This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft File: r5aNFt0rQdNStf0zxJs-xP2tQlg.mft (raw, json) Hash identifier: FyZ+VyI5vvLVQ33jxqoiFxp81KAUuP4qKNn8GlVrVdA= Subject key identifier: 10:F8:28:DF:E4:A3:24:5D:7F:86:8E:D9:A3:14:59:AA:12:0B:D3:68 Authority key identifier: AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58 Certificate issuer: /CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258 Certificate serial: 019AF088928A886F455C0FAC9F07F9DFE934 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft Manifest number: 1071 Signing time: Fri 05 Dec 2025 22:01:13 +0000 Manifest this update: Fri 05 Dec 2025 22:01:13 +0000 Manifest next update: Sat 06 Dec 2025 22:01:13 +0000 Files and hashes: 1: r5aNFt0rQdNStf0zxJs-xP2tQlg.crl (hash: 5bWNzCceChtu9eVEdrPagMVnbOckajzcfXRM5AS5IlY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:92:8a:88:6f:45:5c:0f:ac:9f:07:f9:df:e9:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258 Validity Not Before: Dec 5 22:01:13 2025 GMT Not After : Dec 6 22:01:13 2025 GMT Subject: CN=10f828dfe4a3245d7f868ed9a31459aa120bd368 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ec:c8:a9:b0:20:99:10:92:e0:8c:0f:ed:7a: 05:b6:36:58:77:ed:11:56:60:87:30:70:b1:9e:9c: d3:60:cb:97:19:43:40:5f:f6:a6:00:c5:ae:2a:36: ab:26:70:50:1e:a9:63:e9:3c:b2:2f:00:db:5b:32: 9f:0b:86:1d:a1:21:f7:66:f0:1a:3f:b7:e5:32:be: 37:55:86:5e:79:86:1a:ac:2a:af:22:27:40:63:ef: cf:03:14:34:f3:88:c3:64:a4:0b:fd:fc:85:de:a0: 34:dc:09:54:8f:c6:60:ee:7e:84:c1:ee:12:d3:5f: 6c:86:10:68:37:5d:e4:25:b7:6d:65:77:dd:b4:39: 78:2e:54:79:bc:c3:5d:f4:46:77:89:bb:4d:26:27: 55:2e:5b:90:22:8f:96:67:e9:ce:f8:b9:e3:89:d7: b4:fa:a2:73:9c:70:fe:55:75:6a:45:70:05:fb:ba: b4:58:fd:91:aa:12:a9:1b:ba:ae:e2:39:ed:4f:fe: 9e:b9:3b:a0:23:63:95:ff:a9:e6:4d:ec:b0:b5:a8: dd:69:6e:9a:e2:ab:d4:de:a7:e7:c5:ee:60:8d:10: 91:8f:ec:48:a9:cc:54:d7:98:de:ed:c4:a4:ff:59: e3:b6:3e:5f:ef:0a:b5:52:09:87:ab:3c:95:c7:cf: 37:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:F8:28:DF:E4:A3:24:5D:7F:86:8E:D9:A3:14:59:AA:12:0B:D3:68 X509v3 Authority Key Identifier: keyid:AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:a9:65:53:b2:32:d7:ac:07:ba:e2:d1:2c:8d:fe:dc:93:2d: 3a:bd:7a:9d:51:34:12:a3:9e:99:74:cc:11:e9:a8:a3:4c:3a: e4:ee:e4:b0:9a:5c:1b:46:d0:6a:93:21:51:44:93:99:be:e5: da:be:41:5e:2f:5f:3c:d9:f0:4a:5a:db:55:62:04:b0:86:be: 83:94:88:f4:fa:8c:87:ca:33:0a:2b:3f:50:90:30:13:2a:48: 89:2f:97:a8:7e:42:9c:67:e5:ab:f3:71:bc:cf:f0:a6:65:a8: 3a:48:6e:bc:92:37:6e:15:ee:52:4d:6d:07:8f:a1:19:df:1b: ce:39:a6:eb:3b:98:e0:34:c0:8a:49:9f:80:33:cc:6c:5d:24: a5:02:ff:74:79:78:8d:8c:46:0d:0f:78:b9:01:7a:75:a4:55: e4:76:9c:1d:d2:92:7e:d1:e1:ee:26:b1:13:16:c0:c2:1a:98: ec:ad:2e:01:4b:34:be:e6:e4:3f:83:cb:d2:b3:d5:a2:65:98: 72:63:b4:e1:02:12:6e:66:30:10:3e:22:e1:48:00:c0:2c:fb: ae:04:66:4a:cc:76:d7:06:40:07:3a:cf:fa:f5:73:cb:f7:2e: 33:47:52:05:09:bd:ac:fc:86:30:fe:59:ce:5c:b7:f0:62:ec: e4:6a:28:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiJKKiG9FXA+snwf53+k0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmOTY4ZDE2ZGQyYjQxZDM1MmI1ZmQzM2M0OWIzZWM0ZmRh ZDQyNTgwHhcNMjUxMjA1MjIwMTEzWhcNMjUxMjA2MjIwMTEzWjAzMTEwLwYDVQQD EygxMGY4MjhkZmU0YTMyNDVkN2Y4NjhlZDlhMzE0NTlhYTEyMGJkMzY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuzIqbAgmRCS4IwP7XoFtjZYd+0R VmCHMHCxnpzTYMuXGUNAX/amAMWuKjarJnBQHqlj6TyyLwDbWzKfC4YdoSH3ZvAa P7flMr43VYZeeYYarCqvIidAY+/PAxQ084jDZKQL/fyF3qA03AlUj8Zg7n6Ewe4S 019shhBoN13kJbdtZXfdtDl4LlR5vMNd9EZ3ibtNJidVLluQIo+WZ+nO+Lnjide0 +qJznHD+VXVqRXAF+7q0WP2RqhKpG7qu4jntT/6euTugI2OV/6nmTeywtajdaW6a 4qvU3qfnxe5gjRCRj+xIqcxU15je7cSk/1njtj5f7wq1UgmHqzyVx883DQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBD4KN/koyRdf4aO2aMUWaoSC9NoMB8GA1UdIwQY MBaAFK+WjRbdK0HTUrX9M8SbPsT9rUJYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3Yjct YzI5NmVjNGIyMTcwLzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3YjctYzI5NmVjNGIyMTcw LzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALallU7Iy 16wHuuLRLI3+3JMtOr16nVE0EqOemXTMEemoo0w65O7ksJpcG0bQapMhUUSTmb7l 2r5BXi9fPNnwSlrbVWIEsIa+g5SI9PqMh8ozCis/UJAwEypIiS+XqH5CnGflq/Nx vM/wpmWoOkhuvJI3bhXuUk1tB4+hGd8bzjmm6zuY4DTAikmfgDPMbF0kpQL/dHl4 jYxGDQ94uQF6daRV5HacHdKSftHh7iaxExbAwhqY7K0uAUs0vubkP4PL0rPVomWY cmO04QISbmYwED4i4UgAwCz7rgRmSsx21wZABzrP+vVzy/cuM0dSBQm9rPyGMP5Z zly38GLs5GooNw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:13 2025 by rpki-client