This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft File: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft (raw, json) Hash identifier: JtWrLo9dfzsb2wqvl0BQasetrq/Emooy4DhiKPndQHY= Subject key identifier: 78:6B:31:9F:74:4D:ED:88:F8:D2:7B:E4:85:E3:A0:C9:E3:93:8F:A1 Authority key identifier: F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89 Certificate issuer: /CN=f4c64994e24d4aefdc42a8831fe0dce20d604689 Certificate serial: 019B484BAE8393E2D7F69E60C5CE10156E97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft Manifest number: 1790 Signing time: Mon 22 Dec 2025 23:01:17 +0000 Manifest this update: Mon 22 Dec 2025 23:01:17 +0000 Manifest next update: Tue 23 Dec 2025 23:01:17 +0000 Files and hashes: 1: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl (hash: 2nupKh7UEwJ1J1zNkQfbhNx0EtngeN7TMPUItCa27/M=) 2: bRo1FpRQdGW3rrEgf9LP2ZyYMbs.roa (hash: ZwgslFPNqU25lgzTk3XOIv2Nozx6fjcmPWKTGmYvfPU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:4b:ae:83:93:e2:d7:f6:9e:60:c5:ce:10:15:6e:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f4c64994e24d4aefdc42a8831fe0dce20d604689 Validity Not Before: Dec 22 23:01:17 2025 GMT Not After : Dec 23 23:01:17 2025 GMT Subject: CN=786b319f744ded88f8d27be485e3a0c9e3938fa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e2:fa:96:3c:51:d4:9a:2b:ef:5a:74:f7:4d: 21:33:de:8d:bb:da:89:23:46:83:47:b6:83:cc:55: 47:c4:86:e3:38:95:ad:df:b9:b2:fb:72:a9:5c:4c: 9e:f9:d6:68:65:17:1b:01:d4:50:c8:af:08:8a:2c: 90:a2:98:aa:d3:5e:e3:1a:b5:f2:6b:65:a1:eb:a2: 54:ae:02:93:36:cb:71:4f:22:91:b8:12:6b:c1:3a: da:1a:e0:44:55:c0:2b:77:ef:7f:11:cd:f3:25:70: 5c:d5:d3:6a:b0:9e:84:20:2e:ec:f1:59:60:53:6a: 3c:3c:bc:fe:0c:77:e9:17:ee:5c:f1:9d:47:b7:37: 58:7e:ca:a1:3c:2d:b9:e4:ba:d5:e7:75:36:ea:80: 42:d5:af:17:ec:dc:6b:ff:0b:c2:6f:e2:4c:d1:b7: 04:ed:6a:c2:6b:89:8f:6b:02:3f:cc:7b:e7:1f:61: d8:22:70:27:c0:66:59:45:36:8c:12:a9:37:f6:61: f5:49:b2:7c:96:95:cd:5c:76:12:d9:7f:d1:27:4a: a4:04:08:5b:11:6c:b9:97:1a:a8:ba:c4:e3:e7:74: 65:f4:7f:7b:54:ed:22:6d:70:b6:35:c0:50:09:28: 34:f8:bb:ae:de:66:1c:b8:d9:13:32:93:23:85:06: da:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:6B:31:9F:74:4D:ED:88:F8:D2:7B:E4:85:E3:A0:C9:E3:93:8F:A1 X509v3 Authority Key Identifier: keyid:F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:2e:ef:92:d1:5f:ed:85:9c:ba:77:d2:6c:34:29:9e:c5:16: 9c:79:c2:1a:14:8a:7d:52:d4:8c:68:4a:49:4a:4a:fa:91:2c: a4:f5:19:f4:44:50:87:b9:e1:9f:26:7d:79:e3:16:7c:51:7d: 1b:e2:f2:ca:ff:c0:51:1c:ea:00:5b:2c:6a:42:40:85:ae:f7: 5c:f1:38:ca:b1:f7:b7:af:9f:d9:b8:e9:5a:4f:e4:42:d1:d4: 28:b0:dd:1b:ba:d2:cd:67:b4:41:05:33:2a:d1:67:fe:b5:3b: e8:fb:c1:67:dd:58:25:4e:c0:88:d3:7f:1a:d6:93:3d:5e:46: 8e:ac:c1:fc:08:86:f6:c1:69:c7:93:e7:7b:f2:50:c7:fd:54: 4d:26:58:f9:f3:9c:2d:5b:a3:79:8a:40:e5:24:fb:eb:37:c2: 5d:23:0a:e1:20:86:b9:32:cf:db:09:da:9c:dd:30:72:6e:4b: f6:00:77:5c:4f:8a:04:af:42:b9:8b:b4:79:38:cf:f2:0d:0a: a5:b9:87:90:ce:c3:55:69:98:08:f4:8b:0a:68:d8:85:5c:28: da:c5:43:3a:b6:d6:3b:33:19:3c:51:6e:03:f1:a6:81:40:61: cb:09:2b:40:1c:2d:34:d6:ea:60:1a:a2:cf:eb:47:b7:b4:67: 4c:80:a5:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIS66Dk+LX9p5gxc4QFW6XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY0YzY0OTk0ZTI0ZDRhZWZkYzQyYTg4MzFmZTBkY2UyMGQ2 MDQ2ODkwHhcNMjUxMjIyMjMwMTE3WhcNMjUxMjIzMjMwMTE3WjAzMTEwLwYDVQQD Eyg3ODZiMzE5Zjc0NGRlZDg4ZjhkMjdiZTQ4NWUzYTBjOWUzOTM4ZmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquL6ljxR1Jor71p0900hM96Nu9qJ I0aDR7aDzFVHxIbjOJWt37my+3KpXEye+dZoZRcbAdRQyK8IiiyQopiq017jGrXy a2Wh66JUrgKTNstxTyKRuBJrwTraGuBEVcArd+9/Ec3zJXBc1dNqsJ6EIC7s8Vlg U2o8PLz+DHfpF+5c8Z1HtzdYfsqhPC255LrV53U26oBC1a8X7Nxr/wvCb+JM0bcE 7WrCa4mPawI/zHvnH2HYInAnwGZZRTaMEqk39mH1SbJ8lpXNXHYS2X/RJ0qkBAhb EWy5lxqousTj53Rl9H97VO0ibXC2NcBQCSg0+Luu3mYcuNkTMpMjhQbaFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHhrMZ90Te2I+NJ75IXjoMnjk4+hMB8GA1UdIwQY MBaAFPTGSZTiTUrv3EKogx/g3OINYEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUt Mzg1NTY5OGZiNTdmLzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUtMzg1NTY5OGZiNTdm LzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJi7vktFf 7YWcunfSbDQpnsUWnHnCGhSKfVLUjGhKSUpK+pEspPUZ9ERQh7nhnyZ9eeMWfFF9 G+Lyyv/AURzqAFssakJAha73XPE4yrH3t6+f2bjpWk/kQtHUKLDdG7rSzWe0QQUz KtFn/rU76PvBZ91YJU7AiNN/GtaTPV5GjqzB/AiG9sFpx5Pne/JQx/1UTSZY+fOc LVujeYpA5ST76zfCXSMK4SCGuTLP2wnanN0wcm5L9gB3XE+KBK9CuYu0eTjP8g0K pbmHkM7DVWmYCPSLCmjYhVwo2sVDOrbWOzMZPFFuA/GmgUBhywkrQBwtNNbqYBqi z+tHt7RnTICl+g== -----END CERTIFICATE-----Generated at Tue Dec 23 04:11:22 2025 by rpki-client