This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft File: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft (raw, json) Hash identifier: kg/Zd16hP0RjZrXXws3p6RMhfXm1JVgHGQdo+R7HjRI= Subject key identifier: 00:DC:4A:8F:EF:DC:2D:7B:06:B2:15:4B:06:43:6F:F6:62:48:D5:75 Authority key identifier: AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82 Certificate issuer: /CN=af9b2cefe389a1ae49756edc2b3293e58830cb82 Certificate serial: 019B72FE547084D2425448E9062557C0E135 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft Manifest number: 0481 Signing time: Wed 31 Dec 2025 06:00:28 +0000 Manifest this update: Wed 31 Dec 2025 06:00:28 +0000 Manifest next update: Thu 01 Jan 2026 06:00:28 +0000 Files and hashes: 1: HlRrYVzs80ZJA5_JZ3csPGXIkEY.roa (hash: 2WA22A/U8/r4tDX+UDoYIX+va554GCdeOFSCw5V25j8=) 2: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl (hash: OkkykUPBm0FygXnnVLoAQOhZ8ssK4cJ3OBg1uL+iEnA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:72:fe:54:70:84:d2:42:54:48:e9:06:25:57:c0:e1:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af9b2cefe389a1ae49756edc2b3293e58830cb82 Validity Not Before: Dec 31 06:00:28 2025 GMT Not After : Jan 1 06:00:28 2026 GMT Subject: CN=00dc4a8fefdc2d7b06b2154b06436ff66248d575 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b4:52:df:60:7c:46:02:42:a4:51:24:66:8a: e7:f0:da:ba:4e:f9:30:6c:84:c6:30:fe:ac:99:b2: 08:f4:1e:6a:7f:23:3d:0a:2e:ed:7b:e5:06:1a:7e: 18:f5:9e:1c:0d:e7:1e:b3:2a:4d:86:2b:1a:25:ca: 1f:c7:5a:0f:9f:df:bc:5e:d0:56:9d:0f:88:4d:eb: a6:af:20:b3:08:1c:f3:7c:b4:78:c2:3c:ac:f0:ab: cf:6b:8a:de:da:fd:1b:8c:41:e2:0f:eb:35:11:6e: 2a:f3:08:e9:20:bc:f5:72:d9:84:47:49:42:c3:ee: 17:2b:90:ac:90:19:91:db:5d:e3:6f:1c:30:04:79: 70:27:db:fc:a2:06:40:c7:20:ed:6a:ae:bc:4e:d8: ad:ee:24:c7:0b:77:b8:a3:88:05:fb:a8:73:75:9e: b1:15:20:1a:23:bd:7e:18:72:77:00:fb:82:3a:11: 4b:6b:b0:cc:08:cb:ab:4c:59:fd:70:d0:59:ad:38: a3:4c:2b:c3:fc:24:25:a5:5e:84:23:80:e3:67:a6: dc:51:6d:49:04:06:a0:34:ad:e1:20:cf:21:38:99: 4d:e4:c1:76:05:50:54:d0:6d:60:af:40:7b:e5:cf: e1:56:02:b0:2c:68:13:f1:e6:78:98:b0:2c:2b:0a: c6:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:DC:4A:8F:EF:DC:2D:7B:06:B2:15:4B:06:43:6F:F6:62:48:D5:75 X509v3 Authority Key Identifier: keyid:AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:39:4b:fd:1c:f6:c7:4b:f5:73:f9:d4:f9:65:28:6c:26:e0: 38:7d:b8:a4:11:d3:82:31:cf:9a:3a:48:57:6f:71:04:e7:09: 57:cb:1f:0c:dc:65:0f:c4:2e:e1:b1:ee:28:d2:e3:20:93:1a: 9f:5b:50:ee:03:1d:f6:25:dc:3d:df:9a:ff:97:37:d8:dd:72: 31:b3:b4:c7:23:8d:48:e4:c9:61:8e:c2:9a:bb:18:3c:0c:55: 8c:84:12:a6:3a:52:50:b3:d6:b7:90:da:d4:e3:35:c3:03:36: 97:3a:9f:dc:33:50:bf:46:1f:ce:e4:b9:ea:02:1c:76:d4:a7: 35:90:6b:a9:e3:82:f0:b3:13:6a:24:49:97:5e:c7:2d:a5:fa: 7f:c6:42:1e:8b:3d:ea:28:f3:e7:03:48:4f:3e:fb:1f:d6:1e: 9f:af:a2:46:7d:ab:5c:7e:f9:ad:d0:07:c9:bb:8b:34:04:3d: b5:09:8d:b7:e2:b4:3c:1c:99:2a:83:2c:d8:d7:89:a4:e9:11: 1a:aa:8e:14:ea:05:79:7e:33:a1:09:6a:b0:49:db:78:f5:c5: fe:a8:64:85:ef:08:87:80:e3:02:4a:c9:8c:2f:e2:c7:88:ad: 36:e4:66:27:f3:87:e6:21:3b:bb:58:45:29:2c:8d:f2:97:35: 9a:04:13:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZty/lRwhNJCVEjpBiVXwOE1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmOWIyY2VmZTM4OWExYWU0OTc1NmVkYzJiMzI5M2U1ODgz MGNiODIwHhcNMjUxMjMxMDYwMDI4WhcNMjYwMTAxMDYwMDI4WjAzMTEwLwYDVQQD EygwMGRjNGE4ZmVmZGMyZDdiMDZiMjE1NGIwNjQzNmZmNjYyNDhkNTc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLRS32B8RgJCpFEkZorn8Nq6Tvkw bITGMP6smbII9B5qfyM9Ci7te+UGGn4Y9Z4cDecesypNhisaJcofx1oPn9+8XtBW nQ+ITeumryCzCBzzfLR4wjys8KvPa4re2v0bjEHiD+s1EW4q8wjpILz1ctmER0lC w+4XK5CskBmR213jbxwwBHlwJ9v8ogZAxyDtaq68Ttit7iTHC3e4o4gF+6hzdZ6x FSAaI71+GHJ3APuCOhFLa7DMCMurTFn9cNBZrTijTCvD/CQlpV6EI4DjZ6bcUW1J BAagNK3hIM8hOJlN5MF2BVBU0G1gr0B75c/hVgKwLGgT8eZ4mLAsKwrGcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFADcSo/v3C17BrIVSwZDb/ZiSNV1MB8GA1UdIwQY MBaAFK+bLO/jiaGuSXVu3Csyk+WIMMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEt NDY5NjE5ZDRlY2RiLzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEtNDY5NjE5ZDRlY2Ri LzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWDlL/Rz2 x0v1c/nU+WUobCbgOH24pBHTgjHPmjpIV29xBOcJV8sfDNxlD8Qu4bHuKNLjIJMa n1tQ7gMd9iXcPd+a/5c32N1yMbO0xyONSOTJYY7CmrsYPAxVjIQSpjpSULPWt5Da 1OM1wwM2lzqf3DNQv0YfzuS56gIcdtSnNZBrqeOC8LMTaiRJl17HLaX6f8ZCHos9 6ijz5wNITz77H9Yen6+iRn2rXH75rdAHybuLNAQ9tQmNt+K0PByZKoMs2NeJpOkR GqqOFOoFeX4zoQlqsEnbePXF/qhkhe8Ih4DjAkrJjC/ix4itNuRmJ/OH5iE7u1hF KSyN8pc1mgQTpw== -----END CERTIFICATE-----Generated at Wed Dec 31 09:02:43 2025 by rpki-client