This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft File: MxSDS__K3sS4kl2gQu8N6YmYBFY.mft (raw, json) Hash identifier: mQ9P7m6/H9hb9j39GgxYFjCntso+tCPgGOCDyk4PAN0= Subject key identifier: 44:EE:78:FD:CE:13:32:01:77:29:F6:54:4B:9A:06:DA:8E:63:06:14 Authority key identifier: 33:14:83:4B:FF:CA:DE:C4:B8:92:5D:A0:42:EF:0D:E9:89:98:04:56 Certificate issuer: /CN=3314834bffcadec4b8925da042ef0de989980456 Certificate serial: 019B5A522A72123B77AF46B7BD369C910A56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxSDS__K3sS4kl2gQu8N6YmYBFY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft Manifest number: 3C Signing time: Fri 26 Dec 2025 11:01:32 +0000 Manifest this update: Fri 26 Dec 2025 11:01:32 +0000 Manifest next update: Sat 27 Dec 2025 11:01:32 +0000 Files and hashes: 1: MxSDS__K3sS4kl2gQu8N6YmYBFY.crl (hash: 5QIKF6gMpYU1TbuwBy33/ZG0FR7PgD28r5F4wgcv5sc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.crl rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft rsync://rpki.ripe.net/repository/DEFAULT/MxSDS__K3sS4kl2gQu8N6YmYBFY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:2a:72:12:3b:77:af:46:b7:bd:36:9c:91:0a:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3314834bffcadec4b8925da042ef0de989980456 Validity Not Before: Dec 26 11:01:32 2025 GMT Not After : Dec 27 11:01:32 2025 GMT Subject: CN=44ee78fdce1332017729f6544b9a06da8e630614 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:0e:e5:c7:79:09:e0:a9:20:4b:21:42:18:66: 32:dd:48:05:01:92:c4:49:83:ba:01:f1:dd:30:4a: 8b:5c:e5:d2:5d:1d:44:af:23:cf:3a:60:00:bc:36: e0:c1:e6:4b:ae:85:bc:58:e6:25:48:c8:f8:f3:01: 22:18:8b:76:64:fa:f0:57:b6:03:02:83:5c:02:08: 06:f8:b2:a4:7e:74:4b:75:77:a9:0f:4b:68:ca:60: eb:a4:92:50:9c:31:6b:df:41:34:0b:78:18:61:72: 01:e2:b5:05:2c:da:bb:cb:4c:60:f9:04:be:1e:46: 3a:1b:ec:d4:18:52:b4:38:e9:91:bf:35:c4:2a:9b: 9a:c3:32:da:4f:3a:18:92:e5:59:f3:25:ed:7d:4c: 54:c5:1d:fa:ad:a5:be:39:c5:3a:5a:af:f9:74:89: de:b8:68:a6:63:91:e5:a5:4c:82:dc:92:70:88:cf: 7e:61:e6:0f:b9:53:8f:a0:03:0f:38:6b:d1:01:7c: 1d:a3:d5:38:8b:bd:a7:4d:90:43:0e:6f:24:73:e1: a9:5c:13:4b:09:d0:c3:43:ae:10:cf:36:3d:8f:37: 57:ee:2b:01:d9:2d:bd:15:56:e5:b5:21:4e:b3:b9: a7:12:8e:8b:32:3c:ea:44:16:7e:29:88:fa:a3:f2: eb:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:EE:78:FD:CE:13:32:01:77:29:F6:54:4B:9A:06:DA:8E:63:06:14 X509v3 Authority Key Identifier: keyid:33:14:83:4B:FF:CA:DE:C4:B8:92:5D:A0:42:EF:0D:E9:89:98:04:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxSDS__K3sS4kl2gQu8N6YmYBFY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:0f:87:4b:37:90:42:77:e0:82:fa:88:97:b8:44:8a:32:fd: 1a:b0:dd:7c:ad:c4:20:6f:03:67:78:c0:b6:89:d8:a0:ec:28: 90:92:e7:28:de:8f:67:d9:cb:e8:28:cc:f6:be:18:72:3c:ad: eb:01:eb:f5:ec:43:6e:5c:3a:4e:83:2f:61:47:7a:08:b7:c4: 92:06:df:98:2a:4a:26:c6:8c:95:4f:e3:d2:b6:92:6e:d0:db: 6d:69:1b:64:a3:25:08:6f:61:2b:c6:bc:19:38:8e:53:95:e1: 9e:dc:94:c0:3f:5c:fd:76:6a:62:a3:9f:3c:cb:c7:22:05:ab: b6:8a:cf:88:11:73:87:8e:a9:de:ab:d8:f8:38:83:dd:da:28: ea:24:83:fe:b4:aa:4f:97:45:2e:a4:16:00:6b:75:7d:5b:78: 20:3a:82:8f:e1:48:b4:93:51:16:64:60:f9:32:66:e9:9c:cb: 00:d8:b4:03:f7:89:5d:d8:0f:45:54:c2:81:4a:0c:79:fa:22: 28:f1:ee:00:84:6a:cb:1c:e9:f9:6f:bf:77:cd:9a:e3:07:0e: d7:5a:49:9a:f9:dd:29:e9:c4:af:56:c0:17:d0:09:03:bd:82: c9:76:ab:94:c4:1d:f8:cc:bb:4e:5c:6f:a7:0f:71:9c:97:db: d5:4d:ff:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUipyEjt3r0a3vTackQpWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzMTQ4MzRiZmZjYWRlYzRiODkyNWRhMDQyZWYwZGU5ODk5 ODA0NTYwHhcNMjUxMjI2MTEwMTMyWhcNMjUxMjI3MTEwMTMyWjAzMTEwLwYDVQQD Eyg0NGVlNzhmZGNlMTMzMjAxNzcyOWY2NTQ0YjlhMDZkYThlNjMwNjE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg7lx3kJ4KkgSyFCGGYy3UgFAZLE SYO6AfHdMEqLXOXSXR1EryPPOmAAvDbgweZLroW8WOYlSMj48wEiGIt2ZPrwV7YD AoNcAggG+LKkfnRLdXepD0toymDrpJJQnDFr30E0C3gYYXIB4rUFLNq7y0xg+QS+ HkY6G+zUGFK0OOmRvzXEKpuawzLaTzoYkuVZ8yXtfUxUxR36raW+OcU6Wq/5dIne uGimY5HlpUyC3JJwiM9+YeYPuVOPoAMPOGvRAXwdo9U4i72nTZBDDm8kc+GpXBNL CdDDQ64QzzY9jzdX7isB2S29FVbltSFOs7mnEo6LMjzqRBZ+KYj6o/Lr1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFETueP3OEzIBdyn2VEuaBtqOYwYUMB8GA1UdIwQY MBaAFDMUg0v/yt7EuJJdoELvDemJmARWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXhTRFNfX0szc1M0a2wyZ1F1OE42WW1ZQkZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8xM2FhZWMtNjQ4YS00M2I2LWE3Njct M2FmMTFjNDQ0ODM1LzEvTXhTRFNfX0szc1M0a2wyZ1F1OE42WW1ZQkZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8xM2FhZWMtNjQ4YS00M2I2LWE3NjctM2FmMTFjNDQ0ODM1 LzEvTXhTRFNfX0szc1M0a2wyZ1F1OE42WW1ZQkZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApQ+HSzeQ QnfggvqIl7hEijL9GrDdfK3EIG8DZ3jAtonYoOwokJLnKN6PZ9nL6CjM9r4Ycjyt 6wHr9exDblw6ToMvYUd6CLfEkgbfmCpKJsaMlU/j0raSbtDbbWkbZKMlCG9hK8a8 GTiOU5XhntyUwD9c/XZqYqOfPMvHIgWrtorPiBFzh46p3qvY+DiD3doo6iSD/rSq T5dFLqQWAGt1fVt4IDqCj+FItJNRFmRg+TJm6ZzLANi0A/eJXdgPRVTCgUoMefoi KPHuAIRqyxzp+W+/d82a4wcO11pJmvndKenEr1bAF9AJA72CyXarlMQd+My7Tlxv pw9xnJfb1U3/TA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:43:15 2025 by rpki-client