6:b1:3c:72:0e:d5:cb:bf:70:49:ed:bc:fa:72:c0:cf:2a: 0a:8b:7e:e6:d7:a9:c1:f9:9c:24:4e:a6:d7:b6:a9:c6:f9:35: 25:32:48:5d:9b:c9:bf:14:2f:cb:34:58:7c:2d:73:0e:dd:72: 85:0a:53:13:2b:ef:80:08:40:04:71:a0:c8:5c:19:ce:42:60: 68:07:9c:41:c5:f2:33:d6:5f:37:fe:14:35:ec:d5:d4:0a:4a: 46:b7:8e:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEODu7dJIhgxf9FYGNfIVbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmOTVjOWM5YTdmMTlhOWFkNzE3ZTRkYWE1MzBjODVjZjk5 YWI5NzUwHhcNMjUxMjIyMDQwMTM0WhcNMjUxMjIzMDQwMTM0WjAzMTEwLwYDVQQD Eyg5YjNhMzRkOGNiODkyMDVjMDlmYzJiZTAxMjlmMmY4ZGFjODc0NjYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Od5A4hwloUdanRQKc0OnrjruUqk yGINYGtBvqPzSv+SC0EmmQKsCcmpl0zSDT/V4DDaosdcUtBxF8JNg0bsKoQ7NHbj JjYGSPXXwfhYqulH0IOFgE9v0NVEi5Q2lt3Zi21TBxC1s8B3v2XTuSeJ9iCfPu4z agADO6LYKqqTlNlylW8ocElfVPD68nbZYWVMhO87UaWqmR1Wa7TYwxA6LEeXIVBe s+HCfoDKDm3AVMeiNE7Wt1rDswD1dktBompAMWjiuLCF0IBwLqeV83eRQmDDsCJ9 5o38DD8ofZ5OTIRlwMwIxlmt5iqGaxsVoPJk2T7KfFCc23IDy2qY/QFY/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJs6NNjLiSBcCfwr4BKfL42sh0ZiMB8GA1UdIwQY MBaAFA+Vycmn8Zqa1xfk2qUwyFz5mrl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wOGY1Y2QtOGVlYy00ZDU1LTg4MTIt YzkzNjU5Zjc2NzM3LzEvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My8wOGY1Y2QtOGVlYy00ZDU1LTg4MTItYzkzNjU5Zjc2NzM3 LzEvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWVz87prp tYkb2rd+R9lNcKtKgHIOCIWFMhNEMApbgiGxNPzRIz1+XxK0wIWniPAModyrDZcj eu9BhmhUO0xRV3QbyESF+Thh80oMTKCNH8m6DaUGdZhP7/XewNmuoY2YHa/oWRZO hBSkogJChTpotYNgcURthYMx/enLQUtha48IKjQMYw+Mk3dQaHOm5YrxCsiQG+tk VgCwNg79xJN89O1yvraxPHIO1cu/cEntvPpywM8qCot+5tepwfmcJE6m17apxvk1 JTJIXZvJvxQvyzRYfC1zDt1yhQpTEyvvgAhABHGgyFwZzkJgaAecQcXyM9ZfN/4U NezV1ApKRreOFA== -----END CERTIFICATE-----Generated at Mon Dec 22 09:44:30 2025 by rpki-client