This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft File: sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json) Hash identifier: wltp4QJW2dNtQQ5UNsgpE6WQd/qE5T4cA0y5RHQdUxs= Subject key identifier: 76:9C:0D:38:2C:2E:24:2F:F3:2E:CE:58:45:5D:46:0E:84:7F:FF:2D Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D Certificate issuer: /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d Certificate serial: 019AF12EA374283E9303A7B7229A19ACCF3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft Manifest number: 04B5 Signing time: Sat 06 Dec 2025 01:02:36 +0000 Manifest this update: Sat 06 Dec 2025 01:02:36 +0000 Manifest next update: Sun 07 Dec 2025 01:02:36 +0000 Files and hashes: 1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: hntceCt0rk0nqL2wOkco2KpyNegrkzyijDUQaRfoneY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:a3:74:28:3e:93:03:a7:b7:22:9a:19:ac:cf:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d Validity Not Before: Dec 6 01:02:36 2025 GMT Not After : Dec 7 01:02:36 2025 GMT Subject: CN=769c0d382c2e242ff32ece58455d460e847fff2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e6:49:a1:2d:38:43:99:74:41:78:99:ac:43: 4a:dd:74:7e:32:e3:62:dd:7c:66:29:da:e1:7c:53: 81:ba:62:d9:a4:45:9a:03:fb:b3:63:79:aa:9d:3e: 8b:bd:53:88:89:19:1e:95:bf:83:b5:e9:17:bf:70: 8e:7c:b7:f6:8f:60:91:8d:2c:31:c9:f5:be:09:46: 0c:c3:f6:4d:d6:08:6b:89:92:ea:aa:67:8f:ac:23: 17:34:26:de:a8:db:f8:ba:b8:c8:08:a5:59:52:5e: 2b:7a:8e:94:29:49:ff:6f:3e:a2:4a:b8:5e:83:85: 16:a2:50:f4:94:fb:8c:53:99:27:ba:89:a9:18:69: b6:57:92:46:4e:57:95:a1:8f:a8:72:8f:5d:25:6c: 2f:97:15:a1:f5:31:92:9a:9c:54:ae:d8:b5:d2:94: e2:79:8f:e5:7e:6a:b2:14:3e:db:eb:db:ba:b0:ed: 71:39:83:db:72:8b:8d:a6:d7:27:16:5c:31:6e:a4: ca:cb:7e:09:a2:f5:48:4a:01:8c:65:07:f4:0a:76: 68:6a:bf:68:f8:fa:9c:c5:4b:3b:6b:eb:5e:7b:97: d1:06:47:54:6c:53:d3:e0:82:97:4a:1c:04:38:e3: c1:43:f7:40:32:4a:d3:c7:07:5f:a7:6f:a9:99:2b: e4:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:9C:0D:38:2C:2E:24:2F:F3:2E:CE:58:45:5D:46:0E:84:7F:FF:2D X509v3 Authority Key Identifier: keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:e6:e6:e4:7e:90:94:8f:05:ad:33:0c:99:0d:a1:38:96:77: c5:f3:c3:b0:b6:3a:1f:c3:ff:4f:6a:d0:2a:e1:50:13:3e:39: cc:0c:5f:5e:04:c8:3a:ad:1f:8d:8f:e7:10:1e:be:2e:b4:af: bf:5d:bc:d4:95:82:60:c7:d4:ae:4e:7b:2e:3c:bc:90:96:6d: df:93:f0:36:11:05:94:9b:c3:66:2c:22:20:c7:38:5d:70:c5: 22:9e:ab:44:5c:e9:ac:93:5b:24:58:24:83:17:ec:0e:f8:de: 40:96:e6:ba:1e:47:1f:08:8c:ac:09:92:9d:51:5f:f6:2e:3a: d3:0f:43:f8:05:a3:2e:71:3a:74:ac:7c:6b:6a:c0:e9:aa:e0: 6f:8a:11:f7:25:dd:f7:a3:63:98:51:82:f2:81:62:ae:fb:d1: 90:65:2e:85:7d:65:56:10:bf:1f:ae:23:92:39:c2:ae:e1:3b: bd:17:78:83:50:62:1c:39:aa:8c:5a:cc:64:ef:f1:81:bb:f8: 86:91:8e:dd:9b:4c:fa:93:73:31:e4:42:b9:1d:33:99:67:ed: 53:64:6b:0a:06:bf:9f:45:ca:df:50:e4:39:43:3e:2c:f4:6c: 2d:bb:74:ac:3e:95:f2:b9:e5:b1:00:b2:16:8b:7b:7f:c8:bf: 53:ca:5a:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLqN0KD6TA6e3IpoZrM86MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4 OWYxNmQwHhcNMjUxMjA2MDEwMjM2WhcNMjUxMjA3MDEwMjM2WjAzMTEwLwYDVQQD Eyg3NjljMGQzODJjMmUyNDJmZjMyZWNlNTg0NTVkNDYwZTg0N2ZmZjJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOZJoS04Q5l0QXiZrENK3XR+MuNi 3XxmKdrhfFOBumLZpEWaA/uzY3mqnT6LvVOIiRkelb+DtekXv3COfLf2j2CRjSwx yfW+CUYMw/ZN1ghriZLqqmePrCMXNCbeqNv4urjICKVZUl4reo6UKUn/bz6iSrhe g4UWolD0lPuMU5knuompGGm2V5JGTleVoY+oco9dJWwvlxWh9TGSmpxUrti10pTi eY/lfmqyFD7b69u6sO1xOYPbcouNptcnFlwxbqTKy34JovVISgGMZQf0CnZoar9o +PqcxUs7a+tee5fRBkdUbFPT4IKXShwEOOPBQ/dAMkrTxwdfp2+pmSvkgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHacDTgsLiQv8y7OWEVdRg6Ef/8tMB8GA1UdIwQY MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGObm5H6Q lI8FrTMMmQ2hOJZ3xfPDsLY6H8P/T2rQKuFQEz45zAxfXgTIOq0fjY/nEB6+LrSv v1281JWCYMfUrk57Ljy8kJZt35PwNhEFlJvDZiwiIMc4XXDFIp6rRFzprJNbJFgk gxfsDvjeQJbmuh5HHwiMrAmSnVFf9i460w9D+AWjLnE6dKx8a2rA6argb4oR9yXd 96NjmFGC8oFirvvRkGUuhX1lVhC/H64jkjnCruE7vRd4g1BiHDmqjFrMZO/xgbv4 hpGO3ZtM+pNzMeRCuR0zmWftU2RrCga/n0XK31DkOUM+LPRsLbt0rD6V8rnlsQCy Fot7f8i/U8pahg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:30 2025 by rpki-client