This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft File: a-5EwhI0JTYYsNeza5Djy1xA3tE.mft (raw, json) Hash identifier: opqFXoczbLCEPSlwliOP9HS5iZx8+qCw+yrn6GB2cmc= Subject key identifier: 1D:43:12:52:22:E1:05:A0:D4:45:DA:34:48:20:9A:E7:91:EF:2D:14 Authority key identifier: 6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1 Certificate issuer: /CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1 Certificate serial: 019B59ACC40BB223D0247E5A04156C087E2D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft Manifest number: 1794 Signing time: Fri 26 Dec 2025 08:00:53 +0000 Manifest this update: Fri 26 Dec 2025 08:00:53 +0000 Manifest next update: Sat 27 Dec 2025 08:00:53 +0000 Files and hashes: 1: a-5EwhI0JTYYsNeza5Djy1xA3tE.crl (hash: 8LAzIt4g4a03T4K+HB5/YkKe5CuBf1L502iwF3FQICs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 08:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:c4:0b:b2:23:d0:24:7e:5a:04:15:6c:08:7e:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1 Validity Not Before: Dec 26 08:00:53 2025 GMT Not After : Dec 27 08:00:53 2025 GMT Subject: CN=1d43125222e105a0d445da3448209ae791ef2d14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:c7:c3:09:db:a7:69:b5:d8:dc:01:f4:56:44: d4:d5:6b:2e:f8:a4:25:12:37:dd:9c:43:02:79:ae: f5:53:21:5c:7e:8e:45:bb:0b:72:ea:7f:76:18:84: 35:65:e5:58:61:6f:a1:15:a9:9d:e5:15:16:3d:8c: e3:35:4a:a7:b0:51:46:78:1a:ab:ce:22:9d:14:4a: 59:d1:5b:48:04:3f:c7:ae:77:b4:83:8e:d1:f0:39: f0:e7:71:92:60:77:8e:ed:31:c8:fa:3c:e0:96:af: 92:1a:4c:96:e7:4a:45:76:c7:3f:79:f2:3e:2c:ba: a4:a1:26:b9:3e:c1:d2:f9:16:b2:6f:77:46:30:82: f0:55:34:f1:96:fb:78:c1:9b:c0:7d:65:f1:ac:05: 35:d5:f5:b4:16:2c:59:38:79:c6:d1:b7:9a:1d:6a: 84:a0:01:bc:72:7d:27:a9:11:51:d9:e1:aa:ff:3a: f1:81:d9:1c:7a:73:4c:57:aa:a1:a8:2e:69:ff:69: ec:15:6d:2e:56:92:ca:72:a4:3b:8d:b3:68:04:4f: be:6d:50:d9:29:3b:a3:72:98:c6:3e:13:56:c0:78: c1:43:6d:60:a8:c7:95:20:a2:55:61:c7:c6:2b:0d: 2d:0a:95:a3:1a:bf:02:af:1c:bf:db:c1:48:7b:ba: 5e:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:43:12:52:22:E1:05:A0:D4:45:DA:34:48:20:9A:E7:91:EF:2D:14 X509v3 Authority Key Identifier: keyid:6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:4f:90:c3:0c:f6:a7:e1:6b:46:fe:7b:f0:49:70:46:88:93: 4e:ee:f7:8e:34:41:49:78:f0:09:01:a7:09:f3:7d:05:53:f3: 23:ee:1c:80:56:47:8d:c0:8f:b4:4d:4c:a1:8f:fc:62:ae:c8: 88:12:53:9c:fd:33:1c:cf:e2:e8:18:9f:bc:cd:12:e3:24:e7: e0:03:02:fd:ee:d0:dd:76:8d:0c:24:90:49:90:cc:35:7b:ff: 6b:18:e5:e4:c7:92:6c:b3:e6:12:ba:73:28:14:84:30:7e:2f: a7:95:b0:8b:b2:16:6a:d0:f8:4f:df:54:b5:ee:6d:09:b3:3a: 66:53:54:31:19:54:61:93:0f:7c:9a:08:c0:ce:97:d5:0a:1f: e2:5e:22:ab:8c:2a:cb:0e:a2:00:4d:d3:7f:d5:46:6d:97:b3: 97:6c:03:7b:77:51:40:fc:f0:f1:1c:63:22:f7:05:8c:28:7b: 16:0c:d4:24:cf:a9:4b:79:c2:73:9c:0b:5f:25:2f:e3:c6:a6: f9:43:ad:28:fc:3d:39:79:b1:c7:3c:60:1c:26:9e:03:e7:06: 75:e9:3a:79:c0:35:7a:88:75:df:fe:64:7d:9c:ab:44:b7:82: 2c:a0:3a:be:b1:fb:a2:56:bd:d6:74:67:32:dd:8d:f9:4f:ee: 9e:18:11:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrMQLsiPQJH5aBBVsCH4tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiZWU0NGMyMTIzNDI1MzYxOGIwZDdiMzZiOTBlM2NiNWM0 MGRlZDEwHhcNMjUxMjI2MDgwMDUzWhcNMjUxMjI3MDgwMDUzWjAzMTEwLwYDVQQD EygxZDQzMTI1MjIyZTEwNWEwZDQ0NWRhMzQ0ODIwOWFlNzkxZWYyZDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMfDCdunabXY3AH0VkTU1Wsu+KQl EjfdnEMCea71UyFcfo5Fuwty6n92GIQ1ZeVYYW+hFamd5RUWPYzjNUqnsFFGeBqr ziKdFEpZ0VtIBD/Hrne0g47R8Dnw53GSYHeO7THI+jzglq+SGkyW50pFdsc/efI+ LLqkoSa5PsHS+Rayb3dGMILwVTTxlvt4wZvAfWXxrAU11fW0FixZOHnG0beaHWqE oAG8cn0nqRFR2eGq/zrxgdkcenNMV6qhqC5p/2nsFW0uVpLKcqQ7jbNoBE++bVDZ KTujcpjGPhNWwHjBQ21gqMeVIKJVYcfGKw0tCpWjGr8Crxy/28FIe7pejwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB1DElIi4QWg1EXaNEggmueR7y0UMB8GA1UdIwQY MBaAFGvuRMISNCU2GLDXs2uQ48tcQN7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWIt NzY5YjNmYzI2NjRiLzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWItNzY5YjNmYzI2NjRi LzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATE+Qwwz2 p+FrRv578ElwRoiTTu73jjRBSXjwCQGnCfN9BVPzI+4cgFZHjcCPtE1MoY/8Yq7I iBJTnP0zHM/i6BifvM0S4yTn4AMC/e7Q3XaNDCSQSZDMNXv/axjl5MeSbLPmErpz KBSEMH4vp5Wwi7IWatD4T99Ute5tCbM6ZlNUMRlUYZMPfJoIwM6X1Qof4l4iq4wq yw6iAE3Tf9VGbZezl2wDe3dRQPzw8RxjIvcFjCh7FgzUJM+pS3nCc5wLXyUv48am +UOtKPw9OXmxxzxgHCaeA+cGdek6ecA1eoh13/5kfZyrRLeCLKA6vrH7ola91nRn Mt2N+U/unhgRhA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:05:31 2025 by rpki-client