This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/ba1c97-0e56-4840-b613-b361a2c457c4/1/5fmFqUAlRIkU3qoXQiBzBDklE90.mft File: 5fmFqUAlRIkU3qoXQiBzBDklE90.mft (raw, json) Hash identifier: OlwPQr4KSzUKgKZEDOek69t7zw95QLIt21GGt2PzTe4= Subject key identifier: 38:86:F7:D9:30:35:23:00:AA:05:9E:8F:89:65:CB:E8:B5:78:4B:5D Authority key identifier: E5:F9:85:A9:40:25:44:89:14:DE:AA:17:42:20:73:04:39:25:13:DD Certificate issuer: /CN=e5f985a94025448914deaa1742207304392513dd Certificate serial: 019B51BC0265441CC96007DB04C673C76BBF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5fmFqUAlRIkU3qoXQiBzBDklE90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/ba1c97-0e56-4840-b613-b361a2c457c4/1/5fmFqUAlRIkU3qoXQiBzBDklE90.mft Manifest number: 0364 Signing time: Wed 24 Dec 2025 19:00:34 +0000 Manifest this update: Wed 24 Dec 2025 19:00:34 +0000 Manifest next update: Thu 25 Dec 2025 19:00:34 +0000 Files and hashes: 1: 5fmFqUAlRIkU3qoXQiBzBDklE90.crl (hash: e+RTIjgRNtCgLHI8yPDyqz+JFUDUTk1sCc/7ICcBv7w=) 2: nAZJBZ6VvJoN3Mjanp3D7Pbl_-s.roa (hash: toI1tT2hR8zRYJnuO8W3FR+ZELFSDV5ej6CQ6AsxKnE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/ba1c97-0e56-4840-b613-b361a2c457c4/1/5fmFqUAlRIkU3qoXQiBzBDklE90.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/ba1c97-0e56-4840-b613-b361a2c457c4/1/5fmFqUAlRIkU3qoXQiBzBDklE90.mft rsync://rpki.ripe.net/repository/DEFAULT/5fmFqUAlRIkU3qoXQiBzBDklE90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:02:65:44:1c:c9:60:07:db:04:c6:73:c7:6b:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e5f985a94025448914deaa1742207304392513dd Validity Not Before: Dec 24 19:00:34 2025 GMT Not After : Dec 25 19:00:34 2025 GMT Subject: CN=3886f7d930352300aa059e8f8965cbe8b5784b5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:4b:bd:8c:13:ac:66:d0:26:ee:3c:52:3b:a5: 52:42:85:f8:50:3e:67:d4:c1:c0:a9:d7:65:b2:72: ce:b8:5f:5f:e5:d8:58:2b:32:95:4e:88:9a:f1:6a: 8b:f3:e7:aa:f5:69:7e:08:e3:da:e3:a6:28:5e:a0: d4:63:c7:8e:08:38:49:a0:0b:8c:7b:f4:6c:f4:4d: 50:f5:c7:35:75:3c:f1:31:97:51:03:32:f9:4a:84: bb:4a:1d:4f:65:6f:52:da:63:fd:8f:04:df:18:7b: 7d:c1:49:f8:a6:98:ea:e8:df:b0:42:7a:c1:9f:c5: 1a:27:3a:fc:a3:d3:b9:e5:f6:b2:26:eb:ff:a3:41: a1:2a:58:73:09:26:06:ff:c0:06:27:d7:ab:82:a3: a2:5b:17:8a:64:dc:8c:d9:c2:86:9f:f2:ef:91:42: ab:bb:60:82:99:02:8e:2b:ee:e7:a2:42:83:d4:3d: 93:41:cf:92:14:fc:ab:d5:35:6a:fc:06:5a:fc:30: 07:dc:d7:fa:68:fe:40:c5:00:cc:26:2c:d9:b7:88: 5b:ad:c2:f6:a7:98:17:29:81:c2:75:c5:48:1c:c8: dc:b4:b0:04:6a:32:b9:6c:0d:10:fc:74:74:f5:ef: 6e:f2:5b:bf:a5:e1:76:bf:19:b8:e4:33:20:38:a4: e8:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:86:F7:D9:30:35:23:00:AA:05:9E:8F:89:65:CB:E8:B5:78:4B:5D X509v3 Authority Key Identifier: keyid:E5:F9:85:A9:40:25:44:89:14:DE:AA:17:42:20:73:04:39:25:13:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fmFqUAlRIkU3qoXQiBzBDklE90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ba1c97-0e56-4840-b613-b361a2c457c4/1/5fmFqUAlRIkU3qoXQiBzBDklE90.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ba1c97-0e56-4840-b613-b361a2c457c4/1/5fmFqUAlRIkU3qoXQiBzBDklE90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:84:ee:0f:f5:e2:6a:87:cc:02:23:02:68:6b:e1:aa:cf:0d: 5c:00:52:a2:5a:4f:64:ac:21:81:bd:d2:97:42:68:59:86:97: c6:ea:3f:07:6b:15:1b:aa:77:0d:3d:97:dc:a8:84:38:0a:98: 29:75:3f:d3:da:e9:6e:35:33:bd:a2:2a:61:18:a3:f3:8d:a5: b2:0c:0f:8c:bc:76:bf:42:13:20:ce:88:71:3c:f1:c1:20:18: 9c:54:72:83:d8:eb:8d:5e:d5:90:d5:93:0c:af:07:55:f2:c7: 04:61:66:60:e0:92:a1:c9:69:0d:79:3c:2d:3c:24:9d:c8:f5: 48:a2:78:b6:e7:f5:bd:97:dd:9d:dc:af:e9:84:5b:9b:ba:b3: 42:00:51:57:ba:50:37:52:a8:19:10:8f:a9:eb:09:5b:50:3d: 26:09:42:20:cb:31:15:3d:e1:d4:28:02:92:05:a5:42:c0:bb: 92:d1:48:10:9d:60:2c:39:81:27:e7:c0:b2:0f:f7:bc:f6:f1: 7c:48:b1:a7:4d:4c:1a:db:8a:ca:f7:fc:7b:27:7c:ba:c0:9d: 7e:90:2d:32:3a:8f:54:8e:24:1f:bb:73:d7:c6:8d:3f:20:97: 5e:25:4a:78:cd:d7:79:47:9b:db:a8:03:4e:fc:44:d1:28:88: c9:a1:1d:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvAJlRBzJYAfbBMZzx2u/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1Zjk4NWE5NDAyNTQ0ODkxNGRlYWExNzQyMjA3MzA0Mzky NTEzZGQwHhcNMjUxMjI0MTkwMDM0WhcNMjUxMjI1MTkwMDM0WjAzMTEwLwYDVQQD EygzODg2ZjdkOTMwMzUyMzAwYWEwNTllOGY4OTY1Y2JlOGI1Nzg0YjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApku9jBOsZtAm7jxSO6VSQoX4UD5n 1MHAqddlsnLOuF9f5dhYKzKVToia8WqL8+eq9Wl+COPa46YoXqDUY8eOCDhJoAuM e/Rs9E1Q9cc1dTzxMZdRAzL5SoS7Sh1PZW9S2mP9jwTfGHt9wUn4ppjq6N+wQnrB n8UaJzr8o9O55fayJuv/o0GhKlhzCSYG/8AGJ9ergqOiWxeKZNyM2cKGn/LvkUKr u2CCmQKOK+7nokKD1D2TQc+SFPyr1TVq/AZa/DAH3Nf6aP5AxQDMJizZt4hbrcL2 p5gXKYHCdcVIHMjctLAEajK5bA0Q/HR09e9u8lu/peF2vxm45DMgOKToHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDiG99kwNSMAqgWej4lly+i1eEtdMB8GA1UdIwQY MBaAFOX5halAJUSJFN6qF0IgcwQ5JRPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWZtRnFVQWxSSWtVM3FvWFFpQnpCRGtsRTkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9iYTFjOTctMGU1Ni00ODQwLWI2MTMt YjM2MWEyYzQ1N2M0LzEvNWZtRnFVQWxSSWtVM3FvWFFpQnpCRGtsRTkwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9iYTFjOTctMGU1Ni00ODQwLWI2MTMtYjM2MWEyYzQ1N2M0 LzEvNWZtRnFVQWxSSWtVM3FvWFFpQnpCRGtsRTkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo4TuD/Xi aofMAiMCaGvhqs8NXABSolpPZKwhgb3Sl0JoWYaXxuo/B2sVG6p3DT2X3KiEOAqY KXU/09rpbjUzvaIqYRij842lsgwPjLx2v0ITIM6IcTzxwSAYnFRyg9jrjV7VkNWT DK8HVfLHBGFmYOCSoclpDXk8LTwkncj1SKJ4tuf1vZfdndyv6YRbm7qzQgBRV7pQ N1KoGRCPqesJW1A9JglCIMsxFT3h1CgCkgWlQsC7ktFIEJ1gLDmBJ+fAsg/3vPbx fEixp01MGtuKyvf8eyd8usCdfpAtMjqPVI4kH7tz18aNPyCXXiVKeM3XeUeb26gD TvxE0SiIyaEd1A== -----END CERTIFICATE-----Generated at Thu Dec 25 04:36:41 2025 by rpki-client