This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft File: tF5iJw0g-UZ6avx4lj28-4D79So.mft (raw, json) Hash identifier: G9sGV3SGKQazIxtSPGdM1IhR1s5E3Dk0HIP5IrcGnXk= Subject key identifier: 36:27:2B:12:59:4A:18:D6:46:46:45:9F:88:5C:39:D3:45:AD:0E:13 Authority key identifier: B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A Certificate issuer: /CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a Certificate serial: 019AF31B210CA0790F9C15ED0E01CB4FE686 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft Manifest number: 0EE1 Signing time: Sat 06 Dec 2025 10:00:32 +0000 Manifest this update: Sat 06 Dec 2025 10:00:32 +0000 Manifest next update: Sun 07 Dec 2025 10:00:32 +0000 Files and hashes: 1: tF5iJw0g-UZ6avx4lj28-4D79So.crl (hash: lWSgRatNioVoJ5D1JpV55letdOBWswc/eMaQWyr6hAI=) 2: uvCFX9itk7RPxPZl6lvvghFjg1E.roa (hash: P3N8o135VPbcqFaS3kCnXkMSVi3GCBY96T9QuQyMyig=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.crl rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:21:0c:a0:79:0f:9c:15:ed:0e:01:cb:4f:e6:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a Validity Not Before: Dec 6 10:00:32 2025 GMT Not After : Dec 7 10:00:32 2025 GMT Subject: CN=36272b12594a18d64646459f885c39d345ad0e13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:7c:7c:99:aa:a7:ed:2a:ee:76:d9:22:bf:97: 09:73:bb:c2:08:01:a6:29:e4:e5:ff:d5:1b:ed:2b: bc:7a:14:40:55:a9:3c:81:1c:b9:34:7a:cd:ce:0d: 4f:ab:cb:ad:05:8c:63:08:22:54:1d:88:d9:49:2a: 36:30:9c:27:b2:77:8d:90:50:41:6d:57:3b:4a:e6: b4:40:70:c0:5c:22:ad:95:17:a7:4e:31:f2:6a:cd: 14:36:af:a1:0f:15:14:9d:2e:7e:72:62:a3:51:4c: 25:91:02:4f:5f:13:79:e8:f9:17:da:ba:83:6b:7b: 7f:b4:94:71:33:50:af:33:a4:84:3c:74:08:f1:f4: c6:05:8c:70:8e:53:90:bc:44:a9:50:cf:f6:79:b3: 26:be:4e:d9:26:a6:0e:1a:d1:f5:be:92:94:e1:48: 90:e5:96:8b:bc:71:1e:6a:83:e3:97:55:76:a2:e4: fc:75:f6:1b:91:33:b6:fe:85:e3:b8:de:44:b2:f2: 43:0b:6e:85:06:3c:ab:4d:94:81:b9:cc:1d:a9:a2: e9:6c:2f:96:ed:7b:6c:23:54:74:26:b7:13:e3:ca: 50:8f:d6:54:7f:0b:a8:1e:57:a2:df:12:b5:88:ce: 81:e6:9e:b4:e5:9e:ae:0f:b6:64:4e:46:82:f2:24: d7:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:27:2B:12:59:4A:18:D6:46:46:45:9F:88:5C:39:D3:45:AD:0E:13 X509v3 Authority Key Identifier: keyid:B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:97:ec:63:28:6e:18:f4:83:c8:0a:d7:4b:fe:da:65:54:eb: a7:08:7c:76:95:9c:6c:4e:2a:0b:41:4c:14:bc:67:10:f9:4f: 28:a3:8a:65:d6:2e:4e:1c:fd:30:2b:cb:73:3d:bd:e0:44:5e: 66:37:0a:2f:ce:33:72:79:4d:c8:77:c6:d2:f6:d7:ef:95:13: f2:6a:f5:73:4a:d7:c4:81:81:a4:b9:71:17:7b:7a:74:23:e5: 42:bb:e0:c8:f1:cc:9b:d0:5f:fd:ca:8e:3e:ec:57:53:45:1e: 72:09:e9:3d:35:f1:66:b6:7b:29:85:a5:e3:a5:a1:17:a0:e4: a9:e8:a3:5a:12:fa:4c:bf:d5:96:0a:45:70:d0:a8:34:48:96: 5e:5f:62:d1:e8:9b:64:41:7b:94:5b:d0:a9:f3:d1:b0:a0:dd: 7b:d2:21:32:c0:02:d7:4c:d9:e0:a4:ab:04:9e:a0:a6:ce:ea: c3:cc:cf:78:f3:01:33:86:4c:c9:3e:8a:c1:ee:0b:d5:74:71: 5d:01:59:fa:ec:84:f7:a7:b0:22:e9:79:41:49:9d:f1:8f:3a: 0b:63:21:31:57:de:d3:a6:6b:2b:fd:b0:c6:4d:8d:6c:5b:29: b6:a7:81:cd:35:7f:71:a0:b3:d4:87:17:3d:e4:c5:5b:f8:9c: 60:de:3d:5c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGyEMoHkPnBXtDgHLT+aGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NWU2MjI3MGQyMGY5NDY3YTZhZmM3ODk2M2RiY2ZiODBm YmY1MmEwHhcNMjUxMjA2MTAwMDMyWhcNMjUxMjA3MTAwMDMyWjAzMTEwLwYDVQQD EygzNjI3MmIxMjU5NGExOGQ2NDY0NjQ1OWY4ODVjMzlkMzQ1YWQwZTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXx8maqn7Srudtkiv5cJc7vCCAGm KeTl/9Ub7Su8ehRAVak8gRy5NHrNzg1Pq8utBYxjCCJUHYjZSSo2MJwnsneNkFBB bVc7Sua0QHDAXCKtlRenTjHyas0UNq+hDxUUnS5+cmKjUUwlkQJPXxN56PkX2rqD a3t/tJRxM1CvM6SEPHQI8fTGBYxwjlOQvESpUM/2ebMmvk7ZJqYOGtH1vpKU4UiQ 5ZaLvHEeaoPjl1V2ouT8dfYbkTO2/oXjuN5EsvJDC26FBjyrTZSBucwdqaLpbC+W 7XtsI1R0JrcT48pQj9ZUfwuoHlei3xK1iM6B5p605Z6uD7ZkTkaC8iTXNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDYnKxJZShjWRkZFn4hcOdNFrQ4TMB8GA1UdIwQY MBaAFLReYicNIPlGemr8eJY9vPuA+/UqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEt MDU5NjI5NmYxMmRlLzEvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEtMDU5NjI5NmYxMmRl LzEvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH5fsYyhu GPSDyArXS/7aZVTrpwh8dpWcbE4qC0FMFLxnEPlPKKOKZdYuThz9MCvLcz294ERe ZjcKL84zcnlNyHfG0vbX75UT8mr1c0rXxIGBpLlxF3t6dCPlQrvgyPHMm9Bf/cqO PuxXU0UecgnpPTXxZrZ7KYWl46WhF6DkqeijWhL6TL/VlgpFcNCoNEiWXl9i0eib ZEF7lFvQqfPRsKDde9IhMsAC10zZ4KSrBJ6gps7qw8zPePMBM4ZMyT6Kwe4L1XRx XQFZ+uyE96ewIul5QUmd8Y86C2MhMVfe06ZrK/2wxk2NbFsptqeBzTV/caCz1IcX PeTFW/icYN49XA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:04:34 2025 by rpki-client