This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fd89f9-98b6-4217-bccd-62c67d4bc546/1/d5pKQpXGOP3nYPPNpHbYv8JxErI.mft File: d5pKQpXGOP3nYPPNpHbYv8JxErI.mft (raw, json) Hash identifier: Jy3OSzXlQg+XG0zB4mUsPvYJcZEpzLLxIMWZsnQEkeg= Subject key identifier: E0:F1:43:A4:21:EA:E8:66:71:65:B1:0E:FA:69:02:E8:D2:F1:AD:D3 Authority key identifier: 77:9A:4A:42:95:C6:38:FD:E7:60:F3:CD:A4:76:D8:BF:C2:71:12:B2 Certificate issuer: /CN=779a4a4295c638fde760f3cda476d8bfc27112b2 Certificate serial: 019B0DB6DAF006D512334C998B2B44651BAE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d5pKQpXGOP3nYPPNpHbYv8JxErI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fd89f9-98b6-4217-bccd-62c67d4bc546/1/d5pKQpXGOP3nYPPNpHbYv8JxErI.mft Manifest number: 0225 Signing time: Thu 11 Dec 2025 14:00:45 +0000 Manifest this update: Thu 11 Dec 2025 14:00:45 +0000 Manifest next update: Fri 12 Dec 2025 14:00:45 +0000 Files and hashes: 1: 9YQA36vAku85UbE81d8YCXXLJnY.roa (hash: Aeb9cL8NYmy9yNSDJcp65b2WQtEKFZt794slbkjrbPk=) 2: d5pKQpXGOP3nYPPNpHbYv8JxErI.crl (hash: 8xP7KPKp0SMpwH6Qjoefjd9X2yX3iwGn1Z2e8qUtX/I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/fd89f9-98b6-4217-bccd-62c67d4bc546/1/d5pKQpXGOP3nYPPNpHbYv8JxErI.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/fd89f9-98b6-4217-bccd-62c67d4bc546/1/d5pKQpXGOP3nYPPNpHbYv8JxErI.mft rsync://rpki.ripe.net/repository/DEFAULT/d5pKQpXGOP3nYPPNpHbYv8JxErI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:b6:da:f0:06:d5:12:33:4c:99:8b:2b:44:65:1b:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=779a4a4295c638fde760f3cda476d8bfc27112b2 Validity Not Before: Dec 11 14:00:45 2025 GMT Not After : Dec 12 14:00:45 2025 GMT Subject: CN=e0f143a421eae8667165b10efa6902e8d2f1add3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:90:83:6f:95:3c:41:68:42:fa:7e:f4:13:73: d1:c2:26:ae:d9:37:f7:2e:4b:ac:cf:1f:d2:8b:4f: 9b:d7:d0:14:40:b6:7e:56:47:b0:35:53:bf:78:dc: 63:92:ff:8a:1f:92:6f:c8:b2:ee:2f:e2:5a:54:2b: 3b:c4:3a:3d:8f:53:ae:4c:d5:e7:91:33:12:cc:cd: fb:f4:3a:80:42:81:da:ac:b8:a9:27:73:b1:e3:c2: a3:34:94:49:f6:fc:66:de:bb:b1:6b:25:d9:fa:32: 3e:b0:53:7e:29:56:f4:b8:e0:9b:77:9f:d7:d4:61: bf:65:2a:1c:a8:1b:e3:0e:66:2e:50:cc:74:9c:78: a6:a7:7f:e9:a6:ff:46:94:28:db:15:41:8d:16:03: c0:f4:56:c7:ca:ae:4b:76:be:82:80:0f:e4:3f:d1: 75:7c:08:61:74:68:c9:e0:94:b2:b5:51:3f:98:3a: 75:28:c5:83:4b:c8:06:ef:f6:94:a4:1c:39:19:cd: 85:49:f6:e5:f7:6d:a1:81:d7:b1:38:6d:3c:0b:ac: 4e:8a:68:d1:6b:bf:2b:a9:d8:5b:44:fb:dc:cf:64: 18:88:db:ee:ff:36:d1:8d:07:b8:1e:bf:62:4c:c6: e8:e9:53:1e:c5:8c:8e:37:65:d7:8e:ab:b0:85:ae: a7:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:F1:43:A4:21:EA:E8:66:71:65:B1:0E:FA:69:02:E8:D2:F1:AD:D3 X509v3 Authority Key Identifier: keyid:77:9A:4A:42:95:C6:38:FD:E7:60:F3:CD:A4:76:D8:BF:C2:71:12:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5pKQpXGOP3nYPPNpHbYv8JxErI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fd89f9-98b6-4217-bccd-62c67d4bc546/1/d5pKQpXGOP3nYPPNpHbYv8JxErI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fd89f9-98b6-4217-bccd-62c67d4bc546/1/d5pKQpXGOP3nYPPNpHbYv8JxErI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:70:04:bf:4e:76:bc:3f:14:b2:f6:70:45:09:fb:30:48:f0: 74:e8:af:64:96:23:f0:da:89:8b:9c:45:aa:b0:18:b2:68:53: 10:2a:3f:ff:bf:f0:58:de:f1:96:3e:e8:09:e2:aa:f9:48:af: 5f:8f:36:1b:8a:9c:bf:16:53:b4:a4:5f:67:be:59:0e:11:d7: b8:89:20:60:de:01:2d:53:ba:42:20:cc:1b:c0:28:7d:39:34: 9c:7d:bc:10:95:c2:31:b0:e7:6a:72:8c:94:b5:da:4c:36:aa: 31:a2:54:0b:75:c3:31:16:9c:88:a5:91:7a:24:14:6e:4b:2c: 29:86:de:39:c1:08:bd:4e:f8:3c:46:9a:e9:f8:db:d7:29:e4: 6e:93:71:64:4a:fb:ad:58:01:cf:dd:9d:f8:0a:e7:e7:21:6f: 58:84:da:44:9f:ca:89:eb:a2:d3:df:72:1d:8d:5b:14:ac:d4: 95:08:fe:b3:38:45:85:5b:b1:7a:0d:5e:d0:4c:1e:fa:78:1f: 64:64:28:a1:e6:bb:fe:4f:8d:37:c5:f6:fb:cc:97:df:0c:3f: b2:21:2d:ad:82:92:14:81:6c:cc:6b:22:8b:5f:10:85:bc:e2: a0:3e:86:3c:5d:d5:1d:de:9f:73:d1:7f:21:a4:fe:0d:00:0a: e3:24:e6:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsNttrwBtUSM0yZiytEZRuuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3OWE0YTQyOTVjNjM4ZmRlNzYwZjNjZGE0NzZkOGJmYzI3 MTEyYjIwHhcNMjUxMjExMTQwMDQ1WhcNMjUxMjEyMTQwMDQ1WjAzMTEwLwYDVQQD EyhlMGYxNDNhNDIxZWFlODY2NzE2NWIxMGVmYTY5MDJlOGQyZjFhZGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJCDb5U8QWhC+n70E3PRwiau2Tf3 Lkuszx/Si0+b19AUQLZ+VkewNVO/eNxjkv+KH5JvyLLuL+JaVCs7xDo9j1OuTNXn kTMSzM379DqAQoHarLipJ3Ox48KjNJRJ9vxm3ruxayXZ+jI+sFN+KVb0uOCbd5/X 1GG/ZSocqBvjDmYuUMx0nHimp3/ppv9GlCjbFUGNFgPA9FbHyq5Ldr6CgA/kP9F1 fAhhdGjJ4JSytVE/mDp1KMWDS8gG7/aUpBw5Gc2FSfbl922hgdexOG08C6xOimjR a78rqdhbRPvcz2QYiNvu/zbRjQe4Hr9iTMbo6VMexYyON2XXjquwha6ndQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFODxQ6Qh6uhmcWWxDvppAujS8a3TMB8GA1UdIwQY MBaAFHeaSkKVxjj952DzzaR22L/CcRKyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDVwS1FwWEdPUDNuWVBQTnBIYll2OEp4RXJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mZDg5ZjktOThiNi00MjE3LWJjY2Qt NjJjNjdkNGJjNTQ2LzEvZDVwS1FwWEdPUDNuWVBQTnBIYll2OEp4RXJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9mZDg5ZjktOThiNi00MjE3LWJjY2QtNjJjNjdkNGJjNTQ2 LzEvZDVwS1FwWEdPUDNuWVBQTnBIYll2OEp4RXJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHHAEv052 vD8UsvZwRQn7MEjwdOivZJYj8NqJi5xFqrAYsmhTECo//7/wWN7xlj7oCeKq+Uiv X482G4qcvxZTtKRfZ75ZDhHXuIkgYN4BLVO6QiDMG8AofTk0nH28EJXCMbDnanKM lLXaTDaqMaJUC3XDMRaciKWReiQUbkssKYbeOcEIvU74PEaa6fjb1ynkbpNxZEr7 rVgBz92d+Arn5yFvWITaRJ/Kieui099yHY1bFKzUlQj+szhFhVuxeg1e0Ewe+ngf ZGQooea7/k+NN8X2+8yX3ww/siEtrYKSFIFszGsii18QhbzioD6GPF3VHd6fc9F/ IaT+DQAK4yTmGg== -----END CERTIFICATE-----Generated at Fri Dec 12 00:00:13 2025 by rpki-client