This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft File: Ma-3caS5EQsRSqgHr7cIaxplN54.mft (raw, json) Hash identifier: ChkbouV+Me22qqEaFMkE198BAQF3QhGOrTv6A6+b4ec= Subject key identifier: DC:EB:A2:68:CE:4E:77:DC:61:62:CF:93:56:B2:EC:8B:B9:16:33:2B Authority key identifier: 31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E Certificate issuer: /CN=31afb771a4b9110b114aa807afb7086b1a65379e Certificate serial: 019B5975C7CD241814FCA09C39672A278B8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft Manifest number: 0553 Signing time: Fri 26 Dec 2025 07:00:49 +0000 Manifest this update: Fri 26 Dec 2025 07:00:49 +0000 Manifest next update: Sat 27 Dec 2025 07:00:49 +0000 Files and hashes: 1: Ma-3caS5EQsRSqgHr7cIaxplN54.crl (hash: e6f/3Q+hiBNKjNKwe2A25qAfgo79PkzQ15qmwmm+9SM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 07:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:c7:cd:24:18:14:fc:a0:9c:39:67:2a:27:8b:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31afb771a4b9110b114aa807afb7086b1a65379e Validity Not Before: Dec 26 07:00:49 2025 GMT Not After : Dec 27 07:00:49 2025 GMT Subject: CN=dceba268ce4e77dc6162cf9356b2ec8bb916332b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c6:b8:08:17:88:cc:5a:26:7e:21:37:6d:f5: 7c:af:16:c2:08:30:d7:ea:3d:0e:c2:0e:08:cb:df: df:73:4f:67:2f:23:b8:44:05:07:a0:80:1d:8d:02: e4:53:93:fc:fb:41:e7:3e:72:62:15:e5:c9:b6:a6: 96:d6:08:33:08:44:8a:31:4d:34:9a:94:b4:5b:0f: 1d:f6:b0:b5:32:44:45:a4:cc:e7:76:8e:94:84:cd: 15:ad:bf:9c:8d:16:ea:7f:fa:9e:9d:d4:18:ac:c6: 50:f4:c2:a2:c7:5d:ff:a5:c1:ee:8d:98:84:7e:1b: d4:61:b7:8f:eb:07:e6:23:3a:c9:b2:43:19:c8:d4: 56:8f:e1:6a:02:19:50:77:94:db:f2:22:fa:0c:51: 4d:02:d3:9a:2c:60:a6:f2:57:57:cc:d2:1b:98:41: da:2f:e4:1f:62:53:bd:da:c2:d5:40:85:28:69:0e: 76:8f:4e:fb:c3:69:f8:66:28:b1:db:1a:ce:ab:1a: 4f:2c:c6:79:1f:14:30:c2:d0:36:c5:35:49:67:00: 5e:76:10:24:b8:4c:cb:69:bf:be:54:1d:ea:06:14: f0:aa:b7:80:9c:95:87:bc:0a:49:85:88:62:d9:7f: 38:e9:b0:5e:9e:99:1f:e8:85:1f:0c:07:37:b0:c7: ab:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:EB:A2:68:CE:4E:77:DC:61:62:CF:93:56:B2:EC:8B:B9:16:33:2B X509v3 Authority Key Identifier: keyid:31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:59:19:c4:98:00:29:af:d8:e9:b6:b8:51:c0:d4:d7:d0:67: 43:ff:0e:d7:17:1c:25:01:58:13:d6:1e:dd:aa:00:3f:a3:71: bc:52:01:a1:54:3d:6e:54:02:3d:87:b3:78:2f:4a:c4:70:b5: 43:ec:9e:27:8b:a0:fb:95:fb:d7:df:ff:d6:d1:43:1d:dd:e3: 2a:3a:f9:d4:30:6f:17:7b:17:71:ba:64:e8:a7:d3:41:31:a2: 9f:48:d3:60:5c:07:e9:7b:10:71:7b:f8:b7:61:98:57:e9:8f: 91:f8:e8:aa:37:ca:12:69:d3:55:d9:60:ca:8e:22:61:38:df: 56:9f:ae:d8:1d:06:ea:79:4a:a7:72:f7:7d:e0:4a:06:11:97: 7d:4a:ae:b2:6a:74:29:e4:8e:7c:0a:9f:8e:98:f4:72:8d:ae: a9:11:14:e8:1b:fe:c9:0d:16:a1:d5:d9:6a:c7:07:32:a3:8e: a8:9e:95:98:b2:60:b5:3f:40:94:9e:45:41:b3:86:72:a4:63: e1:9d:4b:6a:7b:02:c9:86:d0:97:99:1a:aa:ea:5d:78:f4:af: b8:e3:32:1f:3b:fc:35:34:9e:e2:e5:9f:01:32:6d:55:8e:b5: ac:a8:1b:5a:14:41:5a:bf:93:ff:c6:52:7a:cb:5c:77:fe:db: 7d:a4:ad:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdcfNJBgU/KCcOWcqJ4uOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxYWZiNzcxYTRiOTExMGIxMTRhYTgwN2FmYjcwODZiMWE2 NTM3OWUwHhcNMjUxMjI2MDcwMDQ5WhcNMjUxMjI3MDcwMDQ5WjAzMTEwLwYDVQQD EyhkY2ViYTI2OGNlNGU3N2RjNjE2MmNmOTM1NmIyZWM4YmI5MTYzMzJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ma4CBeIzFomfiE3bfV8rxbCCDDX 6j0Owg4Iy9/fc09nLyO4RAUHoIAdjQLkU5P8+0HnPnJiFeXJtqaW1ggzCESKMU00 mpS0Ww8d9rC1MkRFpMzndo6UhM0Vrb+cjRbqf/qendQYrMZQ9MKix13/pcHujZiE fhvUYbeP6wfmIzrJskMZyNRWj+FqAhlQd5Tb8iL6DFFNAtOaLGCm8ldXzNIbmEHa L+QfYlO92sLVQIUoaQ52j077w2n4Ziix2xrOqxpPLMZ5HxQwwtA2xTVJZwBedhAk uEzLab++VB3qBhTwqreAnJWHvApJhYhi2X846bBenpkf6IUfDAc3sMerAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNzromjOTnfcYWLPk1ay7Iu5FjMrMB8GA1UdIwQY MBaAFDGvt3GkuRELEUqoB6+3CGsaZTeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2It YjBlYjRjMDZhMWU3LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2ItYjBlYjRjMDZhMWU3 LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV1kZxJgA Ka/Y6ba4UcDU19BnQ/8O1xccJQFYE9Ye3aoAP6NxvFIBoVQ9blQCPYezeC9KxHC1 Q+yeJ4ug+5X719//1tFDHd3jKjr51DBvF3sXcbpk6KfTQTGin0jTYFwH6XsQcXv4 t2GYV+mPkfjoqjfKEmnTVdlgyo4iYTjfVp+u2B0G6nlKp3L3feBKBhGXfUqusmp0 KeSOfAqfjpj0co2uqREU6Bv+yQ0WodXZascHMqOOqJ6VmLJgtT9AlJ5FQbOGcqRj 4Z1LansCyYbQl5kaqupdePSvuOMyHzv8NTSe4uWfATJtVY61rKgbWhRBWr+T/8ZS estcd/7bfaStqg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:29 2025 by rpki-client