This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft File: 5PFY7_xrOIKiWQweaQasoQjhjsI.mft (raw, json) Hash identifier: L3OSL2DEIstntiiS3Ro1qGPIhppBQqlNwV3AhVWUo/0= Subject key identifier: 30:FA:3B:8E:AF:EF:AD:E8:8C:D0:1F:F0:D9:BD:6D:EC:05:13:94:D8 Authority key identifier: E4:F1:58:EF:FC:6B:38:82:A2:59:0C:1E:69:06:AC:A1:08:E1:8E:C2 Certificate issuer: /CN=e4f158effc6b3882a2590c1e6906aca108e18ec2 Certificate serial: 019B3B6BB08EE8D8E5C2DD5BFF6EA31E8E5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PFY7_xrOIKiWQweaQasoQjhjsI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft Manifest number: 0D8E Signing time: Sat 20 Dec 2025 11:01:11 +0000 Manifest this update: Sat 20 Dec 2025 11:01:11 +0000 Manifest next update: Sun 21 Dec 2025 11:01:11 +0000 Files and hashes: 1: 5JIFCgXWGmsw1HA5JtADF-b1eJ4.roa (hash: kqtxwSPKoLsi1ph5t4VnO3iKewevISmebmIE1RpFWLg=) 2: 5PFY7_xrOIKiWQweaQasoQjhjsI.crl (hash: hbiY2Ag/XpntvBQz1q5YxuOJ8N/SaD+dPiiVRduSAZE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft rsync://rpki.ripe.net/repository/DEFAULT/5PFY7_xrOIKiWQweaQasoQjhjsI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 11:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:b0:8e:e8:d8:e5:c2:dd:5b:ff:6e:a3:1e:8e:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e4f158effc6b3882a2590c1e6906aca108e18ec2 Validity Not Before: Dec 20 11:01:11 2025 GMT Not After : Dec 21 11:01:11 2025 GMT Subject: CN=30fa3b8eafefade88cd01ff0d9bd6dec051394d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:6c:cb:54:ca:55:ab:cc:49:bb:94:7f:a6:ad: d3:84:b9:3d:c2:7b:dd:ab:10:d3:9d:84:07:84:dd: 70:c0:c0:2c:a9:01:3a:72:a2:51:47:02:08:58:f2: 5b:dc:82:1b:8f:5c:b7:00:4d:00:fa:c2:d7:fc:3b: 7d:0a:10:27:45:84:e2:69:a1:1d:3e:40:af:bb:c5: 56:71:a5:46:45:c5:44:40:8e:70:9c:12:53:12:62: 7d:9e:0c:ad:de:37:17:14:63:a7:b5:01:24:6a:bc: 2b:c7:77:02:c5:69:83:5b:47:7f:91:9f:43:8b:ba: f3:ae:b3:32:58:56:7f:a4:ca:f3:15:09:f9:14:c3: cd:22:b5:61:7d:ab:7d:92:8d:1c:13:ec:ce:b8:3c: a4:0b:63:0e:e8:cb:7b:11:38:f5:4a:3e:45:4b:b3: 94:41:0d:c5:ac:d4:fc:35:00:c1:f5:c2:50:4f:4e: 00:8b:ed:c8:f6:24:d0:af:38:05:85:99:2f:70:15: 47:ad:74:07:4c:7a:07:bf:aa:bc:fd:6a:fe:25:56: ac:05:a0:1b:79:ec:df:bf:b0:0b:c9:84:11:5b:39: f0:fa:b7:e9:3d:d1:4d:62:1b:75:f7:1e:4a:98:73: 35:ce:80:04:09:ba:00:75:a3:15:a9:0e:2f:8f:34: 74:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:FA:3B:8E:AF:EF:AD:E8:8C:D0:1F:F0:D9:BD:6D:EC:05:13:94:D8 X509v3 Authority Key Identifier: keyid:E4:F1:58:EF:FC:6B:38:82:A2:59:0C:1E:69:06:AC:A1:08:E1:8E:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PFY7_xrOIKiWQweaQasoQjhjsI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:a9:26:26:ba:fb:f8:cf:a7:13:9e:ea:26:07:a3:b3:a0:46: d2:c1:44:ec:e2:bb:c1:3e:99:46:5a:35:34:b1:48:43:3f:e9: c1:6a:73:b2:32:84:e9:45:1f:f6:47:ee:15:87:c4:57:8d:90: f5:82:2d:10:49:3b:3e:3b:fc:50:eb:ba:69:81:b4:60:b5:b6: 02:33:33:5c:ed:a3:f2:67:d6:6c:07:7c:c2:f3:a4:a6:cd:c1: 9f:e4:1d:46:0d:39:87:b2:0b:8b:ab:33:fb:96:fe:da:3c:c6: 75:9f:a1:56:c8:f9:f0:ff:dc:66:29:89:ce:dd:87:a2:5e:49: 28:7c:a8:8b:74:0d:b4:56:8f:f2:58:25:9a:df:a6:1d:47:06: 31:7e:8b:bc:5a:ec:e8:e6:b3:5b:dc:0c:ec:d2:34:50:ad:13: ff:a5:0c:f6:75:b9:ec:ca:5c:f3:c1:e1:98:04:80:b4:bb:b0: 49:5f:65:a7:1a:62:1c:49:e5:50:43:0c:c5:27:56:52:92:17: 3b:af:0b:49:6a:ef:1e:dd:50:69:bd:06:58:74:ca:2c:62:c5: 4c:c1:b6:9a:f7:21:87:33:d5:5a:1e:a7:a1:de:87:ff:52:99: ee:53:d2:43:39:81:4c:5e:b2:6f:56:98:41:75:00:11:17:d5: 2a:55:80:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7a7CO6Njlwt1b/26jHo5fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0ZjE1OGVmZmM2YjM4ODJhMjU5MGMxZTY5MDZhY2ExMDhl MThlYzIwHhcNMjUxMjIwMTEwMTExWhcNMjUxMjIxMTEwMTExWjAzMTEwLwYDVQQD EygzMGZhM2I4ZWFmZWZhZGU4OGNkMDFmZjBkOWJkNmRlYzA1MTM5NGQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmzLVMpVq8xJu5R/pq3ThLk9wnvd qxDTnYQHhN1wwMAsqQE6cqJRRwIIWPJb3IIbj1y3AE0A+sLX/Dt9ChAnRYTiaaEd PkCvu8VWcaVGRcVEQI5wnBJTEmJ9ngyt3jcXFGOntQEkarwrx3cCxWmDW0d/kZ9D i7rzrrMyWFZ/pMrzFQn5FMPNIrVhfat9ko0cE+zOuDykC2MO6Mt7ETj1Sj5FS7OU QQ3FrNT8NQDB9cJQT04Ai+3I9iTQrzgFhZkvcBVHrXQHTHoHv6q8/Wr+JVasBaAb eezfv7ALyYQRWznw+rfpPdFNYht19x5KmHM1zoAECboAdaMVqQ4vjzR0xwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDD6O46v763ojNAf8Nm9bewFE5TYMB8GA1UdIwQY MBaAFOTxWO/8aziColkMHmkGrKEI4Y7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVBGWTdfeHJPSUtpV1F3ZWFRYXNvUWpoanNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84M2MwMGUtZjQxNC00ODlkLTk0NzAt YzY5MzI0OTY1MWQ1LzEvNVBGWTdfeHJPSUtpV1F3ZWFRYXNvUWpoanNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi84M2MwMGUtZjQxNC00ODlkLTk0NzAtYzY5MzI0OTY1MWQ1 LzEvNVBGWTdfeHJPSUtpV1F3ZWFRYXNvUWpoanNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJakmJrr7 +M+nE57qJgejs6BG0sFE7OK7wT6ZRlo1NLFIQz/pwWpzsjKE6UUf9kfuFYfEV42Q 9YItEEk7Pjv8UOu6aYG0YLW2AjMzXO2j8mfWbAd8wvOkps3Bn+QdRg05h7ILi6sz +5b+2jzGdZ+hVsj58P/cZimJzt2Hol5JKHyoi3QNtFaP8lglmt+mHUcGMX6LvFrs 6OazW9wM7NI0UK0T/6UM9nW57Mpc88HhmASAtLuwSV9lpxpiHEnlUEMMxSdWUpIX O68LSWrvHt1Qab0GWHTKLGLFTMG2mvchhzPVWh6nod6H/1KZ7lPSQzmBTF6yb1aY QXUAERfVKlWA4Q== -----END CERTIFICATE-----Generated at Sat Dec 20 20:30:19 2025 by rpki-client