This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft File: 5cfDmlkS3cIen2tRmJZyV2ISeDM.mft (raw, json) Hash identifier: k/gvGj9VaLNF1ngn9kL6+EpfCOler5H7r3jqJg1+BRM= Subject key identifier: 5B:48:FA:DA:76:FC:B1:72:0F:C9:41:7E:36:BB:6F:49:D5:D8:85:14 Authority key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33 Certificate issuer: /CN=e5c7c39a5912ddc21e9f6b519896725762127833 Certificate serial: 019B59771E3D3A1A68B5F9155AB51111D87D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft Manifest number: 0311 Signing time: Fri 26 Dec 2025 07:02:17 +0000 Manifest this update: Fri 26 Dec 2025 07:02:17 +0000 Manifest next update: Sat 27 Dec 2025 07:02:17 +0000 Files and hashes: 1: 5cfDmlkS3cIen2tRmJZyV2ISeDM.crl (hash: EPhy6ktXDMsL4+APsR26od/VIvRhPYaXm7Fi70p1DaE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:1e:3d:3a:1a:68:b5:f9:15:5a:b5:11:11:d8:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e5c7c39a5912ddc21e9f6b519896725762127833 Validity Not Before: Dec 26 07:02:17 2025 GMT Not After : Dec 27 07:02:17 2025 GMT Subject: CN=5b48fada76fcb1720fc9417e36bb6f49d5d88514 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:42:00:00:a3:dd:bd:74:99:76:35:12:90:9e: 83:18:55:0d:db:67:19:45:9c:79:63:4e:74:35:28: 3d:af:92:6b:04:b0:b9:32:bc:ec:c3:ba:e4:fe:1c: 5f:d2:7d:b3:25:82:98:c0:a1:24:67:37:8d:61:d0: 6d:c3:60:ea:43:cf:c4:ce:22:a4:eb:74:c7:84:50: 54:f8:f4:0c:c9:b7:98:8f:56:3c:b2:e4:59:d6:2d: 4b:36:21:29:35:ba:f0:88:6d:9a:77:4c:2c:6b:ba: fe:86:f8:54:f8:b2:e6:2a:30:9c:14:bd:b0:88:35: 06:ba:ce:44:b3:ba:ea:8c:63:35:6d:cc:a6:3f:3c: aa:33:ab:b5:fc:e3:b9:23:8a:3e:97:f7:dc:76:99: 70:79:ff:77:2a:ed:39:1c:d5:aa:31:c7:04:e6:29: 54:75:fc:ef:47:4e:69:cf:ce:65:28:9b:1e:11:88: 4f:b2:99:1f:bf:15:0d:58:51:97:b5:23:3d:ac:ba: e9:df:fa:64:5c:45:9f:f0:1a:db:7c:ac:09:9a:4c: 29:57:a1:2e:80:8e:e4:d3:56:73:a0:36:74:6d:75: 93:37:64:1c:36:70:f6:d2:e2:1e:0a:b1:45:48:3e: 50:04:56:ae:24:1e:8a:d7:ba:48:89:f7:f2:18:92: 6b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:48:FA:DA:76:FC:B1:72:0F:C9:41:7E:36:BB:6F:49:D5:D8:85:14 X509v3 Authority Key Identifier: keyid:E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:46:d9:0b:7c:1e:b9:6b:e6:2c:10:f3:9d:cd:4c:e5:62:7e: f3:a8:24:76:18:7f:9a:17:de:b5:d9:74:17:90:fe:d7:8c:cb: c0:2a:a6:c9:bd:3b:e8:3d:e6:b0:a9:71:3e:b9:16:d1:cb:bd: 95:3a:e9:59:67:47:d6:ba:60:81:10:3f:18:1b:9c:59:da:e6: 4e:9c:84:93:88:98:ea:9a:3d:14:e9:16:16:35:34:af:e4:70: dc:41:41:8d:12:36:3f:6f:3d:b6:f1:c6:58:46:9d:ec:c7:10: 9e:88:f7:f0:4f:63:77:bd:86:3f:58:0d:7c:6b:f1:59:42:b1: d4:9a:97:91:f5:f0:ae:cd:d9:a3:71:3d:f6:ff:49:ce:91:63: 59:f3:c2:43:b1:eb:b7:1e:ba:ea:ed:c3:a7:d4:f0:92:88:03: 63:3a:ad:e7:85:aa:e0:c2:db:4a:04:f4:f4:34:9e:b5:1f:3b: 1b:95:24:5a:28:bc:76:6d:93:45:1e:64:64:15:96:1b:1c:06: 73:75:3a:39:9f:0b:5c:86:6e:66:d6:e2:bb:2c:80:50:99:40: ec:2b:e6:8c:1a:b9:c3:38:d3:9d:ce:74:1a:60:9b:c4:ce:92: fe:69:d2:36:9f:36:7c:b3:41:4f:f7:8e:ea:c5:89:93:cd:dd: 40:34:8d:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdx49OhpotfkVWrUREdh9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1YzdjMzlhNTkxMmRkYzIxZTlmNmI1MTk4OTY3MjU3NjIx Mjc4MzMwHhcNMjUxMjI2MDcwMjE3WhcNMjUxMjI3MDcwMjE3WjAzMTEwLwYDVQQD Eyg1YjQ4ZmFkYTc2ZmNiMTcyMGZjOTQxN2UzNmJiNmY0OWQ1ZDg4NTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUIAAKPdvXSZdjUSkJ6DGFUN22cZ RZx5Y050NSg9r5JrBLC5Mrzsw7rk/hxf0n2zJYKYwKEkZzeNYdBtw2DqQ8/EziKk 63THhFBU+PQMybeYj1Y8suRZ1i1LNiEpNbrwiG2ad0wsa7r+hvhU+LLmKjCcFL2w iDUGus5Es7rqjGM1bcymPzyqM6u1/OO5I4o+l/fcdplwef93Ku05HNWqMccE5ilU dfzvR05pz85lKJseEYhPspkfvxUNWFGXtSM9rLrp3/pkXEWf8BrbfKwJmkwpV6Eu gI7k01ZzoDZ0bXWTN2QcNnD20uIeCrFFSD5QBFauJB6K17pIiffyGJJr6wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFtI+tp2/LFyD8lBfja7b0nV2IUUMB8GA1UdIwQY MBaAFOXHw5pZEt3CHp9rUZiWcldiEngzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQt MzhmODY0YTM0Yjc4LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS8xMGFmODMtMDhmNS00OTE5LWJhMWQtMzhmODY0YTM0Yjc4 LzEvNWNmRG1sa1MzY0llbjJ0Um1KWnlWMklTZURNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaEbZC3we uWvmLBDznc1M5WJ+86gkdhh/mhfetdl0F5D+14zLwCqmyb076D3msKlxPrkW0cu9 lTrpWWdH1rpggRA/GBucWdrmTpyEk4iY6po9FOkWFjU0r+Rw3EFBjRI2P289tvHG WEad7McQnoj38E9jd72GP1gNfGvxWUKx1JqXkfXwrs3Zo3E99v9JzpFjWfPCQ7Hr tx666u3Dp9TwkogDYzqt54Wq4MLbSgT09DSetR87G5UkWii8dm2TRR5kZBWWGxwG c3U6OZ8LXIZuZtbiuyyAUJlA7CvmjBq5wzjTnc50GmCbxM6S/mnSNp82fLNBT/eO 6sWJk83dQDSNMA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:21 2025 by rpki-client