This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft File: US4nvokbGeypvOtT5NwjfFo1Vpc.mft (raw, json) Hash identifier: 6mLG1O4oe53EZ70f6MCFshbfTr22On8+jEeZmlf/C4E= Subject key identifier: 3F:6B:1E:80:72:D7:62:36:F0:75:0B:8B:90:09:3D:A2:95:AF:8C:6D Authority key identifier: 51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97 Certificate issuer: /CN=512e27be891b19eca9bceb53e4dc237c5a355697 Certificate serial: 019B47A63F9F48044A0FAAFFC47D0A4D7196 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft Manifest number: 0D8A Signing time: Mon 22 Dec 2025 20:00:36 +0000 Manifest this update: Mon 22 Dec 2025 20:00:36 +0000 Manifest next update: Tue 23 Dec 2025 20:00:36 +0000 Files and hashes: 1: US4nvokbGeypvOtT5NwjfFo1Vpc.crl (hash: DTj+ACio0sUs0XLu92i9u2+z6aWLBLyvDpbA+o4LihA=) 2: WNeWcYI--FrvgqVvkbFu12LIaYA.roa (hash: k8USa1JcWCZakgNPmvbG30Z+DpfHdvNnOH9UZ98bnDg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 20:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:a6:3f:9f:48:04:4a:0f:aa:ff:c4:7d:0a:4d:71:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=512e27be891b19eca9bceb53e4dc237c5a355697 Validity Not Before: Dec 22 20:00:36 2025 GMT Not After : Dec 23 20:00:36 2025 GMT Subject: CN=3f6b1e8072d76236f0750b8b90093da295af8c6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:04:70:95:a1:20:e8:d5:b2:80:4d:3d:de:e9: 11:48:8b:12:73:b9:79:e4:5f:8f:8f:79:13:73:c0: 51:3b:9d:f9:fa:3e:1a:2e:30:ed:64:93:be:92:1b: 8d:06:25:e5:c3:77:64:74:c3:82:be:70:ac:b9:16: 2e:5a:2a:cc:c3:5c:41:e7:bc:ff:e0:ab:eb:e1:be: f7:56:c2:33:71:2d:cc:7b:f6:35:0c:eb:be:38:59: 4d:df:05:88:32:f9:b1:fb:66:98:5a:37:dc:ef:01: 3c:56:67:29:05:c9:f6:28:45:4e:17:52:88:e1:54: ac:d1:a4:3e:df:d8:d9:ab:13:71:16:c7:87:48:7a: 97:3d:03:78:8d:ea:62:24:98:c4:27:3e:ec:98:50: da:85:11:fb:fb:5e:cc:22:19:58:03:2b:38:b6:95: c9:d1:fc:49:96:d8:c1:bf:cf:db:28:f4:40:d8:08: 72:b7:84:10:11:64:4b:2f:6d:7e:77:3f:45:26:25: 4a:55:f9:c0:85:f1:c4:de:83:3c:be:1a:93:7b:98: 3f:ed:6b:46:ee:ee:11:8e:24:23:33:e5:1e:50:f7: bb:68:20:88:f6:d8:20:8a:06:71:6d:17:41:4b:e2: 9a:2c:62:eb:ea:08:1b:1e:78:da:14:af:5d:b9:2e: 39:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:6B:1E:80:72:D7:62:36:F0:75:0B:8B:90:09:3D:A2:95:AF:8C:6D X509v3 Authority Key Identifier: keyid:51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:b4:f4:d9:b6:d7:2c:08:36:70:48:00:68:49:32:1b:06:b7: aa:48:84:e2:3d:0d:a1:59:ec:3d:34:d1:a4:3d:a7:f7:9c:f5: 56:e3:05:6d:8e:40:b2:9a:ad:40:f3:c7:ab:37:d2:63:38:91: 1f:fa:17:42:7e:c9:4c:98:24:f2:51:ef:8b:21:c3:b7:64:0c: 41:8b:00:fc:4e:fc:4d:c9:d9:40:bb:9a:40:b9:d9:4d:16:d5: 44:8b:a6:ba:87:33:a5:00:05:26:92:f3:b2:d2:66:e0:8b:b2: b3:83:46:f4:ee:e2:ca:06:30:57:b0:26:13:14:ce:9d:69:ab: e1:9d:36:8a:3c:26:cd:7c:cf:0a:5e:dc:ce:67:0f:15:b3:fa: c7:a3:79:54:03:57:c0:77:4f:93:03:ff:7e:ec:b1:fd:ae:37: 88:6c:1d:0a:ad:d3:dc:94:63:e2:20:9c:10:dc:75:49:e8:da: dd:d9:3e:69:6e:8a:77:59:52:35:23:29:bc:d9:8a:c9:8e:74: 46:df:55:f0:bc:ce:c2:fa:fb:46:45:52:0b:64:c5:4b:b5:e0: db:ca:33:e3:00:99:3f:26:c7:89:08:eb:d8:1a:c1:fa:d1:c5: ac:fc:5a:bf:03:b5:d7:e8:12:f7:f7:58:de:a0:85:c1:20:14: c3:63:bf:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHpj+fSARKD6r/xH0KTXGWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMmUyN2JlODkxYjE5ZWNhOWJjZWI1M2U0ZGMyMzdjNWEz NTU2OTcwHhcNMjUxMjIyMjAwMDM2WhcNMjUxMjIzMjAwMDM2WjAzMTEwLwYDVQQD EygzZjZiMWU4MDcyZDc2MjM2ZjA3NTBiOGI5MDA5M2RhMjk1YWY4YzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QRwlaEg6NWygE093ukRSIsSc7l5 5F+Pj3kTc8BRO535+j4aLjDtZJO+khuNBiXlw3dkdMOCvnCsuRYuWirMw1xB57z/ 4Kvr4b73VsIzcS3Me/Y1DOu+OFlN3wWIMvmx+2aYWjfc7wE8VmcpBcn2KEVOF1KI 4VSs0aQ+39jZqxNxFseHSHqXPQN4jepiJJjEJz7smFDahRH7+17MIhlYAys4tpXJ 0fxJltjBv8/bKPRA2Ahyt4QQEWRLL21+dz9FJiVKVfnAhfHE3oM8vhqTe5g/7WtG 7u4RjiQjM+UeUPe7aCCI9tggigZxbRdBS+KaLGLr6ggbHnjaFK9duS45TQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD9rHoBy12I28HULi5AJPaKVr4xtMB8GA1UdIwQY MBaAFFEuJ76JGxnsqbzrU+TcI3xaNVaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAt NWExMTRlZjliMmFhLzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAtNWExMTRlZjliMmFh LzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArrT02bbX LAg2cEgAaEkyGwa3qkiE4j0NoVnsPTTRpD2n95z1VuMFbY5AspqtQPPHqzfSYziR H/oXQn7JTJgk8lHviyHDt2QMQYsA/E78TcnZQLuaQLnZTRbVRIumuoczpQAFJpLz stJm4Iuys4NG9O7iygYwV7AmExTOnWmr4Z02ijwmzXzPCl7czmcPFbP6x6N5VANX wHdPkwP/fuyx/a43iGwdCq3T3JRj4iCcENx1Seja3dk+aW6Kd1lSNSMpvNmKyY50 Rt9V8LzOwvr7RkVSC2TFS7Xg28oz4wCZPybHiQjr2BrB+tHFrPxavwO11+gS9/dY 3qCFwSAUw2O/Fw== -----END CERTIFICATE-----Generated at Tue Dec 23 02:53:55 2025 by rpki-client