This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft File: mSAfYJ56iT2obPDrvKS79HJ51hc.mft (raw, json) Hash identifier: WbKvDrTmMGy+VODRWUCKBoH+hjvKOPCdTu77DzaNFFQ= Subject key identifier: 8C:B2:C6:76:17:01:3F:7D:4E:D8:F8:46:10:FA:4A:48:4D:AD:BC:E2 Authority key identifier: 99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17 Certificate issuer: /CN=99201f609e7a893da86cf0ebbca4bbf47279d617 Certificate serial: 019B5A887490D12B5C0AB9079B0A8BEA01E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft Manifest number: 0633 Signing time: Fri 26 Dec 2025 12:00:50 +0000 Manifest this update: Fri 26 Dec 2025 12:00:50 +0000 Manifest next update: Sat 27 Dec 2025 12:00:50 +0000 Files and hashes: 1: mSAfYJ56iT2obPDrvKS79HJ51hc.crl (hash: 1Dp2AIYk85cv/05SzObcjEQTp4SUjRhVx++ot9cYyRE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:74:90:d1:2b:5c:0a:b9:07:9b:0a:8b:ea:01:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=99201f609e7a893da86cf0ebbca4bbf47279d617 Validity Not Before: Dec 26 12:00:50 2025 GMT Not After : Dec 27 12:00:50 2025 GMT Subject: CN=8cb2c67617013f7d4ed8f84610fa4a484dadbce2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:53:b5:5a:e0:f3:14:ed:3c:10:5d:77:9e:7c: 76:8f:80:06:ba:59:1f:2f:60:d4:de:af:79:67:59: ff:de:28:53:73:56:83:c1:32:02:77:2a:fa:76:50: f3:d1:0b:39:3b:9e:4c:60:22:e9:d5:0e:49:7e:3b: 1a:15:33:5d:6a:12:c7:16:a3:fd:ba:62:45:b4:cd: e9:9d:f8:ba:6d:73:fb:f8:ba:c7:d7:bd:b6:04:0e: 6c:13:bc:07:a9:d8:69:b2:ba:79:1b:1d:4d:4e:ca: a4:28:8b:ea:1a:5f:d0:58:bd:a0:d1:c9:d8:48:22: 75:dc:bd:1e:02:e0:5a:f9:e4:8f:90:8c:ed:fb:61: 9a:d5:d6:5b:ea:80:58:b0:cd:d7:33:e8:4f:28:c4: 19:ff:86:1d:38:e4:34:f3:c0:33:7c:29:ef:56:46: d3:de:de:a8:31:d6:48:23:36:b3:0f:18:f7:33:74: 43:c1:f0:9d:4f:2c:e3:67:98:af:1b:44:25:f3:13: ce:1c:aa:f0:2b:cf:44:9f:2c:28:bb:13:7c:2e:ad: 9c:7a:bd:64:05:86:dd:09:ed:a1:1d:6c:d7:e3:79: 3d:04:0d:48:c9:21:ed:23:67:a0:6a:c6:b8:f2:c7: 5e:e2:5a:29:49:27:4e:65:10:63:d0:7a:b7:85:69: fd:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:B2:C6:76:17:01:3F:7D:4E:D8:F8:46:10:FA:4A:48:4D:AD:BC:E2 X509v3 Authority Key Identifier: keyid:99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:cc:e4:8c:19:14:8d:43:db:5c:c8:fd:db:9c:17:db:d0:69: af:ec:e7:c8:02:30:b2:60:3d:9e:86:5b:36:7c:49:ed:fe:82: 55:0d:6f:99:70:05:e3:a6:af:b6:e0:05:ee:1e:56:15:1c:58: ae:23:5c:8b:2f:df:ee:80:16:7f:cc:a0:08:14:fc:18:0b:79: 86:68:40:ca:e9:c5:c8:c3:5e:3c:3c:f8:f0:ae:48:07:9c:d6: 59:ee:f0:f0:72:d8:5d:de:a6:d9:4f:3d:bd:01:38:aa:7a:3b: 6f:b1:31:60:07:16:c7:20:6e:27:74:54:b6:d9:48:a5:1d:5b: bf:ff:25:bc:07:30:4f:35:5d:46:74:1d:51:47:8a:77:4d:74: 9a:ed:48:5a:e1:1c:93:30:4e:b7:8f:b9:0e:87:d7:70:68:db: 84:4f:56:4e:9d:c4:27:7e:5a:df:6a:9b:4c:72:80:48:17:18: 32:e9:c4:82:e1:30:d5:b0:54:69:4d:e1:e3:54:fc:83:f1:44: cf:d7:16:f3:09:15:94:50:37:fd:da:1c:b8:54:d3:2c:f2:1b: 89:89:58:78:b7:39:f2:8d:f6:3c:d2:c4:90:5d:e3:a4:9a:6d: 99:35:ed:7d:a3:a4:c8:d9:86:08:36:50:a6:f9:38:fd:95:38: 78:db:18:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiHSQ0StcCrkHmwqL6gHiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5MjAxZjYwOWU3YTg5M2RhODZjZjBlYmJjYTRiYmY0NzI3 OWQ2MTcwHhcNMjUxMjI2MTIwMDUwWhcNMjUxMjI3MTIwMDUwWjAzMTEwLwYDVQQD Eyg4Y2IyYzY3NjE3MDEzZjdkNGVkOGY4NDYxMGZhNGE0ODRkYWRiY2UyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1O1WuDzFO08EF13nnx2j4AGulkf L2DU3q95Z1n/3ihTc1aDwTICdyr6dlDz0Qs5O55MYCLp1Q5JfjsaFTNdahLHFqP9 umJFtM3pnfi6bXP7+LrH1722BA5sE7wHqdhpsrp5Gx1NTsqkKIvqGl/QWL2g0cnY SCJ13L0eAuBa+eSPkIzt+2Ga1dZb6oBYsM3XM+hPKMQZ/4YdOOQ088AzfCnvVkbT 3t6oMdZIIzazDxj3M3RDwfCdTyzjZ5ivG0Ql8xPOHKrwK89EnywouxN8Lq2cer1k BYbdCe2hHWzX43k9BA1IySHtI2egasa48sde4lopSSdOZRBj0Hq3hWn9PwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIyyxnYXAT99Ttj4RhD6SkhNrbziMB8GA1UdIwQY MBaAFJkgH2Ceeok9qGzw67yku/RyedYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMt YjIzMTcyZWI4MWZiLzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMtYjIzMTcyZWI4MWZi LzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcMzkjBkU jUPbXMj925wX29Bpr+znyAIwsmA9noZbNnxJ7f6CVQ1vmXAF46avtuAF7h5WFRxY riNciy/f7oAWf8ygCBT8GAt5hmhAyunFyMNePDz48K5IB5zWWe7w8HLYXd6m2U89 vQE4qno7b7ExYAcWxyBuJ3RUttlIpR1bv/8lvAcwTzVdRnQdUUeKd010mu1IWuEc kzBOt4+5DofXcGjbhE9WTp3EJ35a32qbTHKASBcYMunEguEw1bBUaU3h41T8g/FE z9cW8wkVlFA3/docuFTTLPIbiYlYeLc58o32PNLEkF3jpJptmTXtfaOkyNmGCDZQ pvk4/ZU4eNsYxw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:00 2025 by rpki-client