This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft File: 5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json) Hash identifier: P2nu8ZCWZaGE4B9AYy8bhaJkCU0JNSU5EBK57/JpqW4= Subject key identifier: B1:58:47:60:92:83:91:47:9C:BF:A4:1D:20:4C:BA:46:85:47:4E:71 Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90 Certificate issuer: /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090 Certificate serial: 019B2061F536DE9E1AB5211ECE604957CA58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft Manifest number: 041D Signing time: Mon 15 Dec 2025 05:00:49 +0000 Manifest this update: Mon 15 Dec 2025 05:00:49 +0000 Manifest next update: Tue 16 Dec 2025 05:00:49 +0000 Files and hashes: 1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: Gh5iFu/IE3iND4DFrRFG7Ps3IoCPBUQAYwMum99SofM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 05:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:61:f5:36:de:9e:1a:b5:21:1e:ce:60:49:57:ca:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090 Validity Not Before: Dec 15 05:00:49 2025 GMT Not After : Dec 16 05:00:49 2025 GMT Subject: CN=b1584760928391479cbfa41d204cba4685474e71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:5c:10:60:05:36:d4:a3:2a:ae:9d:10:f5:72: cb:86:e8:f9:2c:0a:5c:57:ce:d5:28:10:18:3d:8e: da:7b:4c:42:2b:82:e3:27:5b:00:be:09:b3:af:5c: 3c:e4:6d:0a:2c:b3:32:a4:3e:1c:e6:fc:c1:6f:13: c5:05:6a:60:57:2f:6b:41:b1:78:77:c1:81:72:c5: ee:5f:bd:1b:f7:41:3d:5b:1a:8c:0e:5d:72:fc:ed: 50:e5:03:9c:e3:bc:dc:22:4a:15:0d:9a:44:ba:be: 6f:cc:ba:65:0c:78:92:d0:91:72:c0:9e:f0:6d:cd: 14:9b:f0:85:d0:12:20:4f:32:ad:29:bf:4c:b3:c3: 9f:d6:8e:ce:a3:e8:b0:76:6f:61:32:c8:7a:53:ea: ec:d2:14:fb:8d:7c:d1:74:89:1a:29:6e:b8:f9:6a: f9:f5:5c:6d:34:21:84:b7:74:1c:a2:ca:f5:f0:d2: 59:a3:93:6f:de:b8:b5:03:9b:41:c1:62:2d:28:4d: 8d:02:ef:13:2c:48:2d:12:10:b3:0e:ed:37:0d:3e: 83:19:7d:f1:c4:5f:b3:9f:66:2a:0a:c1:8e:18:1c: 5c:14:ca:2f:84:01:a9:39:43:1b:11:a5:21:a9:42: 9a:19:49:a9:fd:33:86:90:55:ff:5c:07:a8:0a:15: e9:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:58:47:60:92:83:91:47:9C:BF:A4:1D:20:4C:BA:46:85:47:4E:71 X509v3 Authority Key Identifier: keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:ab:e2:18:05:49:c7:6b:37:cb:b2:c6:ba:57:19:8e:3b:b2: 7a:e5:a6:b7:ab:fe:6a:b9:b1:c1:7e:26:85:e3:fc:51:8a:d6: 10:fd:05:ea:fc:8e:1c:c0:e4:5e:0b:52:31:d4:8c:16:c0:d4: e9:0e:7f:21:d0:8e:7c:d8:49:d1:f4:1c:4a:cf:a2:ef:d5:3e: 19:af:7d:6d:62:6e:1a:5a:2b:58:53:29:9d:60:ae:6a:01:4d: 1c:1b:38:01:56:31:7a:8f:24:9a:d5:b4:15:65:90:a1:fa:0a: 26:7c:0f:88:fb:88:14:c7:8e:19:45:e4:12:1f:af:0c:05:ce: e1:96:62:3a:02:30:bd:59:ee:10:3d:1a:e3:62:15:6e:c7:92: 10:74:a3:e3:72:9d:04:5a:9b:97:45:7c:f8:fe:40:ca:54:53: 82:83:e3:e9:4d:bc:92:03:18:b4:a1:ee:3b:bf:cb:76:fe:1d: bf:e7:d7:dc:5c:a9:dd:98:41:e0:39:e8:e7:27:74:51:b9:ee: a5:38:ac:4c:2b:c6:40:7f:4f:a7:c3:d6:ff:fa:c9:f3:ec:15: 9a:f8:a8:85:7f:36:d2:89:57:de:7b:da:09:e4:37:6f:cf:39: 8e:27:cf:96:19:04:95:27:cb:d6:51:4d:76:96:10:b7:ae:54: 75:17:fe:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgYfU23p4atSEezmBJV8pYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl MmUwOTAwHhcNMjUxMjE1MDUwMDQ5WhcNMjUxMjE2MDUwMDQ5WjAzMTEwLwYDVQQD EyhiMTU4NDc2MDkyODM5MTQ3OWNiZmE0MWQyMDRjYmE0Njg1NDc0ZTcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFwQYAU21KMqrp0Q9XLLhuj5LApc V87VKBAYPY7ae0xCK4LjJ1sAvgmzr1w85G0KLLMypD4c5vzBbxPFBWpgVy9rQbF4 d8GBcsXuX70b90E9WxqMDl1y/O1Q5QOc47zcIkoVDZpEur5vzLplDHiS0JFywJ7w bc0Um/CF0BIgTzKtKb9Ms8Of1o7Oo+iwdm9hMsh6U+rs0hT7jXzRdIkaKW64+Wr5 9VxtNCGEt3Qcosr18NJZo5Nv3ri1A5tBwWItKE2NAu8TLEgtEhCzDu03DT6DGX3x xF+zn2YqCsGOGBxcFMovhAGpOUMbEaUhqUKaGUmp/TOGkFX/XAeoChXpXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLFYR2CSg5FHnL+kHSBMukaFR05xMB8GA1UdIwQY MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2 LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANKviGAVJ x2s3y7LGulcZjjuyeuWmt6v+armxwX4mheP8UYrWEP0F6vyOHMDkXgtSMdSMFsDU 6Q5/IdCOfNhJ0fQcSs+i79U+Ga99bWJuGlorWFMpnWCuagFNHBs4AVYxeo8kmtW0 FWWQofoKJnwPiPuIFMeOGUXkEh+vDAXO4ZZiOgIwvVnuED0a42IVbseSEHSj43Kd BFqbl0V8+P5AylRTgoPj6U28kgMYtKHuO7/Ldv4dv+fX3Fyp3ZhB4Dno5yd0Ubnu pTisTCvGQH9Pp8PW//rJ8+wVmviohX820olX3nvaCeQ3b885jifPlhkElSfL1lFN dpYQt65UdRf+hA== -----END CERTIFICATE-----Generated at Mon Dec 15 12:01:26 2025 by rpki-client