This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft File: mXFUBuche_wTgSpHBMYq4JnnyP8.mft (raw, json) Hash identifier: 0VFGZ7T/OEJMJ88nD7H+IdPwXuJyazKc/ocXPfQ0eHo= Subject key identifier: 85:05:CA:97:43:FA:A7:0F:03:01:33:81:59:3F:6D:39:69:7B:E5:EB Authority key identifier: 99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF Certificate issuer: /CN=99715406e7217bfc13812a4704c62ae099e7c8ff Certificate serial: 019B37FCB9090A4D743886C5345FFEC58EBE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft Manifest number: 04A3 Signing time: Fri 19 Dec 2025 19:01:07 +0000 Manifest this update: Fri 19 Dec 2025 19:01:07 +0000 Manifest next update: Sat 20 Dec 2025 19:01:07 +0000 Files and hashes: 1: mXFUBuche_wTgSpHBMYq4JnnyP8.crl (hash: b5soz2y3QAeGQYLwSXZ3ZtwHDmoSpPtwcfrwwPjOVQo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:fc:b9:09:0a:4d:74:38:86:c5:34:5f:fe:c5:8e:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=99715406e7217bfc13812a4704c62ae099e7c8ff Validity Not Before: Dec 19 19:01:07 2025 GMT Not After : Dec 20 19:01:07 2025 GMT Subject: CN=8505ca9743faa70f03013381593f6d39697be5eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:67:dd:c1:aa:c4:43:2f:e7:d7:1f:5f:f2:fd: b4:d8:c3:49:ac:a8:73:51:fe:2d:f3:c8:89:99:84: 43:fc:a5:22:39:00:d6:f0:df:b2:cc:4f:c0:a1:f1: 1a:6a:87:bb:a5:a1:50:8e:9d:ea:ff:9b:0e:8f:73: 1a:af:9c:9c:6e:6e:f4:f0:34:ef:17:dd:e6:60:68: 03:f7:ee:7d:e0:3d:39:9b:63:b2:ef:04:1c:f1:f6: 0e:40:0a:ac:b7:04:e8:fe:2a:de:9a:9b:f3:46:dc: 9d:04:37:f5:0f:38:46:e9:d7:7c:40:45:f8:21:4e: c5:10:b2:0b:28:e3:77:a2:35:66:88:b0:d2:ad:ed: 95:91:c2:eb:b1:2a:d2:06:83:42:bc:e6:2e:2f:a2: 65:ca:6f:5e:7a:de:a6:7f:4b:45:22:b9:57:e7:b9: 0d:f8:83:60:7b:7d:c5:c6:ec:a0:57:87:34:96:83: b0:5d:a5:2c:b0:2a:06:09:06:f9:1a:fc:3d:f7:65: 6e:35:53:3e:8a:9f:32:30:30:f4:af:02:fa:9b:b9: 6e:66:12:ef:a0:79:77:67:c1:45:75:bb:9a:34:bd: 96:ff:97:9d:8d:10:9f:a0:91:01:50:54:cd:6c:82: 9f:7c:23:c9:60:e8:74:38:ae:06:4f:6b:26:63:52: 17:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:05:CA:97:43:FA:A7:0F:03:01:33:81:59:3F:6D:39:69:7B:E5:EB X509v3 Authority Key Identifier: keyid:99:71:54:06:E7:21:7B:FC:13:81:2A:47:04:C6:2A:E0:99:E7:C8:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXFUBuche_wTgSpHBMYq4JnnyP8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4e9e37-6e66-41b1-aa99-1516b6d82e2d/1/mXFUBuche_wTgSpHBMYq4JnnyP8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:bb:56:ec:b3:cb:ec:9c:36:0d:7a:20:69:19:18:c6:73:b1: 79:dd:e0:bb:fa:2b:58:11:c9:1e:a7:27:4a:93:ae:c3:24:36: 2b:8f:0f:3a:6c:0b:be:6f:f3:a9:bb:40:9e:8b:50:66:25:ed: 5d:23:59:42:2b:cd:0b:af:d2:fe:6b:2f:39:5b:9f:e8:b5:c3: c1:9e:3d:1d:5b:5c:56:57:a1:75:b2:47:d4:b8:fb:28:ee:ab: f1:b8:15:27:e1:99:f6:86:e6:3d:de:99:e8:0a:2e:0c:dc:12: b7:71:c2:0e:89:53:2a:53:b9:38:b5:99:cf:5d:60:3e:e5:e2: f0:aa:8d:22:11:01:1e:97:aa:9e:f9:f8:24:7c:91:4e:98:e0: b0:73:d5:d9:06:97:66:8a:48:93:54:ee:a5:5f:5f:2c:74:8f: 2b:04:54:73:3f:96:90:ba:e3:1e:61:4c:3f:2d:20:93:ca:47: b1:f6:5b:9a:1f:ee:f2:57:2f:77:ea:6a:55:c2:23:6b:70:83: 3d:d2:d7:a6:8f:d1:72:45:95:ce:39:4c:14:5b:f0:6f:6a:41: a9:b0:7a:57:f2:58:ea:c2:c3:09:71:f5:37:fc:8e:49:33:b0: 07:a9:34:8c:1e:5c:2d:76:d2:e8:54:d7:b6:2a:24:9f:3b:46: 47:a9:62:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3/LkJCk10OIbFNF/+xY6+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5NzE1NDA2ZTcyMTdiZmMxMzgxMmE0NzA0YzYyYWUwOTll N2M4ZmYwHhcNMjUxMjE5MTkwMTA3WhcNMjUxMjIwMTkwMTA3WjAzMTEwLwYDVQQD Eyg4NTA1Y2E5NzQzZmFhNzBmMDMwMTMzODE1OTNmNmQzOTY5N2JlNWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mfdwarEQy/n1x9f8v202MNJrKhz Uf4t88iJmYRD/KUiOQDW8N+yzE/AofEaaoe7paFQjp3q/5sOj3Mar5ycbm708DTv F93mYGgD9+594D05m2Oy7wQc8fYOQAqstwTo/irempvzRtydBDf1DzhG6dd8QEX4 IU7FELILKON3ojVmiLDSre2VkcLrsSrSBoNCvOYuL6Jlym9eet6mf0tFIrlX57kN +INge33FxuygV4c0loOwXaUssCoGCQb5Gvw992VuNVM+ip8yMDD0rwL6m7luZhLv oHl3Z8FFdbuaNL2W/5edjRCfoJEBUFTNbIKffCPJYOh0OK4GT2smY1IXKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIUFypdD+qcPAwEzgVk/bTlpe+XrMB8GA1UdIwQY MBaAFJlxVAbnIXv8E4EqRwTGKuCZ58j/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTkt MTUxNmI2ZDgyZTJkLzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS80ZTllMzctNmU2Ni00MWIxLWFhOTktMTUxNmI2ZDgyZTJk LzEvbVhGVUJ1Y2hlX3dUZ1NwSEJNWXE0Sm5ueVA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXLtW7LPL 7Jw2DXogaRkYxnOxed3gu/orWBHJHqcnSpOuwyQ2K48POmwLvm/zqbtAnotQZiXt XSNZQivNC6/S/msvOVuf6LXDwZ49HVtcVlehdbJH1Lj7KO6r8bgVJ+GZ9obmPd6Z 6AouDNwSt3HCDolTKlO5OLWZz11gPuXi8KqNIhEBHpeqnvn4JHyRTpjgsHPV2QaX ZopIk1TupV9fLHSPKwRUcz+WkLrjHmFMPy0gk8pHsfZbmh/u8lcvd+pqVcIja3CD PdLXpo/RckWVzjlMFFvwb2pBqbB6V/JY6sLDCXH1N/yOSTOwB6k0jB5cLXbS6FTX tioknztGR6li4w== -----END CERTIFICATE-----Generated at Fri Dec 19 22:07:51 2025 by rpki-client