This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft File: 9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json) Hash identifier: 8PvkDWsm9hYnwJcADPmTSEN5dhfP3npSeEvYqtLus1s= Subject key identifier: 2A:32:11:BF:E3:FD:8B:3A:25:57:78:40:4F:CE:C8:D1:BE:34:76:9D Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA Certificate issuer: /CN=f5b310e9d44e8470d6cd800959066cb00f291efa Certificate serial: 019B19BB148B5FCB1D35B709D45F9A11BFD7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft Manifest number: 11DA Signing time: Sat 13 Dec 2025 22:00:49 +0000 Manifest this update: Sat 13 Dec 2025 22:00:49 +0000 Manifest next update: Sun 14 Dec 2025 22:00:49 +0000 Files and hashes: 1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: jCHv3YprM7Dy6fhvuzvbhzWmIVhOl4/5Tdlv8L9jIlE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bb:14:8b:5f:cb:1d:35:b7:09:d4:5f:9a:11:bf:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa Validity Not Before: Dec 13 22:00:49 2025 GMT Not After : Dec 14 22:00:49 2025 GMT Subject: CN=2a3211bfe3fd8b3a255778404fcec8d1be34769d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:75:a6:35:10:60:48:08:39:d0:4f:3d:2b:d0: fb:65:f2:5c:cd:4d:ae:21:2a:f9:30:b0:3b:01:33: 54:39:12:b9:a3:c3:ce:ad:d3:a3:d9:3a:f6:13:bc: 12:69:db:db:70:a5:b8:96:47:3f:88:48:4d:03:9e: a1:d0:26:93:70:95:87:ab:1d:14:8e:ae:65:6d:d3: a6:e4:a9:3d:af:58:27:3f:5b:dc:17:e4:95:5e:cc: fe:b2:2d:08:88:02:05:f0:a9:02:a2:31:6d:aa:fc: 28:19:af:db:d9:4f:5e:30:c5:b7:36:eb:ea:c4:ad: 9b:97:f6:b4:07:ed:10:9e:b7:37:6b:82:1c:b3:9a: 2f:b3:5b:08:c9:5e:fa:3c:30:3b:21:46:6d:19:11: b1:0c:7d:f1:8f:0a:de:3e:6f:ef:c8:28:21:a8:7a: 11:5c:09:ab:a8:49:1d:c3:b9:f8:51:ca:eb:1f:ea: 5b:9b:d7:d9:51:d4:0f:18:77:7b:8c:9a:4e:95:dd: 7f:29:90:d2:f3:e5:cf:56:53:87:21:f5:c3:02:37: 16:09:54:75:ad:51:e0:b2:db:38:8c:7d:67:0a:4b: 2d:5a:26:bd:e3:d4:4c:09:15:cf:99:8f:0d:6e:1c: 89:de:57:05:0f:5d:09:9d:83:ec:c8:6f:48:34:3a: 56:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:32:11:BF:E3:FD:8B:3A:25:57:78:40:4F:CE:C8:D1:BE:34:76:9D X509v3 Authority Key Identifier: keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:a3:21:5d:dc:a7:5b:14:36:e4:1f:b0:27:c2:c1:f5:70:63: f8:e8:f0:69:c8:d2:b4:cd:3b:62:c5:db:8d:af:8d:28:8e:39: 33:ad:9d:f1:19:9e:6c:f2:95:f6:b2:1e:6c:24:73:1b:1d:16: 3a:50:71:5b:57:d3:74:e8:fe:59:53:dd:4a:8a:0c:a1:e1:b6: e0:dd:14:31:9c:cd:19:12:15:41:52:f7:84:d1:3c:31:de:c2: 3e:64:11:f6:cb:88:9e:c6:b7:9a:c3:f2:e3:da:f6:59:7a:d6: 09:a9:a0:72:c2:b6:91:2e:09:3a:11:ce:7a:20:cc:7e:cd:2f: 3f:9f:03:ca:c6:f5:ba:76:06:38:c3:2c:f2:4b:5e:b0:fc:ec: c9:9f:43:a6:84:7a:14:a4:b1:39:22:fe:5f:bc:4d:2d:df:b4: c0:96:c8:ac:5e:cd:8a:81:44:d6:f5:b4:2c:88:80:6d:89:72: b9:c1:9d:de:5b:e5:5d:56:e3:f4:92:f2:cb:ba:22:5b:5c:4c: b2:90:bc:b0:e2:53:88:11:39:9a:bf:d2:6b:35:e9:3b:3b:5b: 00:b7:0e:68:d0:4d:54:87:1e:54:f9:d4:a6:96:6e:a9:07:31: b3:ef:da:37:51:a2:45:9a:57:02:ea:c6:1c:45:c6:49:cd:57: 0e:0f:16:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZuxSLX8sdNbcJ1F+aEb/XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy OTFlZmEwHhcNMjUxMjEzMjIwMDQ5WhcNMjUxMjE0MjIwMDQ5WjAzMTEwLwYDVQQD EygyYTMyMTFiZmUzZmQ4YjNhMjU1Nzc4NDA0ZmNlYzhkMWJlMzQ3NjlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnWmNRBgSAg50E89K9D7ZfJczU2u ISr5MLA7ATNUORK5o8POrdOj2Tr2E7wSadvbcKW4lkc/iEhNA56h0CaTcJWHqx0U jq5lbdOm5Kk9r1gnP1vcF+SVXsz+si0IiAIF8KkCojFtqvwoGa/b2U9eMMW3Nuvq xK2bl/a0B+0Qnrc3a4Ics5ovs1sIyV76PDA7IUZtGRGxDH3xjwrePm/vyCghqHoR XAmrqEkdw7n4UcrrH+pbm9fZUdQPGHd7jJpOld1/KZDS8+XPVlOHIfXDAjcWCVR1 rVHgsts4jH1nCkstWia949RMCRXPmY8NbhyJ3lcFD10JnYPsyG9INDpWOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCoyEb/j/Ys6JVd4QE/OyNG+NHadMB8GA1UdIwQY MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOqMhXdyn WxQ25B+wJ8LB9XBj+OjwacjStM07YsXbja+NKI45M62d8RmebPKV9rIebCRzGx0W OlBxW1fTdOj+WVPdSooMoeG24N0UMZzNGRIVQVL3hNE8Md7CPmQR9suInsa3msPy 49r2WXrWCamgcsK2kS4JOhHOeiDMfs0vP58Dysb1unYGOMMs8ktesPzsyZ9DpoR6 FKSxOSL+X7xNLd+0wJbIrF7NioFE1vW0LIiAbYlyucGd3lvlXVbj9JLyy7oiW1xM spC8sOJTiBE5mr/SazXpOztbALcOaNBNVIceVPnUppZuqQcxs+/aN1GiRZpXAurG HEXGSc1XDg8WFw== -----END CERTIFICATE-----Generated at Sun Dec 14 01:50:58 2025 by rpki-client