This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft File: MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft (raw, json) Hash identifier: 2prxSdPVd2crvrD+rPDcqwOlCAc4ZvP0En+onqNchWk= Subject key identifier: 84:13:83:71:5B:B6:A0:04:51:9C:DC:8D:01:DF:FD:89:16:A3:DB:F6 Authority key identifier: 30:25:FD:33:9A:A6:45:04:F2:89:A0:0C:41:73:C5:5A:00:02:EB:44 Certificate issuer: /CN=3025fd339aa64504f289a00c4173c55a0002eb44 Certificate serial: 019B41DBB078C976AD28BDF73C2EF127BE5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft Manifest number: 1153 Signing time: Sun 21 Dec 2025 17:01:15 +0000 Manifest this update: Sun 21 Dec 2025 17:01:15 +0000 Manifest next update: Mon 22 Dec 2025 17:01:15 +0000 Files and hashes: 1: DPz87dZS9HseddW8gbD-vS7fq9g.roa (hash: 4BW75SF0KzzzYTTCKr54E2E3BA1EBeDyvFumW+QYO5M=) 2: MCX9M5qmRQTyiaAMQXPFWgAC60Q.crl (hash: CFnKM5SKnC7zlSb5Pw2Reszy/O1Ua79JkwASj/OPKUE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:db:b0:78:c9:76:ad:28:bd:f7:3c:2e:f1:27:be:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3025fd339aa64504f289a00c4173c55a0002eb44 Validity Not Before: Dec 21 17:01:15 2025 GMT Not After : Dec 22 17:01:15 2025 GMT Subject: CN=841383715bb6a004519cdc8d01dffd8916a3dbf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a1:8d:d2:3c:09:96:24:26:84:ba:27:35:d3: 31:eb:74:fe:d5:c8:b7:35:43:c2:83:97:52:4a:9c: 0a:50:b5:67:e4:89:70:aa:d7:f4:42:a2:61:08:2d: ca:cf:3e:03:b2:52:d2:1a:55:4a:9b:90:22:e9:e2: 58:2e:2c:ba:d6:bf:ec:a0:86:5a:40:12:c5:b8:be: 8b:8e:77:7f:bd:d8:64:33:ef:46:e5:51:68:bd:76: bf:0c:b8:4f:3b:4a:4c:a9:16:20:79:18:f8:5c:32: 0b:9d:76:2c:c2:f9:c6:ae:92:9d:5f:e5:cb:c7:a9: 6c:fd:1e:58:d6:88:c4:54:98:73:66:8d:95:c7:08: 15:ef:60:98:45:95:fc:4a:56:6b:3d:8c:53:b2:9d: 9d:19:93:27:d5:64:e2:7f:b0:e0:7c:15:2f:48:95: a4:28:18:a0:d8:61:5e:63:f8:9d:bb:d3:38:c8:1f: bf:fe:99:ca:68:c3:40:b7:6a:22:0c:0b:1d:d2:e0: 35:36:d1:f8:8d:32:25:59:66:f7:4f:1e:7a:72:d6: ea:db:89:6b:ed:57:31:25:3d:c3:f4:30:15:ad:a9: ac:95:17:3d:91:a2:a4:81:4e:c3:27:ee:e9:15:e2: fa:b3:12:82:af:c0:da:e1:e3:85:55:a4:d7:be:c4: 06:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:13:83:71:5B:B6:A0:04:51:9C:DC:8D:01:DF:FD:89:16:A3:DB:F6 X509v3 Authority Key Identifier: keyid:30:25:FD:33:9A:A6:45:04:F2:89:A0:0C:41:73:C5:5A:00:02:EB:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:11:1b:12:a4:4f:36:8d:60:93:73:68:66:ab:f4:a3:9f:dc: 0a:72:c4:ba:9c:b8:5f:96:be:01:2c:31:cc:06:22:18:15:83: d2:34:ee:dd:2a:05:87:c4:01:36:de:52:48:6e:08:23:62:3c: 9e:d4:77:66:06:cc:55:1e:78:7a:93:1e:42:87:5e:a0:2f:bc: 3b:90:9a:dc:04:54:42:13:e6:98:8a:6d:01:c6:de:55:2e:db: 96:1e:6f:9c:ce:6a:b5:d4:11:41:51:85:7b:32:62:1e:16:bb: f7:b2:5b:13:1b:4f:5a:8e:27:37:6a:e7:d3:39:85:ee:83:37: b5:8a:31:8a:e7:25:da:91:34:37:45:2d:57:6e:5e:1c:2b:0c: 54:7a:a4:94:db:a0:34:01:2c:e3:31:06:ab:fe:80:ec:65:51: 11:3f:85:ce:9b:f8:2b:b4:72:12:6b:f6:19:31:a2:39:e0:82: 25:87:27:a1:5e:eb:16:50:68:c5:48:58:e4:00:ba:ec:3c:16: d7:cb:b5:1b:e4:66:c1:7c:0a:b3:6f:dd:4d:64:35:3c:6a:5d: 59:6e:8b:b4:44:9e:3e:aa:60:f8:f7:a8:d7:34:c5:2d:78:24: 32:e1:f6:5a:86:bd:f5:ba:76:76:84:28:c7:0f:7d:20:f9:cd: c8:58:d0:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtB27B4yXatKL33PC7xJ75bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwMjVmZDMzOWFhNjQ1MDRmMjg5YTAwYzQxNzNjNTVhMDAw MmViNDQwHhcNMjUxMjIxMTcwMTE1WhcNMjUxMjIyMTcwMTE1WjAzMTEwLwYDVQQD Eyg4NDEzODM3MTViYjZhMDA0NTE5Y2RjOGQwMWRmZmQ4OTE2YTNkYmY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaGN0jwJliQmhLonNdMx63T+1ci3 NUPCg5dSSpwKULVn5Ilwqtf0QqJhCC3Kzz4DslLSGlVKm5Ai6eJYLiy61r/soIZa QBLFuL6Ljnd/vdhkM+9G5VFovXa/DLhPO0pMqRYgeRj4XDILnXYswvnGrpKdX+XL x6ls/R5Y1ojEVJhzZo2VxwgV72CYRZX8SlZrPYxTsp2dGZMn1WTif7DgfBUvSJWk KBig2GFeY/idu9M4yB+//pnKaMNAt2oiDAsd0uA1NtH4jTIlWWb3Tx56ctbq24lr 7VcxJT3D9DAVramslRc9kaKkgU7DJ+7pFeL6sxKCr8Da4eOFVaTXvsQG+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIQTg3FbtqAEUZzcjQHf/YkWo9v2MB8GA1UdIwQY MBaAFDAl/TOapkUE8omgDEFzxVoAAutEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YTUyM2ItNzI0NC00MjJkLTkwMDQt YzRhYTlkYjFhYmI1LzEvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy80YTUyM2ItNzI0NC00MjJkLTkwMDQtYzRhYTlkYjFhYmI1 LzEvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxEbEqRP No1gk3NoZqv0o5/cCnLEupy4X5a+ASwxzAYiGBWD0jTu3SoFh8QBNt5SSG4II2I8 ntR3ZgbMVR54epMeQodeoC+8O5Ca3ARUQhPmmIptAcbeVS7blh5vnM5qtdQRQVGF ezJiHha797JbExtPWo4nN2rn0zmF7oM3tYoxiucl2pE0N0UtV25eHCsMVHqklNug NAEs4zEGq/6A7GVRET+Fzpv4K7RyEmv2GTGiOeCCJYcnoV7rFlBoxUhY5AC67DwW 18u1G+RmwXwKs2/dTWQ1PGpdWW6LtESePqpg+Peo1zTFLXgkMuH2Woa99bp2doQo xw99IPnNyFjQvw== -----END CERTIFICATE-----Generated at Sun Dec 21 19:31:17 2025 by rpki-client