This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft File: P5YkCZj85BJMPLTfusuw7RYYQFo.mft (raw, json) Hash identifier: ldcN0b1CyZkyIFSMbuAD2Hl/Gs9Vt9lLakGPoiG1n7A= Subject key identifier: 2D:C0:03:EB:41:20:D9:81:75:23:CE:71:70:E4:CA:DA:A6:54:4A:0A Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a Certificate serial: 019B2889D548DCCA29AFA6F0132262242FB0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft Manifest number: 1780 Signing time: Tue 16 Dec 2025 19:01:20 +0000 Manifest this update: Tue 16 Dec 2025 19:01:20 +0000 Manifest next update: Wed 17 Dec 2025 19:01:20 +0000 Files and hashes: 1: P5YkCZj85BJMPLTfusuw7RYYQFo.crl (hash: 0zMgF7DgNzOxgovgiSDwDOaT+GEeDLZhHSKMzjXdR1M=) 2: UXaxt-b39pINfZ1Y1ojLfS7SwMw.roa (hash: IC6xINcQpVjUgVum+7114aRM3S8XEivwvk3gYzMafvQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:28:89:d5:48:dc:ca:29:af:a6:f0:13:22:62:24:2f:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a Validity Not Before: Dec 16 19:01:20 2025 GMT Not After : Dec 17 19:01:20 2025 GMT Subject: CN=2dc003eb4120d9817523ce7170e4cadaa6544a0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:05:6c:17:c2:e2:1f:9e:74:d2:33:59:e1:3c: 27:44:9d:97:f7:5e:7a:0e:59:67:b0:31:d5:6a:b5: 44:2e:96:f5:54:f2:58:71:20:c3:bd:e4:e1:44:18: 5d:0e:c2:24:f1:b8:16:5a:ab:a6:47:f1:b4:3b:c0: fa:2d:6d:e3:9c:8d:43:0a:67:f9:dc:2e:c9:37:ce: 49:ba:a1:fb:29:04:6d:f8:51:9d:1b:ba:9b:74:f6: 5b:2c:b1:28:c2:c3:e3:b6:bc:86:9e:29:75:bb:c7: 2e:5f:3a:ef:a0:b6:9d:ec:cb:64:76:9d:ae:4e:11: ee:9c:3d:d0:bf:35:7b:b2:0d:f3:ac:e2:5f:be:b0: 02:98:69:da:18:d8:19:36:80:b6:fa:fa:81:18:50: 1d:11:42:4f:98:d4:f4:bd:32:0b:ff:a9:77:c4:0d: f7:ca:4a:92:9f:9d:cf:32:fb:f5:1d:da:2f:17:98: 68:c6:60:3e:77:b1:ae:45:73:f9:9a:de:01:75:b8: 4a:8a:f1:1b:60:ec:97:6e:1b:39:cb:8e:30:2f:1a: ea:46:d0:b1:b5:4e:11:f2:2f:0c:72:42:de:88:0e: c2:78:4f:40:b0:78:cc:40:a7:3a:c2:52:dd:54:5b: f1:35:d9:94:87:a9:b6:d6:ed:a3:ae:dc:8e:d0:c7: a4:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C0:03:EB:41:20:D9:81:75:23:CE:71:70:E4:CA:DA:A6:54:4A:0A X509v3 Authority Key Identifier: keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:6b:99:d4:ad:8c:75:4a:95:74:2a:ff:c5:20:f8:71:bd:34: 71:3a:16:27:e2:c4:81:f4:04:36:ef:0f:c1:2b:03:a8:80:1a: 06:d8:42:a8:39:11:ce:d6:df:80:00:1c:fe:d7:ba:79:b7:4f: 52:9d:c3:5f:d3:ca:12:94:b4:bb:54:f7:72:c9:4d:da:80:d5: 6b:b3:98:91:2e:84:a2:0c:1f:93:62:d0:88:a4:aa:ed:b5:f8: 8d:2c:db:b3:2e:32:69:0a:1d:23:3e:5b:48:11:ac:47:9a:68: 88:be:fa:40:35:ad:8c:28:c4:77:f4:92:2d:d1:75:a0:83:5c: 4f:fe:c6:29:f5:a6:a4:2d:b8:30:ac:5d:02:d0:26:bc:45:f4: 89:4b:79:ab:49:a4:9b:e2:47:e7:6a:ca:21:70:5b:69:50:d0: 5c:8a:fc:23:39:0e:43:e2:3a:fe:b8:b7:99:61:9a:4f:87:9f: cd:f1:0b:3d:89:0d:52:ae:56:b0:88:7e:26:cf:29:9c:49:7d: be:9e:1b:aa:59:12:de:3c:f2:5c:6b:40:49:68:67:08:7f:ac: a9:37:e4:0d:36:11:e7:b8:3c:f9:5f:41:1e:d0:d4:c3:52:e6: 36:39:b6:43:48:75:30:d7:40:b6:16:80:bf:44:dc:48:1b:8b: da:7a:b1:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsoidVI3Mopr6bwEyJiJC+wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmOTYyNDA5OThmY2U0MTI0YzNjYjRkZmJhY2JiMGVkMTYx ODQwNWEwHhcNMjUxMjE2MTkwMTIwWhcNMjUxMjE3MTkwMTIwWjAzMTEwLwYDVQQD EygyZGMwMDNlYjQxMjBkOTgxNzUyM2NlNzE3MGU0Y2FkYWE2NTQ0YTBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gVsF8LiH5500jNZ4TwnRJ2X9156 DllnsDHVarVELpb1VPJYcSDDveThRBhdDsIk8bgWWqumR/G0O8D6LW3jnI1DCmf5 3C7JN85JuqH7KQRt+FGdG7qbdPZbLLEowsPjtryGnil1u8cuXzrvoLad7Mtkdp2u ThHunD3QvzV7sg3zrOJfvrACmGnaGNgZNoC2+vqBGFAdEUJPmNT0vTIL/6l3xA33 ykqSn53PMvv1HdovF5hoxmA+d7GuRXP5mt4BdbhKivEbYOyXbhs5y44wLxrqRtCx tU4R8i8MckLeiA7CeE9AsHjMQKc6wlLdVFvxNdmUh6m21u2jrtyO0MekTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC3AA+tBINmBdSPOcXDkytqmVEoKMB8GA1UdIwQY MBaAFD+WJAmY/OQSTDy037rLsO0WGEBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQt Yzc0MWMyN2I0ZTIyLzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQtYzc0MWMyN2I0ZTIy LzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2uZ1K2M dUqVdCr/xSD4cb00cToWJ+LEgfQENu8PwSsDqIAaBthCqDkRztbfgAAc/te6ebdP Up3DX9PKEpS0u1T3cslN2oDVa7OYkS6Eogwfk2LQiKSq7bX4jSzbsy4yaQodIz5b SBGsR5poiL76QDWtjCjEd/SSLdF1oINcT/7GKfWmpC24MKxdAtAmvEX0iUt5q0mk m+JH52rKIXBbaVDQXIr8IzkOQ+I6/ri3mWGaT4efzfELPYkNUq5WsIh+Js8pnEl9 vp4bqlkS3jzyXGtASWhnCH+sqTfkDTYR57g8+V9BHtDUw1LmNjm2Q0h1MNdAthaA v0TcSBuL2nqxZg== -----END CERTIFICATE-----Generated at Tue Dec 16 22:20:11 2025 by rpki-client