This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/036380-7fbe-4444-84d9-5cd004d6e366/1/5hbHsgGVYH8nsT2I-Svx0Os45g8.mft File: 5hbHsgGVYH8nsT2I-Svx0Os45g8.mft (raw, json) Hash identifier: b9oG/CTagiI2yNGD6qI/eh6abI6skzX/wHIfE/wAN6A= Subject key identifier: 56:EB:0F:C0:E5:7F:D3:91:7B:23:0B:96:1F:A0:BA:78:7F:7E:2E:4D Authority key identifier: E6:16:C7:B2:01:95:60:7F:27:B1:3D:88:F9:2B:F1:D0:EB:38:E6:0F Certificate issuer: /CN=e616c7b20195607f27b13d88f92bf1d0eb38e60f Certificate serial: 019B0DB72CB3A8822F80CEE0632803F25ACA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hbHsgGVYH8nsT2I-Svx0Os45g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/036380-7fbe-4444-84d9-5cd004d6e366/1/5hbHsgGVYH8nsT2I-Svx0Os45g8.mft Manifest number: 0224 Signing time: Thu 11 Dec 2025 14:01:06 +0000 Manifest this update: Thu 11 Dec 2025 14:01:06 +0000 Manifest next update: Fri 12 Dec 2025 14:01:06 +0000 Files and hashes: 1: 5hbHsgGVYH8nsT2I-Svx0Os45g8.crl (hash: HxDSz7PHgAeM9tCwHGmDZJJHnsRL7EqNBuKrT9+oetg=) 2: kGI3GYIY0x4KUvkaQBv3fV9ynWg.roa (hash: gmJPfaxRI83koFjZWztv8K0vXqe3xOaLvXeiVBQz3Ts=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/036380-7fbe-4444-84d9-5cd004d6e366/1/5hbHsgGVYH8nsT2I-Svx0Os45g8.crl rsync://rpki.ripe.net/repository/DEFAULT/28/036380-7fbe-4444-84d9-5cd004d6e366/1/5hbHsgGVYH8nsT2I-Svx0Os45g8.mft rsync://rpki.ripe.net/repository/DEFAULT/5hbHsgGVYH8nsT2I-Svx0Os45g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:b7:2c:b3:a8:82:2f:80:ce:e0:63:28:03:f2:5a:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e616c7b20195607f27b13d88f92bf1d0eb38e60f Validity Not Before: Dec 11 14:01:06 2025 GMT Not After : Dec 12 14:01:06 2025 GMT Subject: CN=56eb0fc0e57fd3917b230b961fa0ba787f7e2e4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:83:01:68:87:3a:b5:fb:df:27:5c:fa:b1:0c: 96:b2:02:61:e2:4b:41:14:a0:62:35:a4:67:dc:aa: 29:d7:ea:17:16:08:ff:b4:39:6b:5b:cd:5f:60:f6: a9:36:a3:3d:d1:94:0d:27:f6:44:58:d6:e6:ec:a9: 3d:42:a3:c5:c0:cb:36:d3:69:53:ae:c4:56:91:b1: 60:22:c2:35:f2:02:88:4b:41:e0:f1:77:78:21:41: f7:2e:e8:0d:10:dd:bd:3f:8a:30:b5:56:28:0b:f9: 9d:4d:2e:24:70:9a:d6:ac:b4:21:55:cb:47:73:dc: 1e:f9:95:f0:a9:c6:f3:5c:13:d3:65:bd:6b:80:be: 2b:82:ed:4a:6d:91:5a:3f:16:7e:0d:f9:80:bb:f3: 9b:c7:4f:e9:f6:49:ed:19:ec:93:87:7b:ce:fb:2b: b2:e8:6a:3f:2c:5a:05:7a:0b:31:5e:1d:50:31:2f: 7d:50:bf:a9:2e:dc:b4:5e:84:0c:e7:2e:df:24:bd: 3a:f3:bb:cf:89:21:5b:03:66:1a:8e:6f:ae:8a:35: 4a:e2:b9:02:22:c0:c1:1e:dd:f8:8e:e6:92:f0:02: 2e:6e:a5:cb:33:0e:0b:65:7f:d1:62:72:7c:18:c7: 37:4a:22:f0:23:49:79:49:f1:9e:8e:4d:74:0c:c0: 60:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:EB:0F:C0:E5:7F:D3:91:7B:23:0B:96:1F:A0:BA:78:7F:7E:2E:4D X509v3 Authority Key Identifier: keyid:E6:16:C7:B2:01:95:60:7F:27:B1:3D:88:F9:2B:F1:D0:EB:38:E6:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hbHsgGVYH8nsT2I-Svx0Os45g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/036380-7fbe-4444-84d9-5cd004d6e366/1/5hbHsgGVYH8nsT2I-Svx0Os45g8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/036380-7fbe-4444-84d9-5cd004d6e366/1/5hbHsgGVYH8nsT2I-Svx0Os45g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:ce:6a:5d:21:20:57:3c:ad:97:e0:46:18:96:44:6a:fe:48: 54:05:c0:63:8b:a9:27:d7:a9:ad:36:d1:d4:8c:a4:8d:41:5a: db:dd:67:49:df:83:9f:29:5a:40:1f:be:52:92:0e:3c:df:0a: 5a:6b:f6:95:87:bb:45:4a:3a:77:26:65:fb:f2:2c:d8:4b:f2: 94:5f:6a:5b:e1:75:26:f2:db:43:3f:ef:c2:d9:29:d9:01:fe: c4:32:3b:9b:ba:c9:59:e9:c0:89:65:68:a8:53:f6:b9:75:fc: 3e:be:58:bb:9c:71:00:97:04:d8:f7:6e:84:3a:31:90:df:47: cc:4c:f2:53:4e:5a:52:23:f0:b0:da:ad:81:9b:e6:a5:a1:ed: c9:d9:4f:b2:1d:95:4a:bf:4e:f3:3c:92:c0:a2:5e:be:b7:47: 35:69:44:fc:92:41:48:0d:02:ec:f8:23:ad:b2:85:60:f4:c9: 82:cc:25:90:73:9e:00:e7:89:ad:3c:e0:e1:02:44:66:df:77: 9b:20:00:a7:71:d8:fd:cf:57:29:f4:f5:92:d2:c3:5f:fe:8d: 5f:4b:7b:29:b8:86:94:04:34:e7:32:45:f8:68:f8:79:d5:ef: 8f:74:d3:8a:46:6d:56:ea:49:eb:b1:d0:a7:d2:2e:4c:f1:c3: 05:62:94:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsNtyyzqIIvgM7gYygD8lrKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU2MTZjN2IyMDE5NTYwN2YyN2IxM2Q4OGY5MmJmMWQwZWIz OGU2MGYwHhcNMjUxMjExMTQwMTA2WhcNMjUxMjEyMTQwMTA2WjAzMTEwLwYDVQQD Eyg1NmViMGZjMGU1N2ZkMzkxN2IyMzBiOTYxZmEwYmE3ODdmN2UyZTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYMBaIc6tfvfJ1z6sQyWsgJh4ktB FKBiNaRn3Kop1+oXFgj/tDlrW81fYPapNqM90ZQNJ/ZEWNbm7Kk9QqPFwMs202lT rsRWkbFgIsI18gKIS0Hg8Xd4IUH3LugNEN29P4owtVYoC/mdTS4kcJrWrLQhVctH c9we+ZXwqcbzXBPTZb1rgL4rgu1KbZFaPxZ+DfmAu/Obx0/p9kntGeyTh3vO+yuy 6Go/LFoFegsxXh1QMS99UL+pLty0XoQM5y7fJL0687vPiSFbA2Yajm+uijVK4rkC IsDBHt34juaS8AIubqXLMw4LZX/RYnJ8GMc3SiLwI0l5SfGejk10DMBg2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFbrD8Dlf9OReyMLlh+gunh/fi5NMB8GA1UdIwQY MBaAFOYWx7IBlWB/J7E9iPkr8dDrOOYPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWhiSHNnR1ZZSDhuc1QySS1TdngwT3M0NWc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8wMzYzODAtN2ZiZS00NDQ0LTg0ZDkt NWNkMDA0ZDZlMzY2LzEvNWhiSHNnR1ZZSDhuc1QySS1TdngwT3M0NWc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8wMzYzODAtN2ZiZS00NDQ0LTg0ZDktNWNkMDA0ZDZlMzY2 LzEvNWhiSHNnR1ZZSDhuc1QySS1TdngwT3M0NWc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu85qXSEg Vzytl+BGGJZEav5IVAXAY4upJ9eprTbR1IykjUFa291nSd+DnylaQB++UpIOPN8K Wmv2lYe7RUo6dyZl+/Is2EvylF9qW+F1JvLbQz/vwtkp2QH+xDI7m7rJWenAiWVo qFP2uXX8Pr5Yu5xxAJcE2PduhDoxkN9HzEzyU05aUiPwsNqtgZvmpaHtydlPsh2V Sr9O8zySwKJevrdHNWlE/JJBSA0C7PgjrbKFYPTJgswlkHOeAOeJrTzg4QJEZt93 myAAp3HY/c9XKfT1ktLDX/6NX0t7KbiGlAQ05zJF+Gj4edXvj3TTikZtVupJ67HQ p9IuTPHDBWKU0A== -----END CERTIFICATE-----Generated at Thu Dec 11 23:53:43 2025 by rpki-client