This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft File: US4nvokbGeypvOtT5NwjfFo1Vpc.mft (raw, json) Hash identifier: 3mAdcr+mZXhUY1h35K10hOtUA0nANHwR6xT8V98akV4= Subject key identifier: DB:96:E2:26:3E:5D:21:EB:9F:68:EF:9A:94:15:77:3D:F7:1A:83:7D Authority key identifier: 51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97 Certificate issuer: /CN=512e27be891b19eca9bceb53e4dc237c5a355697 Certificate serial: 019AF2AD672C39AFBE1E4505DF1694E4C6A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft Manifest number: 0D5E Signing time: Sat 06 Dec 2025 08:00:41 +0000 Manifest this update: Sat 06 Dec 2025 08:00:41 +0000 Manifest next update: Sun 07 Dec 2025 08:00:41 +0000 Files and hashes: 1: US4nvokbGeypvOtT5NwjfFo1Vpc.crl (hash: 8PmVVrqX0OvRLDkHx2RCcd70l6eBi45yIl9ipp+Ran4=) 2: WNeWcYI--FrvgqVvkbFu12LIaYA.roa (hash: k8USa1JcWCZakgNPmvbG30Z+DpfHdvNnOH9UZ98bnDg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:67:2c:39:af:be:1e:45:05:df:16:94:e4:c6:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=512e27be891b19eca9bceb53e4dc237c5a355697 Validity Not Before: Dec 6 08:00:41 2025 GMT Not After : Dec 7 08:00:41 2025 GMT Subject: CN=db96e2263e5d21eb9f68ef9a9415773df71a837d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:07:cc:e6:5e:90:d8:9b:4c:4d:88:a6:cb:12: a2:1f:8e:fb:eb:60:ed:9d:6c:4a:85:b0:02:ec:62: af:71:02:7b:a1:c0:40:92:06:55:c8:5e:b7:73:44: b7:de:56:56:90:96:a0:04:74:4b:6f:a3:83:d1:47: 6e:d4:7e:de:56:4b:90:bf:a0:0b:0d:bd:fb:6e:ca: d3:bb:e2:28:88:6f:f9:de:85:8c:dc:f2:2c:43:ce: 21:63:bd:cc:0e:d3:0c:d1:fd:11:1f:7e:e0:b6:3c: a5:f9:85:4d:6d:10:d3:2e:06:9a:98:54:9f:38:7c: c5:c4:c0:b9:be:80:f5:af:96:e5:60:72:d7:ba:32: 68:e7:3d:fe:a1:d6:2a:dd:85:3b:02:92:a5:9e:3f: 69:1a:3d:9d:96:cd:29:2b:c4:cf:5c:77:db:20:d6: 2d:35:ec:de:2b:80:15:be:7d:ee:70:a6:a4:54:85: 9e:88:67:c2:c0:99:53:41:77:23:44:96:b1:00:f0: 5a:9b:87:64:ce:60:df:7e:c2:bc:9a:09:72:e5:ed: 30:30:4d:8f:e9:d6:c8:dd:4b:5f:bc:5b:3e:43:77: df:5b:95:71:d4:a2:b6:1d:34:8d:e9:90:2b:e8:9f: 4f:bc:5b:dd:7c:e5:a5:df:36:eb:c3:aa:26:cd:aa: c7:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:96:E2:26:3E:5D:21:EB:9F:68:EF:9A:94:15:77:3D:F7:1A:83:7D X509v3 Authority Key Identifier: keyid:51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d2:d3:7a:51:ce:15:b3:b6:9e:05:e2:7c:75:4c:dd:b7:19:dc: d3:1c:e9:2c:66:38:b4:41:66:06:06:d5:af:e9:ed:12:2f:fe: 4f:49:b5:52:8c:0a:4c:75:27:7d:3a:bd:7d:67:6c:45:65:bf: fd:5e:77:81:e1:9b:8f:04:24:ca:c2:ba:84:cf:15:88:f5:ed: 6f:55:94:e9:d2:83:31:d3:8a:bd:f6:9f:23:6b:6d:d8:7d:46: bc:8f:8b:e3:73:0b:a4:c0:e1:fe:a8:1d:68:11:98:82:e3:f6: c1:e5:67:5e:b3:af:2f:f5:14:01:25:df:d8:68:85:2a:cb:eb: ea:22:f7:34:5d:cc:14:74:12:c9:8e:a6:43:24:e3:9b:de:c0: 3f:c3:69:3e:11:ac:c6:37:94:51:5b:a8:b4:6b:0d:1b:b8:12: ef:39:a2:38:ff:39:b7:26:ef:9d:b9:9f:2a:01:ed:af:f8:d0: 51:22:bb:8d:ba:85:15:84:f1:aa:2e:64:97:c9:2b:03:33:fe: c7:af:27:0c:2b:93:2c:b9:3f:4a:d6:9a:5b:72:bd:f7:0b:ac: d4:ed:08:e4:cb:fe:64:93:11:c2:17:55:a6:8e:8c:1e:26:d0: 02:7e:90:ee:00:74:2d:77:57:fa:91:0b:cb:d5:d0:e8:ee:3f: 80:d8:0b:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrWcsOa++HkUF3xaU5MaoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMmUyN2JlODkxYjE5ZWNhOWJjZWI1M2U0ZGMyMzdjNWEz NTU2OTcwHhcNMjUxMjA2MDgwMDQxWhcNMjUxMjA3MDgwMDQxWjAzMTEwLwYDVQQD EyhkYjk2ZTIyNjNlNWQyMWViOWY2OGVmOWE5NDE1NzczZGY3MWE4MzdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwfM5l6Q2JtMTYimyxKiH47762Dt nWxKhbAC7GKvcQJ7ocBAkgZVyF63c0S33lZWkJagBHRLb6OD0Udu1H7eVkuQv6AL Db37bsrTu+IoiG/53oWM3PIsQ84hY73MDtMM0f0RH37gtjyl+YVNbRDTLgaamFSf OHzFxMC5voD1r5blYHLXujJo5z3+odYq3YU7ApKlnj9pGj2dls0pK8TPXHfbINYt NezeK4AVvn3ucKakVIWeiGfCwJlTQXcjRJaxAPBam4dkzmDffsK8mgly5e0wME2P 6dbI3UtfvFs+Q3ffW5Vx1KK2HTSN6ZAr6J9PvFvdfOWl3zbrw6omzarH/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNuW4iY+XSHrn2jvmpQVdz33GoN9MB8GA1UdIwQY MBaAFFEuJ76JGxnsqbzrU+TcI3xaNVaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAt NWExMTRlZjliMmFhLzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAtNWExMTRlZjliMmFh LzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0tN6Uc4V s7aeBeJ8dUzdtxnc0xzpLGY4tEFmBgbVr+ntEi/+T0m1UowKTHUnfTq9fWdsRWW/ /V53geGbjwQkysK6hM8ViPXtb1WU6dKDMdOKvfafI2tt2H1GvI+L43MLpMDh/qgd aBGYguP2weVnXrOvL/UUASXf2GiFKsvr6iL3NF3MFHQSyY6mQyTjm97AP8NpPhGs xjeUUVuotGsNG7gS7zmiOP85tybvnbmfKgHtr/jQUSK7jbqFFYTxqi5kl8krAzP+ x68nDCuTLLk/StaaW3K99wus1O0I5Mv+ZJMRwhdVpo6MHibQAn6Q7gB0LXdX+pEL y9XQ6O4/gNgLzg== -----END CERTIFICATE-----Generated at Sat Dec 6 14:21:57 2025 by rpki-client