This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft File: MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json) Hash identifier: XnHhewc3+7ZhF66O0EC+CuAKxFf2y5D1V+KNZ+ppenw= Subject key identifier: F2:BA:7B:E0:F2:95:DE:79:24:38:8A:D8:F9:59:F7:D4:A8:57:39:19 Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33 Certificate issuer: /CN=3026e2422fa722454e608317d21862b66aa37d33 Certificate serial: 019B5976F2A6887614857BB7FFA10CCB8F87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft Manifest number: 16E7 Signing time: Fri 26 Dec 2025 07:02:06 +0000 Manifest this update: Fri 26 Dec 2025 07:02:06 +0000 Manifest next update: Sat 27 Dec 2025 07:02:06 +0000 Files and hashes: 1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: +/L3LaTy/k5ucaQ0UY+zYy48AEnJPnfsP5DntqzeW5U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:f2:a6:88:76:14:85:7b:b7:ff:a1:0c:cb:8f:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33 Validity Not Before: Dec 26 07:02:06 2025 GMT Not After : Dec 27 07:02:06 2025 GMT Subject: CN=f2ba7be0f295de7924388ad8f959f7d4a8573919 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:9a:c3:c5:fc:01:2b:4d:ce:24:9e:1a:93:95: 95:78:ef:38:76:6b:da:4f:61:d6:c4:07:69:4a:28: d9:fc:44:65:9d:26:53:2a:34:7a:7e:7a:94:9b:4c: 2d:01:e3:4c:81:50:be:a5:03:23:23:8d:57:e5:b6: a1:93:e2:5d:fa:6c:ab:fd:03:53:91:5b:aa:27:10: c6:d7:aa:49:6a:88:ee:1e:fb:37:e2:54:52:3b:77: 0a:ab:a8:98:cf:50:92:a8:91:5e:b9:42:05:01:73: 68:82:ba:46:19:72:d6:7f:f9:1f:74:0b:1a:cf:c7: 83:c0:43:c3:78:59:ff:1e:fe:b9:0c:9c:32:0c:6b: 54:bd:dc:00:8f:36:3e:f7:ae:af:21:45:04:7a:9a: 10:df:49:2e:18:b9:01:7b:cc:9e:63:72:73:21:91: 64:25:98:a8:7d:db:e8:1a:e6:ac:e4:1d:40:18:95: 32:c7:f1:5e:bf:5b:45:15:09:56:2b:b8:6f:81:8c: cb:40:2f:9c:4c:be:3e:3f:9b:91:96:cc:a4:6c:3c: c4:4a:85:ff:36:e1:71:7b:8f:3d:bc:49:11:50:29: 70:01:9f:6a:92:fe:bf:a7:ae:28:1c:11:9f:dd:24: 3e:44:11:c4:71:6e:e4:26:c3:4d:c9:98:11:6d:5b: 4a:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:BA:7B:E0:F2:95:DE:79:24:38:8A:D8:F9:59:F7:D4:A8:57:39:19 X509v3 Authority Key Identifier: keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:71:dd:4d:8c:44:b7:6a:6f:6f:59:47:5b:ad:ea:df:4c:f6: b7:d7:96:9d:fe:ff:f6:f5:2d:ea:92:2b:68:32:f9:71:2d:63: 7b:eb:81:4e:b9:43:03:52:e5:76:78:ec:ba:e6:8c:0a:f2:65: c2:14:44:11:7e:be:5e:d9:c9:07:f6:80:07:6e:d1:cf:fa:4e: 65:a0:09:c4:bd:6a:24:3f:68:f8:16:70:1d:58:ed:f7:95:19: 6b:3a:a9:82:35:0d:77:eb:f9:5e:75:dd:ab:31:54:ad:34:0a: 40:1c:db:02:aa:e9:f6:e3:be:a0:58:c3:f0:11:76:f3:a4:4f: 94:59:fc:58:aa:49:99:ad:e2:e9:f0:de:b0:15:9e:52:9a:bf: 43:48:bc:dc:c2:75:d7:5e:6e:b7:61:9a:72:b1:ce:b7:b2:80: 16:9c:f4:2f:28:8d:da:f2:54:71:4f:31:0a:97:b8:61:0f:e9: 7a:fc:3c:b0:01:e6:bc:bb:cb:6d:6f:d8:a1:ce:fb:a9:0f:a1: 68:ac:1f:6c:29:27:83:03:b9:7d:9f:bd:82:f4:1b:2e:d3:2a: 84:49:4e:f2:9e:a4:5b:c2:e6:d8:f6:f5:b1:bd:fc:58:88:26: e1:08:71:60:4c:59:85:39:d0:33:8e:1c:e7:1f:41:1f:44:68: ca:31:92:0d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdvKmiHYUhXu3/6EMy4+HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh MzdkMzMwHhcNMjUxMjI2MDcwMjA2WhcNMjUxMjI3MDcwMjA2WjAzMTEwLwYDVQQD EyhmMmJhN2JlMGYyOTVkZTc5MjQzODhhZDhmOTU5ZjdkNGE4NTczOTE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+prDxfwBK03OJJ4ak5WVeO84dmva T2HWxAdpSijZ/ERlnSZTKjR6fnqUm0wtAeNMgVC+pQMjI41X5bahk+Jd+myr/QNT kVuqJxDG16pJaojuHvs34lRSO3cKq6iYz1CSqJFeuUIFAXNogrpGGXLWf/kfdAsa z8eDwEPDeFn/Hv65DJwyDGtUvdwAjzY+966vIUUEepoQ30kuGLkBe8yeY3JzIZFk JZiofdvoGuas5B1AGJUyx/Fev1tFFQlWK7hvgYzLQC+cTL4+P5uRlsykbDzESoX/ NuFxe489vEkRUClwAZ9qkv6/p64oHBGf3SQ+RBHEcW7kJsNNyZgRbVtKgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPK6e+Dyld55JDiK2PlZ99SoVzkZMB8GA1UdIwQY MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUXHdTYxE t2pvb1lHW63q30z2t9eWnf7/9vUt6pIraDL5cS1je+uBTrlDA1LldnjsuuaMCvJl whREEX6+XtnJB/aAB27Rz/pOZaAJxL1qJD9o+BZwHVjt95UZazqpgjUNd+v5XnXd qzFUrTQKQBzbAqrp9uO+oFjD8BF286RPlFn8WKpJma3i6fDesBWeUpq/Q0i83MJ1 115ut2GacrHOt7KAFpz0LyiN2vJUcU8xCpe4YQ/pevw8sAHmvLvLbW/Yoc77qQ+h aKwfbCkngwO5fZ+9gvQbLtMqhElO8p6kW8Lm2Pb1sb38WIgm4QhxYExZhTnQM44c 5x9BH0RoyjGSDQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:01:05 2025 by rpki-client