This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft File: US4nvokbGeypvOtT5NwjfFo1Vpc.mft (raw, json) Hash identifier: EDpCWk0AZrK4hYeMOMYaQ9fFo21i0CwMISbm4ltlu0I= Subject key identifier: 1D:9A:B0:C4:AD:0B:50:D5:17:7C:CA:EA:9D:28:3D:3E:D8:7F:2A:9E Authority key identifier: 51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97 Certificate issuer: /CN=512e27be891b19eca9bceb53e4dc237c5a355697 Certificate serial: 019B5AF619B2961C039C487C21ADFFC88C0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft Manifest number: 0D94 Signing time: Fri 26 Dec 2025 14:00:36 +0000 Manifest this update: Fri 26 Dec 2025 14:00:36 +0000 Manifest next update: Sat 27 Dec 2025 14:00:36 +0000 Files and hashes: 1: US4nvokbGeypvOtT5NwjfFo1Vpc.crl (hash: RRGSmHm+wCrZQQC2S7tbrmUW1Wwfxi022Xrg0qmG+F8=) 2: WNeWcYI--FrvgqVvkbFu12LIaYA.roa (hash: k8USa1JcWCZakgNPmvbG30Z+DpfHdvNnOH9UZ98bnDg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:19:b2:96:1c:03:9c:48:7c:21:ad:ff:c8:8c:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=512e27be891b19eca9bceb53e4dc237c5a355697 Validity Not Before: Dec 26 14:00:36 2025 GMT Not After : Dec 27 14:00:36 2025 GMT Subject: CN=1d9ab0c4ad0b50d5177ccaea9d283d3ed87f2a9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3e:ff:aa:83:e3:b8:dd:87:3e:bc:67:7e:c9: b1:27:c9:00:28:95:c7:d1:30:a6:63:d3:8d:08:f6: 17:50:49:a5:5d:18:5c:63:2e:4d:a8:98:e9:66:c0: 4f:92:4f:1a:c6:8a:78:02:fe:f2:1c:21:9c:20:93: 37:3e:46:4c:1e:6b:83:e6:53:89:c4:f1:ff:76:40: 28:cb:7b:c3:69:ae:ed:ec:61:f9:33:29:41:e7:8d: 56:6b:b4:28:ee:e5:de:c5:e5:34:37:72:c1:90:a8: 3d:b1:51:29:98:b8:f2:43:a3:e1:0c:e3:bb:6c:57: 07:c4:be:c9:55:12:57:6b:b5:f4:6e:00:9c:f2:29: 97:24:da:9f:00:68:45:e4:e1:7c:58:bf:5b:f9:40: 81:73:f7:e2:e4:b5:94:b3:08:c1:3c:91:14:05:09: 11:f1:ab:97:de:04:d3:e9:53:d9:1f:65:d2:37:90: 91:9e:11:70:fd:37:a7:dc:75:21:b1:23:74:13:55: b9:e2:24:cf:ed:41:a9:83:73:42:66:2a:a0:a8:84: 52:e0:e6:ea:8f:9d:cf:b4:3a:5b:f8:5a:90:22:9c: 8a:bd:f6:bc:f7:af:36:84:ce:6a:28:12:ad:82:4e: eb:85:06:0b:9c:c8:57:7c:60:c3:15:85:0c:00:b0: a5:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:9A:B0:C4:AD:0B:50:D5:17:7C:CA:EA:9D:28:3D:3E:D8:7F:2A:9E X509v3 Authority Key Identifier: keyid:51:2E:27:BE:89:1B:19:EC:A9:BC:EB:53:E4:DC:23:7C:5A:35:56:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/US4nvokbGeypvOtT5NwjfFo1Vpc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/0f1b8f-1d47-42f0-a050-5a114ef9b2aa/1/US4nvokbGeypvOtT5NwjfFo1Vpc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:11:d6:cb:7b:14:ba:a8:57:36:2e:06:35:34:c1:8c:df:dd: 51:64:72:21:f5:6f:bc:11:36:ab:18:a1:ae:9c:23:d7:71:87: 30:a0:5b:47:82:a8:af:a8:68:58:8c:02:80:ab:a9:a2:c4:86: e7:ac:ac:37:37:2f:06:9d:1d:49:fd:23:19:c8:63:95:f8:63: ec:d5:0a:dd:07:8c:e0:8f:fe:e0:99:31:ce:1a:6b:a6:04:2d: 72:df:48:fc:e6:85:04:56:34:11:a3:9b:75:ce:0f:b7:10:05: af:ae:bc:bf:f2:4e:aa:b0:c1:34:9a:5f:49:5a:9e:6a:12:62: bc:af:b7:6f:db:ad:41:4e:0d:2a:62:c6:f4:a8:ee:7f:22:74: 73:93:63:bb:78:77:14:27:6d:a1:ac:0e:ce:b4:69:4c:2b:f5: f5:72:cf:4b:29:eb:23:1e:6a:46:96:5f:1d:f7:37:88:92:fa: bb:76:e6:03:46:81:0f:eb:b2:b8:eb:73:2c:d8:89:48:c8:e6: 5f:27:d8:9f:ce:f0:4c:09:8a:fd:64:fd:cf:9c:47:15:87:51: b8:79:46:5d:83:19:39:ea:17:09:1c:55:71:94:35:8b:81:a3: 5c:8d:9b:b9:6d:1b:bc:de:ce:60:b0:0e:35:ab:15:03:ba:4e: 0e:8c:c1:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9hmylhwDnEh8Ia3/yIwKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMmUyN2JlODkxYjE5ZWNhOWJjZWI1M2U0ZGMyMzdjNWEz NTU2OTcwHhcNMjUxMjI2MTQwMDM2WhcNMjUxMjI3MTQwMDM2WjAzMTEwLwYDVQQD EygxZDlhYjBjNGFkMGI1MGQ1MTc3Y2NhZWE5ZDI4M2QzZWQ4N2YyYTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD7/qoPjuN2HPrxnfsmxJ8kAKJXH 0TCmY9ONCPYXUEmlXRhcYy5NqJjpZsBPkk8axop4Av7yHCGcIJM3PkZMHmuD5lOJ xPH/dkAoy3vDaa7t7GH5MylB541Wa7Qo7uXexeU0N3LBkKg9sVEpmLjyQ6PhDOO7 bFcHxL7JVRJXa7X0bgCc8imXJNqfAGhF5OF8WL9b+UCBc/fi5LWUswjBPJEUBQkR 8auX3gTT6VPZH2XSN5CRnhFw/Ten3HUhsSN0E1W54iTP7UGpg3NCZiqgqIRS4Obq j53PtDpb+FqQIpyKvfa89682hM5qKBKtgk7rhQYLnMhXfGDDFYUMALCl3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB2asMStC1DVF3zK6p0oPT7YfyqeMB8GA1UdIwQY MBaAFFEuJ76JGxnsqbzrU+TcI3xaNVaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAt NWExMTRlZjliMmFhLzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8wZjFiOGYtMWQ0Ny00MmYwLWEwNTAtNWExMTRlZjliMmFh LzEvVVM0bnZva2JHZXlwdk90VDVOd2pmRm8xVnBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwBHWy3sU uqhXNi4GNTTBjN/dUWRyIfVvvBE2qxihrpwj13GHMKBbR4Kor6hoWIwCgKuposSG 56ysNzcvBp0dSf0jGchjlfhj7NUK3QeM4I/+4JkxzhprpgQtct9I/OaFBFY0EaOb dc4PtxAFr668v/JOqrDBNJpfSVqeahJivK+3b9utQU4NKmLG9KjufyJ0c5Nju3h3 FCdtoawOzrRpTCv19XLPSynrIx5qRpZfHfc3iJL6u3bmA0aBD+uyuOtzLNiJSMjm XyfYn87wTAmK/WT9z5xHFYdRuHlGXYMZOeoXCRxVcZQ1i4GjXI2buW0bvN7OYLAO NasVA7pODozB+Q== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:25 2025 by rpki-client