This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft File: 5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft (raw, json) Hash identifier: EUK6AoIUuz+1KV3oCD7Xogl1CU4DjHDlTiQHTGmbmdE= Subject key identifier: 05:E5:D7:61:46:86:77:9C:B9:38:A8:D6:48:60:EC:2E:A0:85:B6:83 Authority key identifier: E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9 Certificate issuer: /CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9 Certificate serial: 019B405B0182052B765F59801498DAF6F8EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft Manifest number: 056E Signing time: Sun 21 Dec 2025 10:01:04 +0000 Manifest this update: Sun 21 Dec 2025 10:01:04 +0000 Manifest next update: Mon 22 Dec 2025 10:01:04 +0000 Files and hashes: 1: 5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl (hash: s9A9WDHLXvhmHaA0/ypIuN75oBWYLfaI/XR1/vJSldQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5b:01:82:05:2b:76:5f:59:80:14:98:da:f6:f8:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e418cddc39d347563c6dc1e5ec5e59621e40e4d9 Validity Not Before: Dec 21 10:01:04 2025 GMT Not After : Dec 22 10:01:04 2025 GMT Subject: CN=05e5d7614686779cb938a8d64860ec2ea085b683 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a4:27:a0:d8:85:ef:bf:43:00:f4:41:37:1e: 27:86:cc:42:d9:86:00:c2:98:b0:9a:1e:ab:ee:85: 2a:6f:f5:ac:b9:ef:e7:63:a0:6a:b4:0a:79:c3:6a: e5:5b:a8:99:ad:94:29:29:4f:7a:a9:23:9f:e0:be: 27:16:23:ef:73:02:2e:b9:d5:63:57:9b:6f:f4:0f: 8b:9d:cc:bb:04:3c:59:84:b6:8e:8a:1e:99:4a:be: 57:5e:73:a9:a9:7a:e6:0f:41:1e:d4:d4:c9:d4:1c: b7:23:fc:ec:a8:a0:55:a5:c0:8f:55:99:d4:0b:0f: 26:78:c4:16:a9:04:0a:e4:38:e7:30:89:44:57:cb: 56:14:50:7d:3f:a4:50:9d:92:74:32:7b:05:76:2a: db:16:b9:38:65:3a:02:08:e1:f9:47:fe:87:a3:a7: 4c:f3:d6:8d:de:3b:f3:2d:b9:83:98:dd:35:8f:90: cb:2e:13:be:42:23:1b:e1:b5:85:2c:be:59:7d:cf: 5e:90:72:85:b6:1c:da:78:a3:59:6a:a9:ff:f3:00: d8:d8:bb:22:88:a7:e3:73:f0:85:cf:85:46:7f:22: 63:d1:bd:0d:fb:7e:70:01:1e:be:3a:6e:a8:64:e7: ab:37:8e:75:29:78:3e:a0:a3:32:1f:19:0d:5d:80: 9e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:E5:D7:61:46:86:77:9C:B9:38:A8:D6:48:60:EC:2E:A0:85:B6:83 X509v3 Authority Key Identifier: keyid:E4:18:CD:DC:39:D3:47:56:3C:6D:C1:E5:EC:5E:59:62:1E:40:E4:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3eed28-230c-4b9f-904c-777e6ca4eff6/1/5BjN3DnTR1Y8bcHl7F5ZYh5A5Nk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:25:2c:31:53:27:a6:32:47:9b:86:ef:c6:82:73:dd:fd:c8: 18:3b:b6:61:32:e1:e9:04:c2:98:4c:9c:5f:a0:06:37:91:ea: 6c:e8:a3:b0:0c:fc:ec:54:40:bb:60:f4:90:ff:76:b7:6f:02: 8d:7f:37:13:98:33:ca:16:b1:2a:ee:d7:ef:e2:e4:8c:8c:10: f8:ea:9f:21:a2:6f:cd:1b:e3:e2:41:e6:30:27:b4:2d:57:4b: a5:f7:0d:7c:25:98:78:10:d6:0e:b8:6a:67:85:36:8e:39:a5: 78:52:4d:e2:21:55:a3:8d:3e:50:40:27:4c:70:b7:5a:b4:27: 41:89:73:d5:00:6a:32:68:f0:27:49:2e:10:7f:1e:66:16:d5: 80:b0:7e:5c:09:49:97:33:f2:77:c0:b1:6a:2f:f0:e0:a9:7e: 6b:f4:5c:18:eb:c7:0d:eb:bf:48:55:67:fa:b8:d6:02:12:17: 3d:78:2e:da:a3:45:3e:10:0f:5a:55:4e:61:b1:2b:71:2b:43: 33:51:61:41:ec:d5:c7:c4:de:aa:41:70:86:d3:04:43:d3:92: f1:63:6b:76:0c:84:26:d5:1b:b5:d8:39:6c:47:de:54:4f:b1: d6:31:e1:36:07:49:9d:f2:0f:1a:8a:23:20:95:c3:77:a3:ba: 07:0a:e4:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWwGCBSt2X1mAFJja9vjqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0MThjZGRjMzlkMzQ3NTYzYzZkYzFlNWVjNWU1OTYyMWU0 MGU0ZDkwHhcNMjUxMjIxMTAwMTA0WhcNMjUxMjIyMTAwMTA0WjAzMTEwLwYDVQQD EygwNWU1ZDc2MTQ2ODY3NzljYjkzOGE4ZDY0ODYwZWMyZWEwODViNjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaQnoNiF779DAPRBNx4nhsxC2YYA wpiwmh6r7oUqb/Wsue/nY6BqtAp5w2rlW6iZrZQpKU96qSOf4L4nFiPvcwIuudVj V5tv9A+Lncy7BDxZhLaOih6ZSr5XXnOpqXrmD0Ee1NTJ1By3I/zsqKBVpcCPVZnU Cw8meMQWqQQK5DjnMIlEV8tWFFB9P6RQnZJ0MnsFdirbFrk4ZToCCOH5R/6Ho6dM 89aN3jvzLbmDmN01j5DLLhO+QiMb4bWFLL5Zfc9ekHKFthzaeKNZaqn/8wDY2Lsi iKfjc/CFz4VGfyJj0b0N+35wAR6+Om6oZOerN451KXg+oKMyHxkNXYCe1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAXl12FGhnecuTio1khg7C6ghbaDMB8GA1UdIwQY MBaAFOQYzdw500dWPG3B5exeWWIeQOTZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMt Nzc3ZTZjYTRlZmY2LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8zZWVkMjgtMjMwYy00YjlmLTkwNGMtNzc3ZTZjYTRlZmY2 LzEvNUJqTjNEblRSMVk4YmNIbDdGNVpZaDVBNU5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWiUsMVMn pjJHm4bvxoJz3f3IGDu2YTLh6QTCmEycX6AGN5HqbOijsAz87FRAu2D0kP92t28C jX83E5gzyhaxKu7X7+LkjIwQ+OqfIaJvzRvj4kHmMCe0LVdLpfcNfCWYeBDWDrhq Z4U2jjmleFJN4iFVo40+UEAnTHC3WrQnQYlz1QBqMmjwJ0kuEH8eZhbVgLB+XAlJ lzPyd8Cxai/w4Kl+a/RcGOvHDeu/SFVn+rjWAhIXPXgu2qNFPhAPWlVOYbErcStD M1FhQezVx8TeqkFwhtMEQ9OS8WNrdgyEJtUbtdg5bEfeVE+x1jHhNgdJnfIPGooj IJXDd6O6Bwrk1w== -----END CERTIFICATE-----Generated at Sun Dec 21 19:28:09 2025 by rpki-client