This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.mft File: 5KnudPLZhMiKs7ma5x0LfHuvgVA.mft (raw, json) Hash identifier: OuT2tV0o7Px/6fw9qrTQFZU+wp79pNxBuZ7ri6nlqQM= Subject key identifier: 72:0F:51:52:AB:DE:A9:5C:BE:CE:5C:D6:FC:58:FB:A7:F1:23:40:28 Authority key identifier: E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50 Certificate issuer: /CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150 Certificate serial: 019AFCC3559585DCE1EA22E7E09A2734FACF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.mft Manifest number: 1769 Signing time: Mon 08 Dec 2025 07:00:50 +0000 Manifest this update: Mon 08 Dec 2025 07:00:50 +0000 Manifest next update: Tue 09 Dec 2025 07:00:50 +0000 Files and hashes: 1: 1kmQygnKJuFomMWscO7_tmV5MPY.roa (hash: 1R7F/hqJ/U8XRXU5qTBNp/iBMwQ2HNOAJ68qC4TlDwI=) 2: 5KnudPLZhMiKs7ma5x0LfHuvgVA.crl (hash: r2Y2xvJX5a8EsfqlfO5+4WogYmXYVKqP4wcUTq0s+H8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.mft rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fc:c3:55:95:85:dc:e1:ea:22:e7:e0:9a:27:34:fa:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150 Validity Not Before: Dec 8 07:00:50 2025 GMT Not After : Dec 9 07:00:50 2025 GMT Subject: CN=720f5152abdea95cbece5cd6fc58fba7f1234028 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:88:23:54:93:4b:50:d9:40:09:59:ab:95:78: 07:14:b5:75:b3:03:39:d9:fc:95:7f:63:02:20:af: 9f:a8:74:bb:69:0f:c7:f3:c9:1a:c3:db:1a:e0:5e: 07:9b:e7:bc:d2:ba:cd:94:32:b4:d5:3e:be:0b:42: c7:94:43:f1:96:f2:18:c7:a0:f3:9c:90:41:e9:67: 75:8f:ab:a6:90:79:eb:06:bd:f3:ef:d3:d7:96:4a: ea:cb:e1:e7:8c:c6:e0:01:9c:ef:2c:be:f7:ba:12: 0c:c1:5c:97:6a:1c:db:50:aa:65:4d:ca:36:60:e6: 5d:05:da:71:b3:a2:0e:6e:f8:80:61:e3:9b:ae:1e: 45:a9:f9:02:ea:92:63:dc:67:b2:0d:8a:a4:3d:bf: 1b:06:6d:62:89:42:e8:a3:ad:0f:50:3c:62:89:e9: aa:a9:f6:92:88:99:95:f2:38:db:0c:c7:6d:a3:ee: 43:8e:ae:46:32:d4:c5:40:83:b8:14:d6:fe:66:97: 02:38:de:4b:c8:56:e8:79:77:5e:8b:78:0d:be:a1: 5e:d2:3a:c9:58:5a:40:36:a9:3e:0e:2c:a3:f1:1d: 68:c4:ca:32:51:dc:16:c7:2f:ea:68:95:07:e8:67: 2d:de:6b:f0:55:6f:44:b7:23:8e:2d:36:c3:00:78: d1:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:0F:51:52:AB:DE:A9:5C:BE:CE:5C:D6:FC:58:FB:A7:F1:23:40:28 X509v3 Authority Key Identifier: keyid:E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:5d:8c:de:80:9a:54:d0:bd:0a:c8:b6:7f:5b:ad:2f:36:6d: 81:a6:31:e2:36:f8:fa:fc:59:e8:0f:28:7b:a7:e3:e9:2a:cd: b0:3d:6b:8e:ce:71:93:c0:27:1c:62:ea:96:64:09:6d:10:24: 54:b2:c9:4b:58:b9:02:b5:7c:6f:38:7d:88:1d:38:26:7e:96: 87:d0:75:80:c1:63:d8:4f:e8:39:85:f1:6a:42:1d:71:42:e2: 5e:23:a3:b8:ce:5b:d0:8a:a0:ee:f9:4d:36:f2:fc:9f:a2:ef: 38:58:24:c1:fe:13:1d:2d:1d:0e:6f:bb:50:57:37:7b:06:0a: 18:e0:91:ac:57:50:4d:8a:17:72:01:db:3c:7b:c7:60:20:b5: f9:37:f9:a0:c3:12:fe:cf:a8:86:33:29:54:f0:bd:ab:ab:a7: f9:21:b7:b7:28:f6:39:f9:c6:ce:a6:35:cc:3d:e2:05:81:7b: 4a:38:48:4c:e7:6a:f3:36:a8:96:17:26:91:3e:12:99:7a:33: 95:1c:47:0a:e8:cf:84:45:8f:1f:98:53:6e:37:de:01:82:cb: 25:2f:45:6a:75:25:09:ab:87:7e:98:43:12:45:d1:b3:23:2a: 4d:7b:3d:31:9a:d0:a0:b5:d6:a0:21:3c:ea:bf:ac:cf:2a:4b: 1e:d1:d1:a2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr8w1WVhdzh6iLn4JonNPrPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0YTllZTc0ZjJkOTg0Yzg4YWIzYjk5YWU3MWQwYjdjN2Jh ZjgxNTAwHhcNMjUxMjA4MDcwMDUwWhcNMjUxMjA5MDcwMDUwWjAzMTEwLwYDVQQD Eyg3MjBmNTE1MmFiZGVhOTVjYmVjZTVjZDZmYzU4ZmJhN2YxMjM0MDI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIgjVJNLUNlACVmrlXgHFLV1swM5 2fyVf2MCIK+fqHS7aQ/H88kaw9sa4F4Hm+e80rrNlDK01T6+C0LHlEPxlvIYx6Dz nJBB6Wd1j6umkHnrBr3z79PXlkrqy+HnjMbgAZzvLL73uhIMwVyXahzbUKplTco2 YOZdBdpxs6IObviAYeObrh5FqfkC6pJj3GeyDYqkPb8bBm1iiULoo60PUDxiiemq qfaSiJmV8jjbDMdto+5Djq5GMtTFQIO4FNb+ZpcCON5LyFboeXdei3gNvqFe0jrJ WFpANqk+Diyj8R1oxMoyUdwWxy/qaJUH6Gct3mvwVW9EtyOOLTbDAHjRxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHIPUVKr3qlcvs5c1vxY+6fxI0AoMB8GA1UdIwQY MBaAFOSp7nTy2YTIirO5mucdC3x7r4FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYWRjOTUtZGFhZi00Nzc2LTliZTgt ZDJjMGJlNDQ4NTYxLzEvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC9lYWRjOTUtZGFhZi00Nzc2LTliZTgtZDJjMGJlNDQ4NTYx LzEvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgF2M3oCa VNC9Csi2f1utLzZtgaYx4jb4+vxZ6A8oe6fj6SrNsD1rjs5xk8AnHGLqlmQJbRAk VLLJS1i5ArV8bzh9iB04Jn6Wh9B1gMFj2E/oOYXxakIdcULiXiOjuM5b0Iqg7vlN NvL8n6LvOFgkwf4THS0dDm+7UFc3ewYKGOCRrFdQTYoXcgHbPHvHYCC1+Tf5oMMS /s+ohjMpVPC9q6un+SG3tyj2OfnGzqY1zD3iBYF7SjhITOdq8zaolhcmkT4SmXoz lRxHCujPhEWPH5hTbjfeAYLLJS9FanUlCauHfphDEkXRsyMqTXs9MZrQoLXWoCE8 6r+szypLHtHRog== -----END CERTIFICATE-----Generated at Mon Dec 8 09:40:13 2025 by rpki-client