This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft File: EsqtEcXYmB2YPDAehqGs8tgRqsE.mft (raw, json) Hash identifier: CsJ1baJw9YjXzytETCzi8r+mOMWBK1LBDCeO5D0JeSc= Subject key identifier: BC:5D:F4:B9:B3:19:D5:30:28:57:46:6F:06:21:AE:16:A7:51:89:F4 Authority key identifier: 12:CA:AD:11:C5:D8:98:1D:98:3C:30:1E:86:A1:AC:F2:D8:11:AA:C1 Certificate issuer: /CN=12caad11c5d8981d983c301e86a1acf2d811aac1 Certificate serial: 019AF5E652813808E79EA42D5D15D09F38EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsqtEcXYmB2YPDAehqGs8tgRqsE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft Manifest number: 115F Signing time: Sat 06 Dec 2025 23:01:43 +0000 Manifest this update: Sat 06 Dec 2025 23:01:43 +0000 Manifest next update: Sun 07 Dec 2025 23:01:43 +0000 Files and hashes: 1: EsqtEcXYmB2YPDAehqGs8tgRqsE.crl (hash: 5ZR/pyLqs2ixqsFknkRfhWyujEbADTTLJW10PEb9CtQ=) 2: wCYSBxlEFn9C3bKzEBin_RqzoTU.roa (hash: HuM1kg7JZIqnFeWlmolggLVBCkZTp9UadWTeRelOxb8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft rsync://rpki.ripe.net/repository/DEFAULT/EsqtEcXYmB2YPDAehqGs8tgRqsE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:e6:52:81:38:08:e7:9e:a4:2d:5d:15:d0:9f:38:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=12caad11c5d8981d983c301e86a1acf2d811aac1 Validity Not Before: Dec 6 23:01:43 2025 GMT Not After : Dec 7 23:01:43 2025 GMT Subject: CN=bc5df4b9b319d5302857466f0621ae16a75189f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e4:cc:03:18:a8:3b:89:b0:4e:88:f2:97:c6: 4d:21:88:32:c1:2f:1b:3c:ce:de:93:2a:7c:b5:95: cd:76:a5:6a:30:18:0d:c6:a1:e7:ce:01:46:ef:8b: 56:47:d3:6d:72:9f:2a:96:9f:67:ea:37:86:6a:6a: 98:62:b9:28:a4:7c:0b:1d:52:2c:fb:da:43:84:9c: 75:4c:f5:6c:7a:8e:03:20:6f:0b:67:37:c1:3e:dd: bf:ca:fa:9d:e6:58:60:3d:55:ab:e3:93:16:8d:3b: f9:ed:f3:ae:e5:dc:30:8f:2a:70:30:66:94:6b:2f: 52:d0:4a:c5:6f:f6:01:1a:8d:50:93:28:f1:2a:ec: 0c:39:2c:01:f9:fb:c3:c1:92:5b:91:bd:20:eb:5b: 1f:b9:20:cc:2f:71:3a:18:6b:a3:bf:58:56:9d:70: 61:e8:9f:8e:84:5c:c6:e2:1c:d0:2d:6a:dc:ad:cd: 0b:a1:cf:bf:97:f6:d8:93:c0:63:9f:17:1f:f1:a8: ca:58:e7:81:66:75:51:c5:0a:cd:f1:1c:2c:69:a9: 78:62:39:bc:81:48:9d:41:00:c9:20:4f:7f:3c:6a: be:2a:66:3f:35:7a:3d:38:a6:2f:b5:0c:27:47:48: 2a:d0:ec:58:b7:f8:ee:5a:91:7e:84:92:c4:1d:45: 50:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:5D:F4:B9:B3:19:D5:30:28:57:46:6F:06:21:AE:16:A7:51:89:F4 X509v3 Authority Key Identifier: keyid:12:CA:AD:11:C5:D8:98:1D:98:3C:30:1E:86:A1:AC:F2:D8:11:AA:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsqtEcXYmB2YPDAehqGs8tgRqsE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/6c3fa1-63b5-4bdc-94be-eb7b9590e303/1/EsqtEcXYmB2YPDAehqGs8tgRqsE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:c3:03:65:5e:5d:e6:82:b9:fa:5a:54:d1:b4:cf:66:08:91: 4b:9f:37:10:fd:55:7c:4f:a7:c0:c0:48:0c:50:a7:d4:57:91: b4:62:d4:db:82:e8:b6:4f:59:66:32:73:8e:9f:d3:5d:ed:ca: 7a:88:98:04:9f:84:fe:d2:72:98:d1:90:8a:a9:44:52:c9:e6: a2:9f:bd:15:98:9f:4f:24:37:63:5f:35:77:2c:05:09:a6:a0: da:7a:ea:70:a7:b9:36:48:2c:c1:4a:d3:4a:cf:7d:ce:85:1b: 84:78:87:cd:f7:31:18:65:35:fa:b1:ef:3a:e5:9f:00:21:78: ea:4d:c8:70:b8:50:d5:fc:9d:80:63:48:8d:33:fa:69:62:08: d9:cd:fe:33:6d:55:c6:c1:89:3d:fd:ec:fa:30:95:df:c1:ec: a9:90:86:c9:b1:f5:d5:16:ad:78:9f:78:6c:85:a1:f1:4b:6b: e4:f6:07:0f:c6:d0:8f:97:83:01:6f:dc:a4:d0:08:9f:02:bf: 5f:40:fb:5d:2a:d6:e7:6c:fe:e5:7d:64:e4:44:3e:79:27:62: ef:23:c6:cf:a6:09:6b:c2:e6:fe:c3:57:4c:19:b2:15:f4:b8: 2c:ad:9e:98:ae:18:b9:6b:1f:3f:2a:43:f1:07:27:ea:ee:d4: 52:18:5e:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr15lKBOAjnnqQtXRXQnzjsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyY2FhZDExYzVkODk4MWQ5ODNjMzAxZTg2YTFhY2YyZDgx MWFhYzEwHhcNMjUxMjA2MjMwMTQzWhcNMjUxMjA3MjMwMTQzWjAzMTEwLwYDVQQD EyhiYzVkZjRiOWIzMTlkNTMwMjg1NzQ2NmYwNjIxYWUxNmE3NTE4OWY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOTMAxioO4mwTojyl8ZNIYgywS8b PM7ekyp8tZXNdqVqMBgNxqHnzgFG74tWR9Ntcp8qlp9n6jeGamqYYrkopHwLHVIs +9pDhJx1TPVseo4DIG8LZzfBPt2/yvqd5lhgPVWr45MWjTv57fOu5dwwjypwMGaU ay9S0ErFb/YBGo1QkyjxKuwMOSwB+fvDwZJbkb0g61sfuSDML3E6GGujv1hWnXBh 6J+OhFzG4hzQLWrcrc0Loc+/l/bYk8Bjnxcf8ajKWOeBZnVRxQrN8Rwsaal4Yjm8 gUidQQDJIE9/PGq+KmY/NXo9OKYvtQwnR0gq0OxYt/juWpF+hJLEHUVQIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLxd9LmzGdUwKFdGbwYhrhanUYn0MB8GA1UdIwQY MBaAFBLKrRHF2JgdmDwwHoahrPLYEarBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXNxdEVjWFltQjJZUERBZWhxR3M4dGdScXNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82YzNmYTEtNjNiNS00YmRjLTk0YmUt ZWI3Yjk1OTBlMzAzLzEvRXNxdEVjWFltQjJZUERBZWhxR3M4dGdScXNFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS82YzNmYTEtNjNiNS00YmRjLTk0YmUtZWI3Yjk1OTBlMzAz LzEvRXNxdEVjWFltQjJZUERBZWhxR3M4dGdScXNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAcMDZV5d 5oK5+lpU0bTPZgiRS583EP1VfE+nwMBIDFCn1FeRtGLU24Lotk9ZZjJzjp/TXe3K eoiYBJ+E/tJymNGQiqlEUsnmop+9FZifTyQ3Y181dywFCaag2nrqcKe5NkgswUrT Ss99zoUbhHiHzfcxGGU1+rHvOuWfACF46k3IcLhQ1fydgGNIjTP6aWII2c3+M21V xsGJPf3s+jCV38HsqZCGybH11RateJ94bIWh8Utr5PYHD8bQj5eDAW/cpNAInwK/ X0D7XSrW52z+5X1k5EQ+eSdi7yPGz6YJa8Lm/sNXTBmyFfS4LK2emK4YuWsfPypD 8Qcn6u7UUhheUA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:57:37 2025 by rpki-client