This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft File: G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft (raw, json) Hash identifier: jqlNpxjPHbWt2L0tKqucFU+sWG9xkJZZoONj3rB9hac= Subject key identifier: FC:5A:2B:24:FE:5B:60:53:65:87:91:E2:BA:C5:DA:01:00:97:A7:1A Authority key identifier: 1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6 Certificate issuer: /CN=1b934577cb49d8d231b74c550726f3387e026cf6 Certificate serial: 019AF12DEC4A825F4FE6DBAEBAC4DA3F3F40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 01:01:49 +0000 Manifest this update: Sat 06 Dec 2025 01:01:49 +0000 Manifest next update: Sun 07 Dec 2025 01:01:49 +0000 Files and hashes: 1: G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl (hash: n5Trm3Al/bnGJ6TGt6+QLGXmiofW0C32EAHtt4jAKjQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:ec:4a:82:5f:4f:e6:db:ae:ba:c4:da:3f:3f:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b934577cb49d8d231b74c550726f3387e026cf6 Validity Not Before: Dec 6 01:01:49 2025 GMT Not After : Dec 7 01:01:49 2025 GMT Subject: CN=fc5a2b24fe5b6053658791e2bac5da010097a71a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ee:23:ee:b3:6d:d2:b8:d1:4d:be:25:d6:88: a4:cf:63:38:83:fb:62:93:2e:4e:68:ed:b7:8b:59: 82:e7:b6:15:41:40:76:90:4d:b5:08:e1:7b:fd:71: 20:33:1a:e6:cf:70:b8:69:b2:49:e5:e8:d7:c8:c9: df:eb:1f:d6:fe:70:12:67:f9:b6:d2:7b:d1:cd:ff: ee:b1:4f:0c:92:71:bf:3d:67:d2:4f:d9:6e:2a:91: 9d:db:33:09:65:cf:a2:59:89:50:90:82:9e:14:56: 74:05:66:43:36:55:02:04:8d:ab:c8:15:0e:a1:08: b4:0e:0a:11:c3:e2:50:c2:88:41:24:3d:40:3f:1d: 39:97:d7:20:2e:0d:30:39:46:8f:1b:1a:f2:07:a1: 64:52:03:16:b3:99:1b:70:7e:80:bf:8e:9b:d0:bd: 8a:de:19:e8:36:75:fa:d9:ef:57:e2:f7:4d:2a:71: f5:21:d1:eb:61:db:0e:66:d9:d2:67:d6:ea:e5:e4: af:9d:57:b8:95:44:da:92:2b:3f:57:46:2a:cb:ba: d4:05:93:e1:4e:cb:f5:47:aa:b7:1b:41:0d:69:08: 79:78:61:85:e5:6a:b7:36:09:f7:f1:f9:ef:36:a5: 87:04:ef:31:0d:70:56:39:6f:5a:bb:04:8a:e2:c8: 45:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:5A:2B:24:FE:5B:60:53:65:87:91:E2:BA:C5:DA:01:00:97:A7:1A X509v3 Authority Key Identifier: keyid:1B:93:45:77:CB:49:D8:D2:31:B7:4C:55:07:26:F3:38:7E:02:6C:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5NFd8tJ2NIxt0xVBybzOH4CbPY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/dd533d-2855-4793-965a-0e29858c637a/1/G5NFd8tJ2NIxt0xVBybzOH4CbPY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:f6:28:5c:1b:5a:2c:20:c3:a7:3a:38:c5:61:8a:22:ea:76: 96:12:03:0b:d9:0e:84:fd:b3:dd:da:47:ab:bd:37:26:19:e0: a6:20:4c:f0:00:e6:c7:6e:f5:c7:60:8c:ba:26:82:1c:39:77: 19:3b:ee:59:3e:d6:fc:22:cd:f5:b6:d6:44:42:bd:d3:0b:03: 3e:a7:b8:60:bc:e4:e1:af:f9:fc:60:4b:c7:54:1b:2e:20:2b: 7f:14:45:3f:02:2e:b5:94:f7:3b:b4:52:39:06:6f:37:ff:f3: 79:ec:80:15:53:fc:25:d1:3a:7a:65:08:db:d7:78:00:60:a7: 17:fd:9b:e9:db:6e:75:2f:04:e2:3a:87:21:fe:3c:92:50:fe: 1a:b3:24:51:d1:f3:a2:76:ef:0b:52:ed:f0:92:82:a7:b4:6f: 25:da:cb:cc:eb:ae:2d:12:d4:f6:ef:67:ff:a0:53:a4:85:b4: 50:c8:ac:d3:cb:40:c8:a5:31:fd:22:b6:57:a8:a7:ca:b3:7b: 00:4c:2c:c6:53:bf:72:10:af:19:e6:e8:08:cf:72:70:34:68: d6:3c:28:e2:7e:fb:bd:dc:0f:81:84:75:14:ea:66:ee:8e:e3: 0a:c8:8b:d7:f6:de:9a:b0:95:48:8a:dc:76:b2:5c:e6:8d:32: 74:c4:4f:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLexKgl9P5tuuusTaPz9AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiOTM0NTc3Y2I0OWQ4ZDIzMWI3NGM1NTA3MjZmMzM4N2Uw MjZjZjYwHhcNMjUxMjA2MDEwMTQ5WhcNMjUxMjA3MDEwMTQ5WjAzMTEwLwYDVQQD EyhmYzVhMmIyNGZlNWI2MDUzNjU4NzkxZTJiYWM1ZGEwMTAwOTdhNzFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4u4j7rNt0rjRTb4l1oikz2M4g/ti ky5OaO23i1mC57YVQUB2kE21COF7/XEgMxrmz3C4abJJ5ejXyMnf6x/W/nASZ/m2 0nvRzf/usU8MknG/PWfST9luKpGd2zMJZc+iWYlQkIKeFFZ0BWZDNlUCBI2ryBUO oQi0DgoRw+JQwohBJD1APx05l9cgLg0wOUaPGxryB6FkUgMWs5kbcH6Av46b0L2K 3hnoNnX62e9X4vdNKnH1IdHrYdsOZtnSZ9bq5eSvnVe4lUTakis/V0Yqy7rUBZPh Tsv1R6q3G0ENaQh5eGGF5Wq3Ngn38fnvNqWHBO8xDXBWOW9auwSK4shF1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPxaKyT+W2BTZYeR4rrF2gEAl6caMB8GA1UdIwQY MBaAFBuTRXfLSdjSMbdMVQcm8zh+Amz2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEt MGUyOTg1OGM2MzdhLzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC9kZDUzM2QtMjg1NS00NzkzLTk2NWEtMGUyOTg1OGM2Mzdh LzEvRzVORmQ4dEoyTkl4dDB4VkJ5YnpPSDRDYlBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvYoXBta LCDDpzo4xWGKIup2lhIDC9kOhP2z3dpHq703JhngpiBM8ADmx271x2CMuiaCHDl3 GTvuWT7W/CLN9bbWREK90wsDPqe4YLzk4a/5/GBLx1QbLiArfxRFPwIutZT3O7RS OQZvN//zeeyAFVP8JdE6emUI29d4AGCnF/2b6dtudS8E4jqHIf48klD+GrMkUdHz onbvC1Lt8JKCp7RvJdrLzOuuLRLU9u9n/6BTpIW0UMis08tAyKUx/SK2V6inyrN7 AEwsxlO/chCvGeboCM9ycDRo1jwo4n77vdwPgYR1FOpm7o7jCsiL1/bemrCVSIrc drJc5o0ydMRPIA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:43:39 2025 by rpki-client