This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft File: vgMXYC-wyqOlEAaL2YnUba44TdI.mft (raw, json) Hash identifier: m0kkyStsYxpfBRzL5axYmJseHzSef13sAKwcXJogVYs= Subject key identifier: 63:05:86:E4:BD:DA:5B:EE:44:65:BC:EC:1B:F4:8D:B9:EA:C9:B5:14 Authority key identifier: BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2 Certificate issuer: /CN=be0317602fb0caa3a510068bd989d46dae384dd2 Certificate serial: 019B5B63DDEC1A4EC96FB7EDC9DBAEFF93DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft Manifest number: 040A Signing time: Fri 26 Dec 2025 16:00:30 +0000 Manifest this update: Fri 26 Dec 2025 16:00:30 +0000 Manifest next update: Sat 27 Dec 2025 16:00:30 +0000 Files and hashes: 1: vgMXYC-wyqOlEAaL2YnUba44TdI.crl (hash: bx0xI72M5cyQTgm7qjl/WK/Rahuj2Hz8eYho65ZI30E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:63:dd:ec:1a:4e:c9:6f:b7:ed:c9:db:ae:ff:93:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=be0317602fb0caa3a510068bd989d46dae384dd2 Validity Not Before: Dec 26 16:00:30 2025 GMT Not After : Dec 27 16:00:30 2025 GMT Subject: CN=630586e4bdda5bee4465bcec1bf48db9eac9b514 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:aa:a3:44:40:51:53:cd:0c:8d:4d:d7:7e:66: 10:37:e5:7a:05:bc:c3:5a:31:51:d4:4a:3e:fb:23: be:62:6f:4b:50:e7:c5:18:08:ca:98:b0:ab:3e:00: f7:49:65:91:5b:f0:63:c1:f2:55:6b:6f:ac:86:97: 94:32:6c:0a:15:f3:6f:56:05:52:62:71:9e:d3:5a: 59:4d:45:e3:9c:3a:e2:7b:83:e8:7d:a8:9c:15:35: 71:96:2b:1b:6f:5f:1d:9f:ba:40:50:35:3c:a0:8d: 79:82:f9:67:55:ab:07:47:b3:b7:54:62:97:92:14: 83:6b:90:c8:ab:a3:f3:f4:01:72:11:5b:46:31:c6: 1a:54:ad:9e:d0:61:7f:ad:00:f0:44:f6:37:78:a3: ab:c1:38:8e:0a:c4:74:78:d4:99:29:5f:30:94:bb: 39:fc:d1:cd:f3:3b:11:cd:20:76:22:74:7b:fd:45: 0f:ee:35:9a:b2:08:6c:b1:53:ac:94:32:d7:39:6f: 29:e7:d3:fb:39:d1:d4:b8:2e:39:1f:cc:ea:13:2e: ec:d4:1d:58:e3:4b:3e:64:a1:55:05:f8:ca:3c:6f: 48:79:9c:4c:81:d5:45:91:3c:3a:fc:8a:8f:2b:7b: 1d:68:61:9f:99:55:aa:c5:76:a6:3f:5c:06:84:13: a2:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:05:86:E4:BD:DA:5B:EE:44:65:BC:EC:1B:F4:8D:B9:EA:C9:B5:14 X509v3 Authority Key Identifier: keyid:BE:03:17:60:2F:B0:CA:A3:A5:10:06:8B:D9:89:D4:6D:AE:38:4D:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgMXYC-wyqOlEAaL2YnUba44TdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/6bc113-89aa-45de-8895-14aaea208f25/1/vgMXYC-wyqOlEAaL2YnUba44TdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:38:0d:17:9e:42:91:a3:be:80:5f:08:96:c8:c0:65:62:15: 20:22:34:a5:48:e5:75:6f:65:e3:d5:19:e4:90:a3:27:17:75: 0d:70:27:90:3b:10:56:09:c6:ce:10:43:e9:2d:ad:ba:80:d6: b6:f5:f1:7a:ba:43:c2:3e:33:53:33:fb:46:94:e0:9f:6f:8b: fc:e0:19:9d:57:30:93:72:02:70:05:35:ea:96:57:a9:24:e3: 34:26:39:bb:db:ff:87:fd:82:32:f9:a8:a1:4a:8b:ef:2a:0f: 01:38:13:12:04:be:d3:bb:5c:a1:f3:04:d7:33:f7:9e:fd:f8: cb:4c:69:a8:87:42:11:71:3b:bd:17:ed:4c:8b:b2:28:5a:a6: 3a:19:c6:3d:c4:f5:b1:a2:1c:7e:81:ee:92:53:29:6c:19:17: d5:48:ed:8a:fa:da:4b:f8:57:4e:62:bb:25:e0:f5:1e:36:9e: 34:4d:19:f7:5d:00:c7:45:0f:b8:6b:59:8e:d1:4b:61:50:1c: b6:34:8b:3b:42:25:49:55:f1:a7:5c:f6:e2:3c:8d:e4:5d:f0: 56:dd:76:93:0d:97:b6:22:af:42:20:44:2b:9a:0d:8e:63:d5: 3a:68:1c:91:c6:ac:f6:f7:8d:f1:25:cd:69:a6:cd:72:9c:3c: a2:d8:c0:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtbY93sGk7Jb7ftyduu/5PdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJlMDMxNzYwMmZiMGNhYTNhNTEwMDY4YmQ5ODlkNDZkYWUz ODRkZDIwHhcNMjUxMjI2MTYwMDMwWhcNMjUxMjI3MTYwMDMwWjAzMTEwLwYDVQQD Eyg2MzA1ODZlNGJkZGE1YmVlNDQ2NWJjZWMxYmY0OGRiOWVhYzliNTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKqjREBRU80MjU3XfmYQN+V6BbzD WjFR1Eo++yO+Ym9LUOfFGAjKmLCrPgD3SWWRW/BjwfJVa2+shpeUMmwKFfNvVgVS YnGe01pZTUXjnDrie4PofaicFTVxlisbb18dn7pAUDU8oI15gvlnVasHR7O3VGKX khSDa5DIq6Pz9AFyEVtGMcYaVK2e0GF/rQDwRPY3eKOrwTiOCsR0eNSZKV8wlLs5 /NHN8zsRzSB2InR7/UUP7jWasghssVOslDLXOW8p59P7OdHUuC45H8zqEy7s1B1Y 40s+ZKFVBfjKPG9IeZxMgdVFkTw6/IqPK3sdaGGfmVWqxXamP1wGhBOinwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGMFhuS92lvuRGW87Bv0jbnqybUUMB8GA1UdIwQY MBaAFL4DF2AvsMqjpRAGi9mJ1G2uOE3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUt MTRhYWVhMjA4ZjI1LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi82YmMxMTMtODlhYS00NWRlLTg4OTUtMTRhYWVhMjA4ZjI1 LzEvdmdNWFlDLXd5cU9sRUFhTDJZblViYTQ0VGRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhzgNF55C kaO+gF8IlsjAZWIVICI0pUjldW9l49UZ5JCjJxd1DXAnkDsQVgnGzhBD6S2tuoDW tvXxerpDwj4zUzP7RpTgn2+L/OAZnVcwk3ICcAU16pZXqSTjNCY5u9v/h/2CMvmo oUqL7yoPATgTEgS+07tcofME1zP3nv34y0xpqIdCEXE7vRftTIuyKFqmOhnGPcT1 saIcfoHuklMpbBkX1UjtivraS/hXTmK7JeD1HjaeNE0Z910Ax0UPuGtZjtFLYVAc tjSLO0IlSVXxp1z24jyN5F3wVt12kw2XtiKvQiBEK5oNjmPVOmgckcas9veN8SXN aabNcpw8otjAIw== -----END CERTIFICATE-----Generated at Fri Dec 26 19:30:50 2025 by rpki-client