This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft File: 5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json) Hash identifier: +So3/KNFx/iheoP0giLOVnNcXFzuSnd3EMbfiVcsORQ= Subject key identifier: 90:97:0C:57:21:95:9A:E4:C3:C6:CB:F2:DB:91:9F:F2:D0:4C:88:3A Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA Certificate issuer: /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa Certificate serial: 019AF31C0E41CF58B086EA4F8B393DFB80DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft Manifest number: 0A7F Signing time: Sat 06 Dec 2025 10:01:33 +0000 Manifest this update: Sat 06 Dec 2025 10:01:33 +0000 Manifest next update: Sun 07 Dec 2025 10:01:33 +0000 Files and hashes: 1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: mC6+n0IQmT05nyXVmTYISXG0Pd0Ps+p0r3oi+BXHMPQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:0e:41:cf:58:b0:86:ea:4f:8b:39:3d:fb:80:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa Validity Not Before: Dec 6 10:01:33 2025 GMT Not After : Dec 7 10:01:33 2025 GMT Subject: CN=90970c5721959ae4c3c6cbf2db919ff2d04c883a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:b7:29:c8:d4:eb:45:6b:a6:5a:20:02:6d:db: 8c:4e:bd:4a:b0:85:76:ac:8d:7a:a9:85:6b:e0:71: e8:8e:08:8d:c9:e9:e3:af:1d:77:ea:49:14:c6:e8: 59:92:4f:fa:5e:83:ca:b0:67:38:d1:22:42:7a:11: 50:20:7f:b1:4f:23:2a:52:bb:2a:ae:2a:93:11:ad: 9c:a8:d4:c2:fd:61:e7:39:99:2c:b4:0a:9d:ef:f1: 00:40:25:02:69:f0:73:2b:52:49:f7:44:44:90:2e: 23:73:8a:5e:9f:95:23:56:38:54:f2:5d:28:03:a2: 85:6b:87:9a:b7:2d:6d:44:af:e0:5a:f4:03:f8:b7: 39:fe:88:ee:71:21:ff:5d:af:fe:cf:e1:b0:bf:a6: c8:6b:58:d2:8e:74:97:2e:1c:87:e9:e8:6c:80:38: 83:47:a6:09:84:80:ea:fa:82:c8:38:32:58:96:79: 3b:b9:12:7b:e5:c5:a0:c8:40:58:f6:54:a0:6c:3a: 9c:fd:ae:ec:53:e8:ef:75:4b:25:c5:41:bb:1e:1b: ad:2e:56:1e:45:e9:30:48:6e:2e:ec:07:42:8c:96: 91:3f:63:54:d4:fb:8f:e9:ea:d1:b0:06:8f:e4:19: ac:04:ac:cb:e5:33:92:4f:a6:c4:52:2e:b9:38:b5: 2f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:97:0C:57:21:95:9A:E4:C3:C6:CB:F2:DB:91:9F:F2:D0:4C:88:3A X509v3 Authority Key Identifier: keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:96:a3:c5:75:db:92:2e:65:26:cb:8b:24:3d:75:b5:d4:74: d3:cc:fc:ac:01:37:28:e3:fa:83:6b:8a:58:58:b3:e5:66:77: cc:3f:94:5d:6b:5e:99:a5:91:05:67:cf:a5:31:63:d4:08:9c: 45:a0:03:02:37:35:a6:43:8c:e9:98:09:c6:9d:66:77:02:2f: a8:4b:36:2d:49:f3:13:47:90:29:e2:50:80:fd:22:78:b6:0e: 07:f4:9f:48:ef:82:d2:1f:a1:08:22:f6:9f:9d:b7:45:2f:22: 4c:2d:a7:eb:30:4f:f1:f7:1d:b7:6d:56:86:36:ed:11:18:45: 1a:01:a1:39:19:66:41:b2:4f:f8:a4:ed:de:07:04:4d:5f:d8: 1b:d7:b8:1a:72:2a:94:8f:4a:c7:17:61:a3:68:af:72:38:91: 73:89:dc:99:90:01:97:37:ee:06:eb:14:0c:a3:8a:ad:24:e2: 08:f2:79:81:9c:0d:80:8c:d3:9b:78:0b:5d:75:e3:50:de:c9: bd:09:64:03:19:4a:52:c9:2d:ee:2a:74:bb:b9:75:2c:2e:ae: 3f:38:cb:02:03:e9:f5:f1:b8:ba:ba:27:d1:60:2f:dc:01:56: b1:49:64:b0:51:5a:fb:46:c3:7b:9b:f3:68:b1:ca:53:6a:21: f2:a9:0e:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHA5Bz1iwhupPizk9+4DcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5 NDM5ZmEwHhcNMjUxMjA2MTAwMTMzWhcNMjUxMjA3MTAwMTMzWjAzMTEwLwYDVQQD Eyg5MDk3MGM1NzIxOTU5YWU0YzNjNmNiZjJkYjkxOWZmMmQwNGM4ODNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bcpyNTrRWumWiACbduMTr1KsIV2 rI16qYVr4HHojgiNyenjrx136kkUxuhZkk/6XoPKsGc40SJCehFQIH+xTyMqUrsq riqTEa2cqNTC/WHnOZkstAqd7/EAQCUCafBzK1JJ90REkC4jc4pen5UjVjhU8l0o A6KFa4eaty1tRK/gWvQD+Lc5/ojucSH/Xa/+z+Gwv6bIa1jSjnSXLhyH6ehsgDiD R6YJhIDq+oLIODJYlnk7uRJ75cWgyEBY9lSgbDqc/a7sU+jvdUslxUG7HhutLlYe RekwSG4u7AdCjJaRP2NU1PuP6erRsAaP5BmsBKzL5TOST6bEUi65OLUvXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJCXDFchlZrkw8bL8tuRn/LQTIg6MB8GA1UdIwQY MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2 LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJajxXXb ki5lJsuLJD11tdR008z8rAE3KOP6g2uKWFiz5WZ3zD+UXWtemaWRBWfPpTFj1Aic RaADAjc1pkOM6ZgJxp1mdwIvqEs2LUnzE0eQKeJQgP0ieLYOB/SfSO+C0h+hCCL2 n523RS8iTC2n6zBP8fcdt21WhjbtERhFGgGhORlmQbJP+KTt3gcETV/YG9e4GnIq lI9Kxxdho2ivcjiRc4ncmZABlzfuBusUDKOKrSTiCPJ5gZwNgIzTm3gLXXXjUN7J vQlkAxlKUskt7ip0u7l1LC6uPzjLAgPp9fG4uron0WAv3AFWsUlksFFa+0bDe5vz aLHKU2oh8qkOkA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:09:15 2025 by rpki-client