This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft File: 5D7dxEvG9TRFds9ZrwATXGtiwB0.mft (raw, json) Hash identifier: p7PjN8iCJp4D6EoqrEOvqsd8b8Hd78bZ0kKj57Ku8DI= Subject key identifier: 4E:DB:0A:E2:5F:8B:87:51:27:5F:E4:29:46:2B:9B:8A:BC:18:A9:90 Authority key identifier: E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D Certificate issuer: /CN=e43eddc44bc6f5344576cf59af00135c6b62c01d Certificate serial: 019B59E37343EF5E0C1782BC9D9E1130E342 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft Manifest number: 0DFE Signing time: Fri 26 Dec 2025 09:00:36 +0000 Manifest this update: Fri 26 Dec 2025 09:00:36 +0000 Manifest next update: Sat 27 Dec 2025 09:00:36 +0000 Files and hashes: 1: 5D7dxEvG9TRFds9ZrwATXGtiwB0.crl (hash: XLezTqYUJUAZcrhISIB15YNJdtiv2OF0SAMVVVe/MiA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:73:43:ef:5e:0c:17:82:bc:9d:9e:11:30:e3:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e43eddc44bc6f5344576cf59af00135c6b62c01d Validity Not Before: Dec 26 09:00:36 2025 GMT Not After : Dec 27 09:00:36 2025 GMT Subject: CN=4edb0ae25f8b8751275fe429462b9b8abc18a990 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7a:b6:7e:a3:57:cb:9b:76:70:b5:2f:5e:82: 83:88:5b:be:41:a5:62:7b:5c:2e:60:cf:30:76:6c: a4:0d:e1:35:f6:6f:99:fc:20:63:9a:64:25:44:c4: 3e:97:cb:38:ec:94:5f:91:76:48:79:e7:0c:5c:40: 7f:07:8b:0e:7c:a6:c6:28:92:a8:8b:48:fe:32:28: a6:7f:bd:c0:b9:cb:92:87:08:6c:c3:fc:8e:45:fe: b9:8b:18:89:60:3c:6e:4d:25:fe:dc:76:5d:95:bc: f9:d7:54:dd:07:c2:1d:87:13:f9:24:75:5b:e3:bc: 16:3d:3c:4b:5d:44:00:9d:b7:f2:85:24:10:1c:46: 7c:18:23:08:05:d3:62:e5:ea:eb:bb:7c:53:31:ab: 8f:4f:17:28:2f:52:c5:8f:7f:9c:41:02:96:55:60: 21:1f:99:c7:44:19:74:03:e8:a4:ad:74:77:72:be: ff:b6:aa:72:8b:16:43:d9:ca:4f:c5:4e:32:5c:b7: ee:d9:f5:d6:c2:77:b9:5a:2a:79:cb:cb:48:07:9a: 86:b4:ad:cc:ee:62:a4:ba:7c:95:cf:1d:ba:46:e4: 46:a7:dc:fc:77:fe:79:c8:d7:f9:29:60:23:95:c9: 3d:b0:f4:c3:a9:e7:c4:01:4e:2a:fa:81:5e:ab:f2: d7:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:DB:0A:E2:5F:8B:87:51:27:5F:E4:29:46:2B:9B:8A:BC:18:A9:90 X509v3 Authority Key Identifier: keyid:E4:3E:DD:C4:4B:C6:F5:34:45:76:CF:59:AF:00:13:5C:6B:62:C0:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D7dxEvG9TRFds9ZrwATXGtiwB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2daa72-0314-46c5-be5b-9a69304258a0/1/5D7dxEvG9TRFds9ZrwATXGtiwB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:96:c0:8e:c2:6c:73:e0:64:42:94:c2:9b:24:dd:39:67:27: f7:c5:1f:94:ce:83:89:12:12:06:05:49:ee:d2:60:84:e4:de: 47:77:7b:69:b7:51:39:94:ef:a3:e4:72:41:d7:5f:b9:ca:dd: 00:ab:55:3f:61:75:6e:20:3d:43:62:b9:3a:83:33:f7:bc:a2: 7f:75:9f:d3:f0:1c:5c:4f:48:0e:d0:be:81:55:5e:cf:c4:b3: 3c:66:f5:c8:02:1a:64:a7:44:07:63:66:e7:5b:0f:3d:2a:15: 56:c1:06:ac:1f:52:4c:93:8c:9b:34:15:32:88:d0:d2:1f:11: d3:9b:7c:79:20:ad:d8:1c:2c:0d:a4:f4:76:6e:60:4b:be:16: 08:a7:ef:1b:74:d0:2f:18:b5:83:4d:87:51:cb:20:5d:bd:00: 67:da:39:db:fe:cf:32:a3:ba:81:14:fe:e5:34:c6:3e:b4:11: e0:81:31:d7:d9:c9:64:33:49:bf:01:58:41:7f:49:40:b2:0f: 8d:a6:82:1f:e9:b1:5f:95:ca:d3:48:4d:97:4d:06:9e:d4:98: d6:12:c3:a9:44:e3:73:31:a4:ea:4d:d9:2f:0c:05:d7:f8:8f: f1:ee:43:d3:20:4d:ef:21:29:fb:dd:1b:7e:29:c5:12:44:0d: 1e:4e:37:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ43ND714MF4K8nZ4RMONCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0M2VkZGM0NGJjNmY1MzQ0NTc2Y2Y1OWFmMDAxMzVjNmI2 MmMwMWQwHhcNMjUxMjI2MDkwMDM2WhcNMjUxMjI3MDkwMDM2WjAzMTEwLwYDVQQD Eyg0ZWRiMGFlMjVmOGI4NzUxMjc1ZmU0Mjk0NjJiOWI4YWJjMThhOTkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Xq2fqNXy5t2cLUvXoKDiFu+QaVi e1wuYM8wdmykDeE19m+Z/CBjmmQlRMQ+l8s47JRfkXZIeecMXEB/B4sOfKbGKJKo i0j+Miimf73AucuShwhsw/yORf65ixiJYDxuTSX+3HZdlbz511TdB8IdhxP5JHVb 47wWPTxLXUQAnbfyhSQQHEZ8GCMIBdNi5erru3xTMauPTxcoL1LFj3+cQQKWVWAh H5nHRBl0A+ikrXR3cr7/tqpyixZD2cpPxU4yXLfu2fXWwne5Wip5y8tIB5qGtK3M 7mKkunyVzx26RuRGp9z8d/55yNf5KWAjlck9sPTDqefEAU4q+oFeq/LXnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE7bCuJfi4dRJ1/kKUYrm4q8GKmQMB8GA1UdIwQY MBaAFOQ+3cRLxvU0RXbPWa8AE1xrYsAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWIt OWE2OTMwNDI1OGEwLzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC8yZGFhNzItMDMxNC00NmM1LWJlNWItOWE2OTMwNDI1OGEw LzEvNUQ3ZHhFdkc5VFJGZHM5WnJ3QVRYR3Rpd0IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq5bAjsJs c+BkQpTCmyTdOWcn98UflM6DiRISBgVJ7tJghOTeR3d7abdROZTvo+RyQddfucrd AKtVP2F1biA9Q2K5OoMz97yif3Wf0/AcXE9IDtC+gVVez8SzPGb1yAIaZKdEB2Nm 51sPPSoVVsEGrB9STJOMmzQVMojQ0h8R05t8eSCt2BwsDaT0dm5gS74WCKfvG3TQ Lxi1g02HUcsgXb0AZ9o52/7PMqO6gRT+5TTGPrQR4IEx19nJZDNJvwFYQX9JQLIP jaaCH+mxX5XK00hNl00GntSY1hLDqUTjczGk6k3ZLwwF1/iP8e5D0yBN7yEp+90b finFEkQNHk43NQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:01 2025 by rpki-client