This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/1H5iy_X-8zd_nnzVhVj0Ti7qm84.mft File: 1H5iy_X-8zd_nnzVhVj0Ti7qm84.mft (raw, json) Hash identifier: 2o0+K62JrMVTME0q6KFpgtDdBwQzEJrlVurgMrtmmdM= Subject key identifier: 5B:CC:66:F4:47:9C:AF:2B:C8:D6:17:ED:99:5A:D9:54:B9:9B:DF:D1 Authority key identifier: D4:7E:62:CB:F5:FE:F3:37:7F:9E:7C:D5:85:58:F4:4E:2E:EA:9B:CE Certificate issuer: /CN=d47e62cbf5fef3377f9e7cd58558f44e2eea9bce Certificate serial: 019B33440960F56724D9CC1211215AE2C20D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1H5iy_X-8zd_nnzVhVj0Ti7qm84.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/1H5iy_X-8zd_nnzVhVj0Ti7qm84.mft Manifest number: 0716 Signing time: Thu 18 Dec 2025 21:00:55 +0000 Manifest this update: Thu 18 Dec 2025 21:00:55 +0000 Manifest next update: Fri 19 Dec 2025 21:00:55 +0000 Files and hashes: 1: 0Z-rzxBLOWIfSfgExnNziFjknFI.roa (hash: WIPxFrkjwE/aiN3DpBiUfgIiKOHJkBOTh5tGpO+hM/Q=) 2: 1H5iy_X-8zd_nnzVhVj0Ti7qm84.crl (hash: rKxr8yzZu1tgDdIA0RgRoSBfDI2yebHIlWw5x0zHU6w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/1H5iy_X-8zd_nnzVhVj0Ti7qm84.crl rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/1H5iy_X-8zd_nnzVhVj0Ti7qm84.mft rsync://rpki.ripe.net/repository/DEFAULT/1H5iy_X-8zd_nnzVhVj0Ti7qm84.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:09:60:f5:67:24:d9:cc:12:11:21:5a:e2:c2:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d47e62cbf5fef3377f9e7cd58558f44e2eea9bce Validity Not Before: Dec 18 21:00:55 2025 GMT Not After : Dec 19 21:00:55 2025 GMT Subject: CN=5bcc66f4479caf2bc8d617ed995ad954b99bdfd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f6:9a:b5:80:0a:13:19:34:40:52:6c:76:6a: 4b:f2:1f:7d:3b:90:f3:26:45:97:95:64:83:e0:7b: 71:c0:ff:92:73:60:ae:07:35:9c:23:b2:a8:0b:f8: de:44:5f:9b:87:7f:ee:1e:a0:c7:8e:60:a9:d1:45: 50:8e:c2:9c:af:1b:31:e0:f0:a7:cf:d1:fd:78:62: 6e:de:cf:41:59:1e:36:63:c7:cb:aa:ad:56:c5:7e: c4:8e:ff:0a:0c:3f:5a:42:86:d4:7b:0b:e8:f3:da: d5:12:a1:07:79:4e:f6:e8:24:ec:0b:d7:ef:f5:2f: ac:7c:dd:0f:b5:a1:98:6d:22:8f:3b:e8:b2:73:aa: 20:a1:db:f8:25:a0:7d:55:09:fa:f1:f9:18:b4:a4: 12:a8:b6:7f:16:73:f1:89:e4:14:cb:c9:ff:79:74: 14:8c:6e:20:e7:0f:c5:60:39:4f:06:bb:4a:c5:bd: c3:4a:72:71:b3:e3:80:43:44:c4:d9:86:ca:60:da: 53:05:85:73:7e:5e:0b:10:b5:34:2b:2b:93:bf:74: 94:5a:99:fb:b2:1b:e1:b8:22:fb:cd:ad:9a:27:ef: e2:fb:2e:46:1e:33:25:a6:74:65:03:4a:47:aa:98: b4:04:17:75:dc:22:cb:9a:3b:4e:57:b5:c2:00:db: ac:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:CC:66:F4:47:9C:AF:2B:C8:D6:17:ED:99:5A:D9:54:B9:9B:DF:D1 X509v3 Authority Key Identifier: keyid:D4:7E:62:CB:F5:FE:F3:37:7F:9E:7C:D5:85:58:F4:4E:2E:EA:9B:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1H5iy_X-8zd_nnzVhVj0Ti7qm84.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/1H5iy_X-8zd_nnzVhVj0Ti7qm84.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/aa9d4e-1226-40e7-a9c1-469d3a51d47d/1/1H5iy_X-8zd_nnzVhVj0Ti7qm84.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:0b:a0:96:b0:e9:1d:cd:11:25:f9:12:17:9e:51:16:7a:be: 97:5e:dd:17:20:d7:34:d4:f2:86:7c:0a:00:89:97:fa:a6:f6: 80:68:fd:43:19:6c:07:2f:0e:76:72:03:28:e4:b1:72:35:c3: 5a:d9:0c:aa:94:be:aa:9b:a7:d2:9c:e2:46:c9:fc:60:c4:c7: a2:89:7e:6d:ae:67:ae:bc:fe:e9:7b:3e:9b:cd:4b:69:4d:82: 1b:45:29:e4:54:fa:0b:d3:b0:d2:47:07:97:ca:81:09:34:a2: 6b:dc:eb:83:37:3f:b3:f7:3a:e4:c1:39:6e:68:97:da:14:7c: db:22:70:49:90:25:30:8c:02:c8:a5:cd:33:60:bb:cf:67:df: e8:7c:8e:f6:69:b5:76:26:89:b9:ce:db:c0:14:50:23:8e:59: f4:80:38:99:69:62:62:84:b2:90:2e:09:4d:ab:56:7c:c7:16: c4:33:c5:80:b0:9b:e4:4a:ea:af:0b:5a:83:1c:23:21:df:06: 89:81:3f:c9:76:39:9c:ac:23:55:b3:94:77:52:e5:15:19:19: c0:75:11:2a:09:cb:8f:d8:bb:1d:84:6c:0f:cc:a4:a6:89:57: cb:ba:c0:6c:74:2b:33:df:74:6e:b3:f9:d5:8b:ea:6b:fe:b9: 9b:3d:18:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRAlg9Wck2cwSESFa4sINMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0N2U2MmNiZjVmZWYzMzc3ZjllN2NkNTg1NThmNDRlMmVl YTliY2UwHhcNMjUxMjE4MjEwMDU1WhcNMjUxMjE5MjEwMDU1WjAzMTEwLwYDVQQD Eyg1YmNjNjZmNDQ3OWNhZjJiYzhkNjE3ZWQ5OTVhZDk1NGI5OWJkZmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vaatYAKExk0QFJsdmpL8h99O5Dz JkWXlWSD4HtxwP+Sc2CuBzWcI7KoC/jeRF+bh3/uHqDHjmCp0UVQjsKcrxsx4PCn z9H9eGJu3s9BWR42Y8fLqq1WxX7Ejv8KDD9aQobUewvo89rVEqEHeU726CTsC9fv 9S+sfN0PtaGYbSKPO+iyc6ogodv4JaB9VQn68fkYtKQSqLZ/FnPxieQUy8n/eXQU jG4g5w/FYDlPBrtKxb3DSnJxs+OAQ0TE2YbKYNpTBYVzfl4LELU0KyuTv3SUWpn7 shvhuCL7za2aJ+/i+y5GHjMlpnRlA0pHqpi0BBd13CLLmjtOV7XCANusdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFvMZvRHnK8ryNYX7Zla2VS5m9/RMB8GA1UdIwQY MBaAFNR+Ysv1/vM3f5581YVY9E4u6pvOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUg1aXlfWC04emRfbm56VmhWajBUaTdxbTg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hYTlkNGUtMTIyNi00MGU3LWE5YzEt NDY5ZDNhNTFkNDdkLzEvMUg1aXlfWC04emRfbm56VmhWajBUaTdxbTg0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9hYTlkNGUtMTIyNi00MGU3LWE5YzEtNDY5ZDNhNTFkNDdk LzEvMUg1aXlfWC04emRfbm56VmhWajBUaTdxbTg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwwuglrDp Hc0RJfkSF55RFnq+l17dFyDXNNTyhnwKAImX+qb2gGj9QxlsBy8OdnIDKOSxcjXD WtkMqpS+qpun0pziRsn8YMTHool+ba5nrrz+6Xs+m81LaU2CG0Up5FT6C9Ow0kcH l8qBCTSia9zrgzc/s/c65ME5bmiX2hR82yJwSZAlMIwCyKXNM2C7z2ff6HyO9mm1 diaJuc7bwBRQI45Z9IA4mWliYoSykC4JTatWfMcWxDPFgLCb5ErqrwtagxwjId8G iYE/yXY5nKwjVbOUd1LlFRkZwHURKgnLj9i7HYRsD8ykpolXy7rAbHQrM990brP5 1Yvqa/65mz0YCg== -----END CERTIFICATE-----Generated at Thu Dec 18 23:30:56 2025 by rpki-client