This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.mft File: mXrZ9c2mbZYdG87vxGPmKe6Bmlw.mft (raw, json) Hash identifier: LToKS4uzOC+une7wxkliVl7En9IagswdibOSjkxmE/Y= Subject key identifier: DC:6F:92:3F:01:D6:05:D2:91:53:60:3A:EC:36:A7:44:4F:82:48:F2 Authority key identifier: 99:7A:D9:F5:CD:A6:6D:96:1D:1B:CE:EF:C4:63:E6:29:EE:81:9A:5C Certificate issuer: /CN=997ad9f5cda66d961d1bceefc463e629ee819a5c Certificate serial: 019B5ABFDF91EB7AAF0AE6BA5C5D77CF1CF3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.mft Manifest number: 57 Signing time: Fri 26 Dec 2025 13:01:22 +0000 Manifest this update: Fri 26 Dec 2025 13:01:22 +0000 Manifest next update: Sat 27 Dec 2025 13:01:22 +0000 Files and hashes: 1: GNpQl66SlLD7k64oHfoj3L0otEQ.roa (hash: fuge2Ih7rkHNFHBfjSZi6ZhVlTXhFgJG1F6DrgT5vw0=) 2: mXrZ9c2mbZYdG87vxGPmKe6Bmlw.crl (hash: nIvROj/9h2Od0oyLMgY74LRuxJ8cM+jC8GEf+SY0dP4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.crl rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.mft rsync://rpki.ripe.net/repository/DEFAULT/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:df:91:eb:7a:af:0a:e6:ba:5c:5d:77:cf:1c:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=997ad9f5cda66d961d1bceefc463e629ee819a5c Validity Not Before: Dec 26 13:01:22 2025 GMT Not After : Dec 27 13:01:22 2025 GMT Subject: CN=dc6f923f01d605d29153603aec36a7444f8248f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:51:47:ff:7a:4c:d8:bb:32:64:0d:14:77:99: bf:3b:86:f9:f8:06:fa:3f:da:b2:b8:e3:76:06:4a: ab:c7:26:20:dd:0a:07:c9:0c:83:22:d4:a8:ed:30: 15:e2:4e:3b:ef:77:3c:45:12:e5:d9:1a:05:0d:3b: 2b:8a:a7:a7:4d:ef:b2:1c:3e:48:6a:cc:fc:01:80: 24:57:b5:65:d5:cf:ea:05:fb:1b:5e:98:e2:96:80: c3:67:b0:ef:eb:9c:f4:6b:90:cd:0e:29:77:45:0c: c2:e5:0d:fe:a0:f2:5c:9e:3d:72:4f:be:42:3c:49: 6a:b3:65:82:62:10:09:5e:b7:17:ef:85:64:76:a5: 04:23:00:a7:b8:53:0c:0e:1d:11:69:00:15:b1:f0: 5b:6d:3e:f2:ec:01:9c:ff:3e:a9:16:64:a0:37:bf: 5a:71:d2:97:c9:d7:f5:a9:d4:9e:8c:f7:36:f3:da: cc:94:f6:60:19:d5:35:f6:d0:f8:1b:d3:e2:ce:ce: c6:9c:5d:3a:d7:f3:c6:de:74:57:76:d5:8f:be:94: 0c:77:62:31:74:0b:53:1f:ba:e3:27:2f:cc:8b:3a: b5:bd:7d:1d:1f:eb:67:cc:36:56:49:5c:19:e5:00: c0:e0:41:41:8a:55:0e:c0:29:a1:40:5e:52:2e:9a: f8:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:6F:92:3F:01:D6:05:D2:91:53:60:3A:EC:36:A7:44:4F:82:48:F2 X509v3 Authority Key Identifier: keyid:99:7A:D9:F5:CD:A6:6D:96:1D:1B:CE:EF:C4:63:E6:29:EE:81:9A:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/d853d7-7785-4e6d-993c-7c6e4809df59/1/mXrZ9c2mbZYdG87vxGPmKe6Bmlw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:b9:76:69:5d:70:ea:95:ee:42:00:ac:c6:f3:1e:fc:4d:6c: 03:56:0e:77:24:70:76:4c:c6:de:ee:3a:a8:0d:fd:5c:e9:ec: ce:01:a2:5f:cc:4a:77:2b:8c:4b:2d:68:18:96:e4:f6:4e:f5: 14:b7:34:51:0e:ba:54:7b:ad:c2:f8:9f:c3:b1:2f:cf:41:db: c4:89:4d:5d:7b:57:53:d2:74:c7:75:eb:f2:cc:4b:85:bd:33: 18:28:a1:54:28:a1:61:88:65:78:40:01:68:f9:03:87:db:9f: a4:aa:50:8a:9b:cd:0a:04:6a:8c:44:df:01:f5:26:d1:e7:1c: b2:ce:63:5e:2f:7a:fb:24:87:27:a8:2b:f5:da:51:ee:24:28: 29:0a:4e:20:9a:c0:f2:c9:ee:4b:5f:0b:6e:1e:6a:f7:5b:d6: 97:35:74:65:4c:0c:e2:d4:41:2e:f2:ce:22:9a:b9:e7:38:7f: d0:ae:c0:fa:a7:b5:49:ce:27:44:6a:54:65:5b:40:ec:f2:7c: 08:0c:48:24:e9:c8:c4:e5:98:12:83:cf:ed:b5:65:e2:8c:52: 48:dd:db:83:b9:73:b9:51:29:f9:f3:5c:b2:9f:a6:bb:2a:32: ad:a8:96:12:2b:92:8a:63:f2:4a:4f:5b:17:8c:17:87:6c:d6: 94:b8:76:49 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav9+R63qvCua6XF13zxzzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5N2FkOWY1Y2RhNjZkOTYxZDFiY2VlZmM0NjNlNjI5ZWU4 MTlhNWMwHhcNMjUxMjI2MTMwMTIyWhcNMjUxMjI3MTMwMTIyWjAzMTEwLwYDVQQD EyhkYzZmOTIzZjAxZDYwNWQyOTE1MzYwM2FlYzM2YTc0NDRmODI0OGYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1FH/3pM2LsyZA0Ud5m/O4b5+Ab6 P9qyuON2BkqrxyYg3QoHyQyDItSo7TAV4k4773c8RRLl2RoFDTsriqenTe+yHD5I asz8AYAkV7Vl1c/qBfsbXpjiloDDZ7Dv65z0a5DNDil3RQzC5Q3+oPJcnj1yT75C PElqs2WCYhAJXrcX74VkdqUEIwCnuFMMDh0RaQAVsfBbbT7y7AGc/z6pFmSgN79a cdKXydf1qdSejPc289rMlPZgGdU19tD4G9Pizs7GnF061/PG3nRXdtWPvpQMd2Ix dAtTH7rjJy/Mizq1vX0dH+tnzDZWSVwZ5QDA4EFBilUOwCmhQF5SLpr4UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNxvkj8B1gXSkVNgOuw2p0RPgkjyMB8GA1UdIwQY MBaAFJl62fXNpm2WHRvO78Rj5inugZpcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVhyWjljMm1iWllkRzg3dnhHUG1LZTZCbWx3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9kODUzZDctNzc4NS00ZTZkLTk5M2Mt N2M2ZTQ4MDlkZjU5LzEvbVhyWjljMm1iWllkRzg3dnhHUG1LZTZCbWx3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9kODUzZDctNzc4NS00ZTZkLTk5M2MtN2M2ZTQ4MDlkZjU5 LzEvbVhyWjljMm1iWllkRzg3dnhHUG1LZTZCbWx3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtrl2aV1w 6pXuQgCsxvMe/E1sA1YOdyRwdkzG3u46qA39XOnszgGiX8xKdyuMSy1oGJbk9k71 FLc0UQ66VHutwvifw7Evz0HbxIlNXXtXU9J0x3Xr8sxLhb0zGCihVCihYYhleEAB aPkDh9ufpKpQipvNCgRqjETfAfUm0eccss5jXi96+ySHJ6gr9dpR7iQoKQpOIJrA 8snuS18Lbh5q91vWlzV0ZUwM4tRBLvLOIpq55zh/0K7A+qe1Sc4nRGpUZVtA7PJ8 CAxIJOnIxOWYEoPP7bVl4oxSSN3bg7lzuVEp+fNcsp+muyoyraiWEiuSimPySk9b F4wXh2zWlLh2SQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:42:25 2025 by rpki-client