This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft File: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft (raw, json) Hash identifier: ZcWZXm+x7k09bjXeMlljTts4BsEtfuU+8uelIgADCuQ= Subject key identifier: E7:EB:8A:01:95:36:7B:AF:26:F9:E1:BA:B8:BE:74:FD:E9:80:5B:77 Authority key identifier: E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32 Certificate issuer: /CN=e52cb85ca793fad565b4608e26d82a6ae27dc232 Certificate serial: 019AF35231A8CD96FA33CCCA8BD78F4DA010 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft Manifest number: 0DE7 Signing time: Sat 06 Dec 2025 11:00:41 +0000 Manifest this update: Sat 06 Dec 2025 11:00:41 +0000 Manifest next update: Sun 07 Dec 2025 11:00:41 +0000 Files and hashes: 1: 5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl (hash: H/v+FHAPJfpBqRehoSUcFSpMEB4nxFaDB7Ru5KCHI2Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:31:a8:cd:96:fa:33:cc:ca:8b:d7:8f:4d:a0:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e52cb85ca793fad565b4608e26d82a6ae27dc232 Validity Not Before: Dec 6 11:00:41 2025 GMT Not After : Dec 7 11:00:41 2025 GMT Subject: CN=e7eb8a0195367baf26f9e1bab8be74fde9805b77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:69:cc:92:18:25:c7:27:3e:e2:7b:04:dd:3a: b3:8e:8f:92:05:22:58:ce:29:fb:58:5a:74:cd:94: ae:49:fe:ed:1f:1d:70:d6:08:ae:a1:5c:6c:46:d4: c7:c1:9b:bd:63:40:10:53:1f:59:57:cb:be:1b:78: b7:de:d4:3d:e5:21:4a:ad:37:f7:9c:56:8e:fe:e4: bd:ff:5e:a8:05:1f:23:f7:8b:09:17:bf:28:d7:0a: 92:48:4d:f7:b7:1a:a7:0b:42:c5:3f:17:57:7d:16: b5:9b:17:99:ce:54:0d:be:46:0c:c0:82:37:a4:e6: ca:b6:df:05:ec:00:6d:db:da:03:54:06:ac:b8:bf: 37:2b:63:21:4f:c7:57:a0:8a:eb:9f:20:3f:d0:b0: da:cd:8c:2b:6e:2c:b7:a8:0f:c5:40:27:23:67:a0: 53:eb:b5:f2:e9:05:ec:c6:16:16:fe:51:ff:7d:d7: 3c:33:54:0e:69:c1:8a:3b:65:3c:30:dd:56:1d:f6: 9b:4e:d8:51:a3:cf:d4:74:05:b7:9e:92:4c:52:96: 26:1e:6d:99:7c:0a:67:87:a6:1c:21:83:df:63:25: 2b:4e:8c:81:e9:fe:0b:30:c8:2d:12:90:bb:2f:43: b7:fe:3e:1e:a0:a5:75:84:51:a1:b4:90:14:7f:b3: fc:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:EB:8A:01:95:36:7B:AF:26:F9:E1:BA:B8:BE:74:FD:E9:80:5B:77 X509v3 Authority Key Identifier: keyid:E5:2C:B8:5C:A7:93:FA:D5:65:B4:60:8E:26:D8:2A:6A:E2:7D:C2:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Sy4XKeT-tVltGCOJtgqauJ9wjI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/95bad9-20fe-4b8d-8f03-9c2999d09b8f/1/5Sy4XKeT-tVltGCOJtgqauJ9wjI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:1f:8b:b0:1b:a7:44:18:c6:32:56:41:c0:bd:0a:b2:02:cb: 3f:6b:81:74:48:49:24:23:8c:09:12:90:fa:9d:d8:b7:d1:37: c6:6a:02:4f:6b:cc:e6:e6:e2:a6:b1:b0:51:da:5a:30:c9:8d: 91:63:11:6f:fa:d6:a6:80:fa:3f:0d:b9:c1:72:ad:1f:5f:73: 96:27:ab:6b:65:69:0a:8a:2b:c8:36:25:71:c8:47:b0:7f:9f: ac:e4:4a:26:a2:0b:da:59:cd:86:bf:e1:bf:1d:06:0c:84:02: 9e:d1:81:0a:54:77:ea:77:c4:ef:74:ed:94:98:5f:7b:ae:ba: ab:d5:69:66:2c:98:e5:dd:48:5b:58:4e:0d:d8:4b:91:f0:cd: aa:23:f6:a7:a8:2a:d8:25:53:38:01:d5:de:74:4f:4c:a7:a2: df:64:40:70:f9:26:99:74:8f:c8:76:b0:26:88:d5:1d:50:84: 94:9a:94:70:5b:44:0e:e4:e8:c6:8b:40:4b:12:31:2e:2f:b3: 43:07:af:f7:ba:9a:06:57:f0:ba:eb:62:9a:75:72:41:0b:1a: 68:47:87:79:d8:c7:ad:bd:e7:ad:ee:19:42:01:f6:93:71:78: fe:30:10:ea:b2:f6:1c:ad:5e:da:1f:b0:95:a3:78:12:dd:c8: 0b:a2:c6:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUjGozZb6M8zKi9ePTaAQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1MmNiODVjYTc5M2ZhZDU2NWI0NjA4ZTI2ZDgyYTZhZTI3 ZGMyMzIwHhcNMjUxMjA2MTEwMDQxWhcNMjUxMjA3MTEwMDQxWjAzMTEwLwYDVQQD EyhlN2ViOGEwMTk1MzY3YmFmMjZmOWUxYmFiOGJlNzRmZGU5ODA1Yjc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2nMkhglxyc+4nsE3Tqzjo+SBSJY zin7WFp0zZSuSf7tHx1w1giuoVxsRtTHwZu9Y0AQUx9ZV8u+G3i33tQ95SFKrTf3 nFaO/uS9/16oBR8j94sJF78o1wqSSE33txqnC0LFPxdXfRa1mxeZzlQNvkYMwII3 pObKtt8F7ABt29oDVAasuL83K2MhT8dXoIrrnyA/0LDazYwrbiy3qA/FQCcjZ6BT 67Xy6QXsxhYW/lH/fdc8M1QOacGKO2U8MN1WHfabTthRo8/UdAW3npJMUpYmHm2Z fApnh6YcIYPfYyUrToyB6f4LMMgtEpC7L0O3/j4eoKV1hFGhtJAUf7P8VwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOfrigGVNnuvJvnhuri+dP3pgFt3MB8GA1UdIwQY MBaAFOUsuFynk/rVZbRgjibYKmrifcIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMt OWMyOTk5ZDA5YjhmLzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi85NWJhZDktMjBmZS00YjhkLThmMDMtOWMyOTk5ZDA5Yjhm LzEvNVN5NFhLZVQtdFZsdEdDT0p0Z3FhdUo5d2pJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfh+LsBun RBjGMlZBwL0KsgLLP2uBdEhJJCOMCRKQ+p3Yt9E3xmoCT2vM5ubiprGwUdpaMMmN kWMRb/rWpoD6Pw25wXKtH19zliera2VpCooryDYlcchHsH+frORKJqIL2lnNhr/h vx0GDIQCntGBClR36nfE73TtlJhfe666q9VpZiyY5d1IW1hODdhLkfDNqiP2p6gq 2CVTOAHV3nRPTKei32RAcPkmmXSPyHawJojVHVCElJqUcFtEDuToxotASxIxLi+z Qwev97qaBlfwuutimnVyQQsaaEeHedjHrb3nre4ZQgH2k3F4/jAQ6rL2HK1e2h+w laN4Et3IC6LG2g== -----END CERTIFICATE-----Generated at Sat Dec 6 14:49:21 2025 by rpki-client