This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft File: X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json) Hash identifier: As/Vr0mGP/MToVynsTcvS7M1Z5X6p3lDrqaMZ0BbSHg= Subject key identifier: B4:97:83:DD:9D:1C:08:84:DF:5D:D1:EC:EE:D6:E5:3A:FA:FD:26:FC Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A Certificate issuer: /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a Certificate serial: 019AF31B55984805E58DAFDF677A5EF50A8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft Manifest number: 0254 Signing time: Sat 06 Dec 2025 10:00:46 +0000 Manifest this update: Sat 06 Dec 2025 10:00:46 +0000 Manifest next update: Sun 07 Dec 2025 10:00:46 +0000 Files and hashes: 1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: VA3E1BAXkxUS5Mxd61+MknMKrITi0pFDyrA6RXohhxA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:55:98:48:05:e5:8d:af:df:67:7a:5e:f5:0a:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a Validity Not Before: Dec 6 10:00:46 2025 GMT Not After : Dec 7 10:00:46 2025 GMT Subject: CN=b49783dd9d1c0884df5dd1eceed6e53afafd26fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ee:94:10:d3:6d:dc:a3:37:86:e0:9e:ec:d3: 74:e8:b5:3e:d5:13:22:5e:04:e1:d5:ca:61:e4:c4: 63:1b:76:cb:1d:df:93:4e:97:80:59:29:47:d3:47: e4:92:e0:56:43:0b:9d:fb:a1:23:ad:60:e7:38:de: 32:04:b8:9a:2b:1b:27:b9:e4:f2:90:49:ad:38:13: 43:44:dc:95:d5:5f:fd:55:b1:35:be:b8:50:b7:61: 91:c5:60:5b:a9:46:c0:07:de:b8:ec:98:a9:8f:26: 36:b4:40:b9:52:a7:9b:00:ee:b2:ff:b1:fd:3f:b6: e2:11:8a:2a:9f:16:ad:f9:92:10:4b:8d:bf:29:31: 4e:e4:fc:15:f3:a8:23:4c:11:94:7e:13:19:a6:c1: 7d:0a:30:06:77:7f:ea:70:c8:98:34:3f:9b:45:12: 05:f7:63:5a:17:f1:cd:f4:21:04:fa:91:fd:a9:21: 24:bf:99:21:ee:c5:9e:7d:f4:a3:6b:00:bf:e6:8e: eb:78:aa:08:03:18:57:4a:a4:15:aa:61:49:1d:a6: c7:b9:11:6b:af:04:95:08:f3:c1:98:ae:1b:a8:2f: 09:89:f0:c5:e8:18:0b:be:df:3d:12:f3:d0:71:d6: d5:c6:36:38:12:5b:58:f9:6d:c0:4d:5c:48:c0:54: 1c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:97:83:DD:9D:1C:08:84:DF:5D:D1:EC:EE:D6:E5:3A:FA:FD:26:FC X509v3 Authority Key Identifier: keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:a9:f0:f4:a6:72:37:d9:52:5b:f8:32:a8:2e:60:59:fc:b5: 63:1c:b2:c1:af:9f:5a:05:44:16:61:cd:20:3e:f0:7d:b2:20: 9a:0d:bb:7d:89:1e:de:e3:f7:cd:9a:70:51:c0:5b:97:5b:dc: e2:c4:92:db:85:9d:a4:c7:eb:91:19:6d:22:fa:72:b9:a4:5a: 55:88:ec:97:85:7c:39:0f:c3:bc:98:6f:c6:77:ff:cf:3a:6f: e4:be:a1:06:bc:9d:e2:0a:b0:8a:20:b3:2f:0f:7b:03:55:41: 10:66:40:ae:7e:54:c9:cf:43:c1:e0:5e:1a:4d:4c:dc:1b:a9: d5:f9:55:68:4b:6f:e0:d1:d0:0a:66:96:2b:9b:a7:05:5b:7b: c4:a1:43:bf:62:b2:3b:9c:51:7e:5d:cf:24:5f:d7:72:df:bc: 63:ad:17:07:7f:90:42:27:8e:5c:28:de:85:b3:b4:07:40:4c: 54:0c:56:f1:62:3e:d1:90:58:95:31:9c:1f:05:d7:35:6e:a4: 07:72:49:83:5a:00:ee:f6:ea:0b:7b:a7:01:73:ca:da:4b:01: 70:69:07:a0:d6:20:c0:ac:04:48:1f:77:47:e8:5c:c7:62:13: df:56:b9:c3:75:d8:dc:07:aa:86:fb:c3:4b:d6:96:17:87:37: 79:d4:05:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG1WYSAXlja/fZ3pe9QqOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy OTRiN2EwHhcNMjUxMjA2MTAwMDQ2WhcNMjUxMjA3MTAwMDQ2WjAzMTEwLwYDVQQD EyhiNDk3ODNkZDlkMWMwODg0ZGY1ZGQxZWNlZWQ2ZTUzYWZhZmQyNmZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+6UENNt3KM3huCe7NN06LU+1RMi XgTh1cph5MRjG3bLHd+TTpeAWSlH00fkkuBWQwud+6EjrWDnON4yBLiaKxsnueTy kEmtOBNDRNyV1V/9VbE1vrhQt2GRxWBbqUbAB9647JipjyY2tEC5UqebAO6y/7H9 P7biEYoqnxat+ZIQS42/KTFO5PwV86gjTBGUfhMZpsF9CjAGd3/qcMiYND+bRRIF 92NaF/HN9CEE+pH9qSEkv5kh7sWeffSjawC/5o7reKoIAxhXSqQVqmFJHabHuRFr rwSVCPPBmK4bqC8JifDF6BgLvt89EvPQcdbVxjY4EltY+W3ATVxIwFQcUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLSXg92dHAiE313R7O7W5Tr6/Sb8MB8GA1UdIwQY MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAManw9KZy N9lSW/gyqC5gWfy1Yxyywa+fWgVEFmHNID7wfbIgmg27fYke3uP3zZpwUcBbl1vc 4sSS24WdpMfrkRltIvpyuaRaVYjsl4V8OQ/DvJhvxnf/zzpv5L6hBryd4gqwiiCz Lw97A1VBEGZArn5Uyc9DweBeGk1M3Bup1flVaEtv4NHQCmaWK5unBVt7xKFDv2Ky O5xRfl3PJF/Xct+8Y60XB3+QQieOXCjehbO0B0BMVAxW8WI+0ZBYlTGcHwXXNW6k B3JJg1oA7vbqC3unAXPK2ksBcGkHoNYgwKwESB93R+hcx2IT31a5w3XY3AeqhvvD S9aWF4c3edQF1Q== -----END CERTIFICATE-----Generated at Sat Dec 6 18:37:43 2025 by rpki-client