This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft File: Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft (raw, json) Hash identifier: JcDi01RQRIX3SRhhQibsYhMqhjGi2nT2rbpTs4uy4e4= Subject key identifier: FC:0E:00:1F:41:76:07:8F:F2:CC:5F:69:ED:92:84:A0:BA:94:C6:EB Authority key identifier: 05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4 Certificate issuer: /CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4 Certificate serial: 019AF35232EB5307C2156AC635A2D83E0AC2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 11:00:41 +0000 Manifest this update: Sat 06 Dec 2025 11:00:41 +0000 Manifest next update: Sun 07 Dec 2025 11:00:41 +0000 Files and hashes: 1: Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl (hash: 3mKnv/vYzcLlx3WP8h4aa7lLhEust1HVkqL2qbP3hG4=) 2: xQ3PdmMDye_3ODxtjF3bxTEbrgU.roa (hash: OnYXJU1mRvo0V2FhsSO8D1b8k47DbXdYSrQ7JN4NAuQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:32:eb:53:07:c2:15:6a:c6:35:a2:d8:3e:0a:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05ae5f23db983fd136ae9d71e87e1e5130bcf6d4 Validity Not Before: Dec 6 11:00:41 2025 GMT Not After : Dec 7 11:00:41 2025 GMT Subject: CN=fc0e001f4176078ff2cc5f69ed9284a0ba94c6eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:45:cc:a3:74:8a:82:44:3d:55:91:32:5c:74: bd:df:07:6a:67:2d:a7:c3:37:7d:e7:9a:14:22:9a: 99:3a:35:0a:f2:86:33:4f:1a:0e:8c:e3:64:1e:04: ac:f0:b8:d2:cc:86:0c:c0:8a:ea:58:da:9c:f5:c6: 2c:50:4d:60:fc:a1:b5:35:2a:82:92:44:e3:0e:db: 9e:da:76:77:3f:82:94:ba:73:71:47:9e:76:dc:df: 4e:da:60:fa:fa:0d:c5:cf:44:02:4e:7d:55:d8:11: 5c:af:96:8a:d8:53:e5:97:72:6e:2c:05:b5:66:1a: 31:3b:10:61:cc:c5:2e:96:aa:cf:a3:22:9c:dc:af: fc:3f:f9:c9:d1:aa:c8:4a:0e:05:85:42:ea:d1:41: 59:6a:53:8d:92:a1:d2:6d:d6:63:63:77:65:3d:16: 6a:78:1c:ab:90:e1:f6:cd:3c:f0:1f:c3:00:bb:aa: f5:1a:50:a7:ee:0e:44:ad:8e:4d:05:7c:c0:30:04: ba:f7:1a:29:a8:0a:d5:e1:df:d6:c7:0b:75:61:e8: 31:09:1e:30:a6:00:d3:65:ad:f6:84:0c:4a:83:ce: 65:72:45:e8:f1:33:64:05:f2:fb:cd:d8:f6:41:3b: df:60:bf:cb:5a:23:22:f7:2a:2a:c4:c5:9a:49:5a: e1:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:0E:00:1F:41:76:07:8F:F2:CC:5F:69:ED:92:84:A0:BA:94:C6:EB X509v3 Authority Key Identifier: keyid:05:AE:5F:23:DB:98:3F:D1:36:AE:9D:71:E8:7E:1E:51:30:BC:F6:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/745fcb-f472-4039-8b1d-44efd130659c/1/Ba5fI9uYP9E2rp1x6H4eUTC89tQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:95:93:49:84:59:2f:8c:a6:77:c0:b6:70:61:88:67:04:37: 7e:7c:8e:68:3d:57:5f:7f:77:93:05:41:d9:56:44:d1:cd:9b: 60:d2:61:04:aa:54:34:11:7f:36:0b:8e:45:4f:af:68:98:23: 64:fa:21:5a:54:8f:d4:0b:e4:95:63:98:ed:94:e6:da:ee:db: b6:cf:44:d8:27:71:4d:c0:c3:0a:ac:e9:bd:8a:ae:63:0f:6e: b7:d0:a4:b5:2d:e6:d4:03:85:ad:ba:8e:1e:a2:a1:68:62:db: ac:8a:b4:74:b5:3f:d0:76:57:b9:04:a7:43:aa:b9:46:b5:c6: 5e:2c:35:69:66:6c:4a:73:b7:73:06:61:fb:70:3d:73:40:99: a4:12:4d:1a:cf:1c:2d:96:96:e3:40:78:f1:12:d8:d2:5a:5a: 12:4c:e3:3c:ec:c6:3a:ac:5d:1e:0d:fc:0d:57:c9:b3:ce:47: 57:06:55:c1:c1:7c:d0:cc:6b:7b:6e:3a:0b:f3:c2:26:db:40: cd:9f:4d:bc:3e:f9:42:b5:da:30:3a:13:fe:fb:e4:2a:eb:33: 16:63:c2:c3:c0:ec:c5:54:7f:8a:a7:8c:43:83:31:cc:0d:84: 2c:e8:6a:fe:56:60:fe:9c:3f:37:5f:e3:b0:5a:db:54:81:97: 47:4c:d7:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUjLrUwfCFWrGNaLYPgrCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1YWU1ZjIzZGI5ODNmZDEzNmFlOWQ3MWU4N2UxZTUxMzBi Y2Y2ZDQwHhcNMjUxMjA2MTEwMDQxWhcNMjUxMjA3MTEwMDQxWjAzMTEwLwYDVQQD EyhmYzBlMDAxZjQxNzYwNzhmZjJjYzVmNjllZDkyODRhMGJhOTRjNmViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UXMo3SKgkQ9VZEyXHS93wdqZy2n wzd955oUIpqZOjUK8oYzTxoOjONkHgSs8LjSzIYMwIrqWNqc9cYsUE1g/KG1NSqC kkTjDtue2nZ3P4KUunNxR5523N9O2mD6+g3Fz0QCTn1V2BFcr5aK2FPll3JuLAW1 ZhoxOxBhzMUulqrPoyKc3K/8P/nJ0arISg4FhULq0UFZalONkqHSbdZjY3dlPRZq eByrkOH2zTzwH8MAu6r1GlCn7g5ErY5NBXzAMAS69xopqArV4d/Wxwt1YegxCR4w pgDTZa32hAxKg85lckXo8TNkBfL7zdj2QTvfYL/LWiMi9yoqxMWaSVrhXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPwOAB9BdgeP8sxfae2ShKC6lMbrMB8GA1UdIwQY MBaAFAWuXyPbmD/RNq6dceh+HlEwvPbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQt NDRlZmQxMzA2NTljLzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS83NDVmY2ItZjQ3Mi00MDM5LThiMWQtNDRlZmQxMzA2NTlj LzEvQmE1Zkk5dVlQOUUycnAxeDZINGVVVEM4OXRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADJWTSYRZ L4ymd8C2cGGIZwQ3fnyOaD1XX393kwVB2VZE0c2bYNJhBKpUNBF/NguORU+vaJgj ZPohWlSP1AvklWOY7ZTm2u7bts9E2CdxTcDDCqzpvYquYw9ut9CktS3m1AOFrbqO HqKhaGLbrIq0dLU/0HZXuQSnQ6q5RrXGXiw1aWZsSnO3cwZh+3A9c0CZpBJNGs8c LZaW40B48RLY0lpaEkzjPOzGOqxdHg38DVfJs85HVwZVwcF80Mxre246C/PCJttA zZ9NvD75QrXaMDoT/vvkKuszFmPCw8DsxVR/iqeMQ4MxzA2ELOhq/lZg/pw/N1/j sFrbVIGXR0zX6Q== -----END CERTIFICATE-----Generated at Sat Dec 6 20:29:49 2025 by rpki-client