This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/060cea-e920-40de-90da-8d49ebcae9b3/1/5gSc-H3Y8f1MgCS1psnqlPF7b70.mft File: 5gSc-H3Y8f1MgCS1psnqlPF7b70.mft (raw, json) Hash identifier: M50sv3lSVeIMZZOZCCsselQ1nJTsHuLebWocp5H1iRU= Subject key identifier: 3C:1C:6B:ED:EF:DD:79:9E:91:97:82:E1:90:ED:24:C1:B2:C7:F5:3E Authority key identifier: E6:04:9C:F8:7D:D8:F1:FD:4C:80:24:B5:A6:C9:EA:94:F1:7B:6F:BD Certificate issuer: /CN=e6049cf87dd8f1fd4c8024b5a6c9ea94f17b6fbd Certificate serial: 019B21760B295A33B980AAB3F188DA436DD1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5gSc-H3Y8f1MgCS1psnqlPF7b70.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/060cea-e920-40de-90da-8d49ebcae9b3/1/5gSc-H3Y8f1MgCS1psnqlPF7b70.mft Manifest number: 170D Signing time: Mon 15 Dec 2025 10:02:22 +0000 Manifest this update: Mon 15 Dec 2025 10:02:22 +0000 Manifest next update: Tue 16 Dec 2025 10:02:22 +0000 Files and hashes: 1: 5gSc-H3Y8f1MgCS1psnqlPF7b70.crl (hash: MV3FCPjtNj90WcqsfzJGuVqmEPqn06HpCPixSskBSKs=) 2: cu8xrGCLqiGHp1db_MgiG0UxHW8.roa (hash: giP9e0QpRuK7Urrt2Hhvj2cOHwVCXlF67CRutRL96MA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/060cea-e920-40de-90da-8d49ebcae9b3/1/5gSc-H3Y8f1MgCS1psnqlPF7b70.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/060cea-e920-40de-90da-8d49ebcae9b3/1/5gSc-H3Y8f1MgCS1psnqlPF7b70.mft rsync://rpki.ripe.net/repository/DEFAULT/5gSc-H3Y8f1MgCS1psnqlPF7b70.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:76:0b:29:5a:33:b9:80:aa:b3:f1:88:da:43:6d:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e6049cf87dd8f1fd4c8024b5a6c9ea94f17b6fbd Validity Not Before: Dec 15 10:02:22 2025 GMT Not After : Dec 16 10:02:22 2025 GMT Subject: CN=3c1c6bedefdd799e919782e190ed24c1b2c7f53e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:2c:10:5a:72:0e:55:eb:09:19:2e:c1:f5:72: cf:95:3d:3d:66:4d:68:8c:76:72:33:d4:92:f0:a2: 18:31:ac:62:cb:ec:80:1e:a6:84:6c:00:56:c2:03: ef:11:9a:e5:fb:41:ac:42:52:cc:62:e9:7c:40:17: 55:62:5d:72:db:8d:7c:01:36:dd:9a:d1:c7:3d:e7: 90:46:e6:59:b5:96:3c:16:38:69:78:55:cb:8e:8b: d3:98:53:8f:14:85:ee:66:14:6a:a7:a3:39:93:52: 3b:a1:a0:6d:44:c7:31:e8:6b:62:87:bc:a0:b2:09: 79:a0:77:54:f0:93:e5:63:b7:00:64:8e:50:6c:72: 77:49:ff:e7:b3:62:8f:cb:6d:2b:22:0c:2a:95:17: 38:24:56:20:7e:3a:54:30:7f:d6:27:38:9a:2f:57: 3c:97:91:dd:69:c1:b0:03:58:00:c5:a6:d8:60:fe: 13:3d:5d:7e:22:3f:81:5c:cc:da:9b:98:eb:78:2b: da:c3:4a:42:1c:09:d6:fd:bb:dc:40:fc:ca:2d:95: 8c:75:54:4a:27:f2:86:9a:73:16:21:a1:1a:b8:54: 44:86:fd:d5:d2:34:25:13:2e:dc:b3:0b:f9:b1:ce: fd:c1:a0:91:ab:dc:2c:09:e2:76:33:c9:53:e8:cb: 92:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:1C:6B:ED:EF:DD:79:9E:91:97:82:E1:90:ED:24:C1:B2:C7:F5:3E X509v3 Authority Key Identifier: keyid:E6:04:9C:F8:7D:D8:F1:FD:4C:80:24:B5:A6:C9:EA:94:F1:7B:6F:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5gSc-H3Y8f1MgCS1psnqlPF7b70.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/060cea-e920-40de-90da-8d49ebcae9b3/1/5gSc-H3Y8f1MgCS1psnqlPF7b70.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/060cea-e920-40de-90da-8d49ebcae9b3/1/5gSc-H3Y8f1MgCS1psnqlPF7b70.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:58:90:b3:e4:47:d2:18:93:39:32:19:eb:28:49:78:38:09: 58:a2:49:9d:60:5c:43:e7:b4:4f:e0:f6:df:4c:1b:5d:ee:c5: 8e:1e:80:ec:b3:4c:3a:ad:64:21:d0:ac:6c:f4:10:47:ec:f2: 89:21:6d:17:17:19:5b:7f:9c:49:83:1f:be:a2:77:4e:93:74: 42:11:a9:29:07:75:90:ae:fb:a3:58:54:d8:20:6a:cc:17:42: a2:a7:1e:78:31:4d:81:04:32:ad:31:f5:30:8b:ac:d2:10:b3: 2b:ee:f4:cf:9f:20:a9:29:d9:5b:72:8b:2b:53:73:78:ea:2f: 77:09:7c:af:93:27:c9:3c:a9:fb:e0:4a:48:55:34:a2:c0:a9: f4:d8:2e:53:55:31:33:a5:c3:40:3a:de:84:11:61:a8:d5:9b: 9e:b7:79:a3:3c:5c:0a:ed:6d:67:b2:87:fe:5b:af:d4:b7:da: 8a:51:06:18:e1:00:3b:c6:44:f7:7e:a7:b0:e8:9f:55:5a:b5: 99:f0:5b:c5:12:57:63:a5:b0:73:e6:cf:c5:05:e7:26:aa:45: e2:ca:27:4e:02:62:fe:ba:c3:c6:83:e7:33:87:5c:39:b2:fb: 19:d9:4a:b4:fa:01:ef:89:86:f3:39:cc:3a:b1:74:b0:ed:7d: 0c:d3:1b:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdgspWjO5gKqz8YjaQ23RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU2MDQ5Y2Y4N2RkOGYxZmQ0YzgwMjRiNWE2YzllYTk0ZjE3 YjZmYmQwHhcNMjUxMjE1MTAwMjIyWhcNMjUxMjE2MTAwMjIyWjAzMTEwLwYDVQQD EygzYzFjNmJlZGVmZGQ3OTllOTE5NzgyZTE5MGVkMjRjMWIyYzdmNTNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCwQWnIOVesJGS7B9XLPlT09Zk1o jHZyM9SS8KIYMaxiy+yAHqaEbABWwgPvEZrl+0GsQlLMYul8QBdVYl1y2418ATbd mtHHPeeQRuZZtZY8FjhpeFXLjovTmFOPFIXuZhRqp6M5k1I7oaBtRMcx6Gtih7yg sgl5oHdU8JPlY7cAZI5QbHJ3Sf/ns2KPy20rIgwqlRc4JFYgfjpUMH/WJziaL1c8 l5HdacGwA1gAxabYYP4TPV1+Ij+BXMzam5jreCvaw0pCHAnW/bvcQPzKLZWMdVRK J/KGmnMWIaEauFREhv3V0jQlEy7cswv5sc79waCRq9wsCeJ2M8lT6MuSFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDwca+3v3XmekZeC4ZDtJMGyx/U+MB8GA1UdIwQY MBaAFOYEnPh92PH9TIAktabJ6pTxe2+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWdTYy1IM1k4ZjFNZ0NTMXBzbnFsUEY3YjcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNjBjZWEtZTkyMC00MGRlLTkwZGEt OGQ0OWViY2FlOWIzLzEvNWdTYy1IM1k4ZjFNZ0NTMXBzbnFsUEY3YjcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS8wNjBjZWEtZTkyMC00MGRlLTkwZGEtOGQ0OWViY2FlOWIz LzEvNWdTYy1IM1k4ZjFNZ0NTMXBzbnFsUEY3YjcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXliQs+RH 0hiTOTIZ6yhJeDgJWKJJnWBcQ+e0T+D230wbXe7Fjh6A7LNMOq1kIdCsbPQQR+zy iSFtFxcZW3+cSYMfvqJ3TpN0QhGpKQd1kK77o1hU2CBqzBdCoqceeDFNgQQyrTH1 MIus0hCzK+70z58gqSnZW3KLK1NzeOovdwl8r5MnyTyp++BKSFU0osCp9NguU1Ux M6XDQDrehBFhqNWbnrd5ozxcCu1tZ7KH/luv1LfailEGGOEAO8ZE936nsOifVVq1 mfBbxRJXY6Wwc+bPxQXnJqpF4sonTgJi/rrDxoPnM4dcObL7GdlKtPoB74mG8znM OrF0sO19DNMbRg== -----END CERTIFICATE-----Generated at Mon Dec 15 13:41:27 2025 by rpki-client