This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft File: 1T5Pyhar83QtTaK_nD2abpHpbuU.mft (raw, json) Hash identifier: EmNwenDgopp4OWuJ/qdErbTG/sYAIZP+0X93jsoIjuI= Subject key identifier: 0D:CF:7D:0E:8D:B6:6B:22:A8:B4:49:54:CD:F4:EE:05:CA:6D:6D:83 Authority key identifier: D5:3E:4F:CA:16:AB:F3:74:2D:4D:A2:BF:9C:3D:9A:6E:91:E9:6E:E5 Certificate issuer: /CN=d53e4fca16abf3742d4da2bf9c3d9a6e91e96ee5 Certificate serial: 019B2BF8373AF3F5C75B2AF4EB447F7554AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft Manifest number: 1492 Signing time: Wed 17 Dec 2025 11:00:45 +0000 Manifest this update: Wed 17 Dec 2025 11:00:45 +0000 Manifest next update: Thu 18 Dec 2025 11:00:45 +0000 Files and hashes: 1: 1T5Pyhar83QtTaK_nD2abpHpbuU.crl (hash: xrNbryyw22pC57NXaGUIQLidirQdDAXO+mLpHX5qX44=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:37:3a:f3:f5:c7:5b:2a:f4:eb:44:7f:75:54:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d53e4fca16abf3742d4da2bf9c3d9a6e91e96ee5 Validity Not Before: Dec 17 11:00:45 2025 GMT Not After : Dec 18 11:00:45 2025 GMT Subject: CN=0dcf7d0e8db66b22a8b44954cdf4ee05ca6d6d83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ee:0e:78:73:11:33:56:5b:66:a6:8d:d7:44: 02:00:6a:30:50:6a:ee:f3:22:86:0d:d7:9b:01:d4: 83:3f:f4:8b:34:96:53:72:be:1e:83:3b:2f:e9:2d: 09:07:54:75:a3:73:bf:a7:d7:75:85:ab:f7:32:d0: 74:a0:f8:2e:1a:b3:ab:a8:a1:c8:76:d3:1a:26:4e: 44:3c:bb:ee:5d:c7:de:bb:05:76:46:fc:d6:62:ac: 1b:41:6a:11:3c:f6:ab:e1:47:22:58:2c:48:91:64: 5a:d0:80:ed:bf:d1:12:75:d6:b0:0d:a5:5d:ee:f3: ad:1a:7e:fa:0f:d5:a0:ed:fd:77:75:4c:73:d3:08: d4:0b:41:2a:1a:be:fa:28:3f:a0:58:66:9d:a2:54: a6:ee:73:68:b9:46:00:8a:31:8c:e8:d6:c1:52:06: f5:7f:3f:74:89:ed:fb:a6:e6:7c:6c:24:69:4d:f2: 5a:f8:80:a4:a3:e0:b0:23:40:35:af:3a:3f:35:80: ec:47:e9:d3:b9:b2:bb:bc:41:21:f2:d7:eb:b4:bb: 33:3a:7a:f7:bf:92:4d:2b:de:cb:32:f4:55:0b:95: 20:20:34:8f:83:90:78:e5:f3:17:8a:71:b4:f7:aa: 8c:73:87:07:77:83:ba:58:88:4b:08:47:30:e0:8b: a9:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:CF:7D:0E:8D:B6:6B:22:A8:B4:49:54:CD:F4:EE:05:CA:6D:6D:83 X509v3 Authority Key Identifier: keyid:D5:3E:4F:CA:16:AB:F3:74:2D:4D:A2:BF:9C:3D:9A:6E:91:E9:6E:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:e5:8e:b7:90:13:06:e2:59:a7:ee:a3:8b:c6:16:1f:1e:ea: 70:f5:f8:a2:a1:27:12:5e:5f:e8:cd:5a:bb:83:5f:e9:ef:32: a5:0d:a6:1c:b8:da:07:c5:d4:cf:b8:8e:45:93:c2:b9:bb:c1: 85:6e:a3:db:dc:2e:93:91:21:2a:1a:5c:97:4c:83:42:3a:f9: cf:7f:9f:d2:f0:da:29:cc:fc:98:f8:17:ae:cb:bd:41:0b:b5: 67:f6:a5:02:d6:cc:91:bf:92:0a:b2:ea:93:4a:e3:7a:e3:86: 92:90:b7:4f:f5:2b:e6:a3:05:cd:85:9f:6e:21:8c:eb:f7:fe: 73:3d:1f:eb:2d:9c:31:5a:aa:17:b8:f1:5f:44:1c:4d:9b:1d: 80:63:29:ee:41:1b:28:9b:21:ed:28:a4:ad:8d:e5:6a:da:ee: ef:04:fc:ba:db:f0:a4:41:cc:2b:60:4c:9f:56:e0:0a:84:a4: 3c:c4:d1:b3:b6:58:af:3e:de:d8:64:d1:4f:e7:d7:f2:46:2b: e3:fe:68:fe:a9:49:83:7d:c1:77:4d:21:a5:75:00:21:a6:3c: e7:5c:2c:ae:41:88:ff:c6:5b:a3:af:db:fb:74:da:13:24:65: 54:3e:4c:b5:48:62:71:60:1b:68:35:19:9c:04:a9:36:72:eb: 02:ba:6d:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+Dc68/XHWyr060R/dVSvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1M2U0ZmNhMTZhYmYzNzQyZDRkYTJiZjljM2Q5YTZlOTFl OTZlZTUwHhcNMjUxMjE3MTEwMDQ1WhcNMjUxMjE4MTEwMDQ1WjAzMTEwLwYDVQQD EygwZGNmN2QwZThkYjY2YjIyYThiNDQ5NTRjZGY0ZWUwNWNhNmQ2ZDgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO4OeHMRM1ZbZqaN10QCAGowUGru 8yKGDdebAdSDP/SLNJZTcr4egzsv6S0JB1R1o3O/p9d1hav3MtB0oPguGrOrqKHI dtMaJk5EPLvuXcfeuwV2RvzWYqwbQWoRPPar4UciWCxIkWRa0IDtv9ESddawDaVd 7vOtGn76D9Wg7f13dUxz0wjUC0EqGr76KD+gWGadolSm7nNouUYAijGM6NbBUgb1 fz90ie37puZ8bCRpTfJa+ICko+CwI0A1rzo/NYDsR+nTubK7vEEh8tfrtLszOnr3 v5JNK97LMvRVC5UgIDSPg5B45fMXinG096qMc4cHd4O6WIhLCEcw4IupuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA3PfQ6NtmsiqLRJVM307gXKbW2DMB8GA1UdIwQY MBaAFNU+T8oWq/N0LU2iv5w9mm6R6W7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zZGYwOWItNjFlZC00MDgzLTk3OGIt MjYzMzUwZGVjMTk0LzEvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8zZGYwOWItNjFlZC00MDgzLTk3OGItMjYzMzUwZGVjMTk0 LzEvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABeWOt5AT BuJZp+6ji8YWHx7qcPX4oqEnEl5f6M1au4Nf6e8ypQ2mHLjaB8XUz7iORZPCubvB hW6j29wuk5EhKhpcl0yDQjr5z3+f0vDaKcz8mPgXrsu9QQu1Z/alAtbMkb+SCrLq k0rjeuOGkpC3T/Ur5qMFzYWfbiGM6/f+cz0f6y2cMVqqF7jxX0QcTZsdgGMp7kEb KJsh7SikrY3latru7wT8utvwpEHMK2BMn1bgCoSkPMTRs7ZYrz7e2GTRT+fX8kYr 4/5o/qlJg33Bd00hpXUAIaY851wsrkGI/8Zbo6/b+3TaEyRlVD5MtUhicWAbaDUZ nASpNnLrArpt2w== -----END CERTIFICATE-----Generated at Wed Dec 17 17:53:54 2025 by rpki-client