This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft File: 5cfDmlkS3cIen2tRmJZyV2ISeDM.mft (raw, json) Hash identifier: LKtypFjq6rG6gdoq950jp7f1+lFSP264RV+8JJagBj8= Subject key identifier: E8:A3:98:DA:DE:D9:B4:A2:E6:49:DD:F2:B2:28:80:72:E5:80:99:45 Authority key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33 Certificate issuer: /CN=e5c7c39a5912ddc21e9f6b519896725762127833 Certificate serial: 019B30E7A2142B23212298DF12FD648A79A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft Manifest number: 02FC Signing time: Thu 18 Dec 2025 10:00:45 +0000 Manifest this update: Thu 18 Dec 2025 10:00:45 +0000 Manifest next update: Fri 19 Dec 2025 10:00:45 +0000 Files and hashes: 1: 5cfDmlkS3cIen2tRmJZyV2ISeDM.crl (hash: HrqpvL+YAb4RoZ2xS5wp/J+Zr7j1b9uX304XL+1Zjvo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 10:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e7:a2:14:2b:23:21:22:98:df:12:fd:64:8a:79:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e5c7c39a5912ddc21e9f6b519896725762127833 Validity Not Before: Dec 18 10:00:45 2025 GMT Not After : Dec 19 10:00:45 2025 GMT Subject: CN=e8a398daded9b4a2e649ddf2b2288072e5809945 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ff:15:aa:d7:18:8f:b8:68:b3:56:fb:33:69: a5:17:fa:65:03:ce:68:3d:c2:4f:90:37:b4:fd:16: 9d:80:1a:f9:89:cc:b7:a9:35:f9:69:29:13:c5:38: 46:6d:c2:f7:06:92:8d:a2:12:65:56:a0:e7:b0:d2: 49:37:17:68:c9:b9:ae:b5:c1:97:57:42:b3:11:c6: 10:19:1b:e6:1e:06:8c:10:ac:14:a8:89:aa:28:e3: b9:e7:b8:74:dd:43:28:eb:39:1f:11:e6:0e:a4:16: b5:f5:79:2f:0a:77:6f:cc:6f:b3:4a:3e:2f:63:64: b2:6e:b7:e0:f7:8c:7d:3a:e7:ad:82:72:db:f0:0a: 42:97:b8:8a:c0:29:3c:f1:c5:ec:c2:76:eb:21:7a: 8d:52:05:68:2a:8e:9a:8f:b2:fe:6d:eb:3d:e1:c7: 47:9f:73:75:67:64:ec:c8:f3:22:ef:c2:6e:9c:ee: eb:26:0f:f7:79:39:65:df:88:b3:8a:e0:8e:55:d9: bf:3c:14:60:e4:ed:dc:f2:41:2f:f6:72:82:e0:e8: b9:bf:0d:8f:f3:fd:58:67:e9:8d:50:19:ee:e4:f7: 03:7d:f9:8e:a9:d6:b1:9a:a7:7f:56:76:8a:85:7f: 9c:c9:a6:03:95:cc:e0:f8:d3:0f:0e:a0:e6:50:71: ec:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:A3:98:DA:DE:D9:B4:A2:E6:49:DD:F2:B2:28:80:72:E5:80:99:45 X509v3 Authority Key Identifier: keyid:E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d1:98:10:c2:98:31:f8:a7:91:11:ae:29:d1:7b:a9:4b:ed:71: 30:74:e4:35:51:f6:0e:70:73:c3:b7:b9:07:d7:4c:87:df:fc: cb:0f:44:1b:55:4d:53:1c:f1:a2:fb:ca:49:72:a8:6d:44:65: 06:e0:9f:3f:5f:a7:3d:e2:b8:73:e7:f6:b9:38:9f:92:73:dd: f9:ca:da:b2:96:59:22:e0:a4:a6:bc:5e:a1:a4:30:ba:a4:5b: 5e:7a:d0:0f:98:52:8e:98:aa:2e:c5:c5:28:4f:06:9f:69:51: a8:3d:de:5e:be:8d:63:45:06:8b:1c:d5:c5:fa:2f:fa:8b:cb: 73:db:48:2a:21:76:d9:89:6e:db:25:38:d8:0b:3b:19:d2:53: 85:0a:e3:37:27:5e:06:74:e4:0b:12:cc:8d:23:90:b7:c2:1a: 14:b1:7f:a4:41:3f:03:72:95:89:d2:a5:35:94:9b:a9:e3:50: 3d:b7:f6:36:90:e5:cb:ec:a7:af:d5:5f:58:c1:9d:ce:b0:20: 08:83:47:28:73:22:05:30:c5:ba:a1:08:a5:34:ff:e9:25:d5: c1:10:31:fa:fe:c7:bd:5f:fb:0e:2a:b6:be:74:12:41:80:1e: ce:48:e9:08:a0:b1:cd:4f:94:a9:87:58:4f:2c:01:c5:c9:a7: 63:35:06:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw56IUKyMhIpjfEv1kinmjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1YzdjMzlhNTkxMmRkYzIxZTlmNmI1MTk4OTY3MjU3NjIx Mjc4MzMwHhcNMjUxMjE4MTAwMDQ1WhcNMjUxMjE5MTAwMDQ1WjAzMTEwLwYDVQQD EyhlOGEzOThkYWRlZDliNGEyZTY0OWRkZjJiMjI4ODA3MmU1ODA5OTQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/8VqtcYj7hos1b7M2mlF/plA85o PcJPkDe0/RadgBr5icy3qTX5aSkTxThGbcL3BpKNohJlVqDnsNJJNxdoybmutcGX V0KzEcYQGRvmHgaMEKwUqImqKOO557h03UMo6zkfEeYOpBa19XkvCndvzG+zSj4v Y2Sybrfg94x9OuetgnLb8ApCl7iKwCk88cXswnbrIXqNUgVoKo6aj7L+bes94cdH n3N1Z2TsyPMi78JunO7rJg/3eTll34iziuCOVdm/PBRg5O3c8kEv9nKC4Oi5vw2P 8/1YZ+mNUBnu5PcDffmOqdaxmqd/VnaKhX+cyaYDlczg+NMPDqDmUHHsLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOijmNre2bSi5knd8rIogHLlgJlFMB8GA1UdIwQY MBaAFOXHw5pZEt3CHp9rUZiWcldiEngzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQt MzhmODY0YTM0Yjc4LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQtMzhmODY0YTM0Yjc4 LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0ZgQwpgx +KeREa4p0XupS+1xMHTkNVH2DnBzw7e5B9dMh9/8yw9EG1VNUxzxovvKSXKobURl BuCfP1+nPeK4c+f2uTifknPd+craspZZIuCkprxeoaQwuqRbXnrQD5hSjpiqLsXF KE8Gn2lRqD3eXr6NY0UGixzVxfov+ovLc9tIKiF22Ylu2yU42As7GdJThQrjNyde BnTkCxLMjSOQt8IaFLF/pEE/A3KVidKlNZSbqeNQPbf2NpDly+ynr9VfWMGdzrAg CINHKHMiBTDFuqEIpTT/6SXVwRAx+v7HvV/7Diq2vnQSQYAezkjpCKCxzU+UqYdY TywBxcmnYzUGcQ== -----END CERTIFICATE-----Generated at Thu Dec 18 18:31:05 2025 by rpki-client