This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.mft File: MrG5Swc8VHmRwg-ELq3sFn7BnjQ.mft (raw, json) Hash identifier: QAOTZrEj12uNd1EFItrZXkTSLbQ4jypWNKdbO58S81I= Subject key identifier: A3:36:7D:72:AF:9B:BE:55:E6:1C:12:DC:1D:2E:AC:CB:5A:89:9D:C0 Authority key identifier: 32:B1:B9:4B:07:3C:54:79:91:C2:0F:84:2E:AD:EC:16:7E:C1:9E:34 Certificate issuer: /CN=32b1b94b073c547991c20f842eadec167ec19e34 Certificate serial: 019B4815A3A165A0182412C5E262B4C20F5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.mft Manifest number: 0404 Signing time: Mon 22 Dec 2025 22:02:16 +0000 Manifest this update: Mon 22 Dec 2025 22:02:16 +0000 Manifest next update: Tue 23 Dec 2025 22:02:16 +0000 Files and hashes: 1: HTiETFMnseisEeoALFIWItsK6gc.roa (hash: iulklaFZv7FQZ4kyFEEaoOlUffIGv7CCXTbtxR93AS4=) 2: MrG5Swc8VHmRwg-ELq3sFn7BnjQ.crl (hash: dEZiUrL23+2IgrSDT7PfwOkE3J8SthuB4hkleq7qsPg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.crl rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.mft rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:02:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:a3:a1:65:a0:18:24:12:c5:e2:62:b4:c2:0f:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32b1b94b073c547991c20f842eadec167ec19e34 Validity Not Before: Dec 22 22:02:16 2025 GMT Not After : Dec 23 22:02:16 2025 GMT Subject: CN=a3367d72af9bbe55e61c12dc1d2eaccb5a899dc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:21:cc:b2:9c:3c:9f:cf:5d:0d:4b:bd:5b:e1: 04:7d:86:8e:21:84:69:1d:90:bc:cd:ab:ee:a9:52: a4:0b:c0:e2:42:df:7d:33:fd:8a:c6:97:32:a6:97: 31:bd:c7:19:60:ad:7e:16:6c:c1:17:f8:65:a0:0a: bc:c0:45:24:74:6a:0e:df:43:09:d8:d2:a1:04:a3: 01:d2:00:11:3b:5a:98:79:53:af:b7:21:5a:b1:7b: 47:40:f7:97:66:6a:96:91:bf:04:82:6c:63:9d:1c: 05:ae:32:51:a0:44:ae:2c:f5:7d:8c:89:fd:54:77: f3:68:d8:fb:54:93:26:52:1a:bb:1d:2c:37:fb:29: 20:10:4d:97:71:01:22:8a:79:1e:36:a5:14:e5:80: 2f:a9:cf:ea:e0:e5:cf:5f:b0:bb:3c:99:54:7a:8b: 1f:64:5f:8d:1f:82:37:86:32:6e:2b:00:62:76:e6: 70:99:4f:36:81:43:3b:21:29:5d:6a:ff:e4:5c:59: df:3b:e9:e8:de:78:f3:dc:4c:84:0a:1d:61:8a:47: 8e:24:76:00:b7:1e:bd:13:c5:4c:6a:08:7c:ea:d5: 46:a3:23:17:95:2b:9c:a6:38:8a:c0:a9:7d:9c:2b: ed:74:ad:00:42:e5:ae:9a:af:2f:e4:0c:15:cd:92: fa:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:36:7D:72:AF:9B:BE:55:E6:1C:12:DC:1D:2E:AC:CB:5A:89:9D:C0 X509v3 Authority Key Identifier: keyid:32:B1:B9:4B:07:3C:54:79:91:C2:0F:84:2E:AD:EC:16:7E:C1:9E:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:ba:5d:8d:0a:43:df:7d:42:3f:91:9d:31:f5:93:92:73:98: 3c:19:22:66:c1:6a:8f:08:47:43:d8:dd:83:54:6c:15:08:75: f0:40:14:c1:1a:8f:8d:9a:aa:a6:b3:8e:15:4f:ed:a9:80:2b: 3c:34:4b:cc:d6:69:27:06:d5:57:4a:7d:ca:b5:cc:09:32:70: 85:01:28:37:8d:49:e3:8b:49:41:c7:b0:01:97:a4:27:83:9a: 41:ce:f3:e8:5a:11:c7:42:dc:13:34:3d:1b:0a:2b:f1:0b:37: 4b:42:c3:e7:7d:0b:66:51:21:13:79:dd:dd:b4:40:e4:30:2b: cd:c2:8a:22:00:4c:28:b4:30:d3:36:9a:a9:89:17:b8:ea:e8: 5a:1d:21:67:3e:18:71:87:9c:e5:bd:31:21:d7:8a:e9:ac:a6: e2:f7:20:11:96:37:a0:cc:c5:ae:9f:ed:6a:84:1d:e9:5f:ba: 8c:a2:f9:0a:b4:9d:d8:73:49:28:d1:6c:05:aa:c7:23:2d:f2: e9:73:c6:dc:32:ef:82:61:18:b5:a6:8c:47:42:d0:18:d5:ef: 70:cb:b7:21:d6:ad:7e:7b:87:1a:68:3f:a7:d7:60:3f:43:59: 07:06:b7:df:26:b6:8e:1d:73:d0:be:8d:22:53:04:70:7b:c1: ac:c6:02:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFaOhZaAYJBLF4mK0wg9eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyYjFiOTRiMDczYzU0Nzk5MWMyMGY4NDJlYWRlYzE2N2Vj MTllMzQwHhcNMjUxMjIyMjIwMjE2WhcNMjUxMjIzMjIwMjE2WjAzMTEwLwYDVQQD EyhhMzM2N2Q3MmFmOWJiZTU1ZTYxYzEyZGMxZDJlYWNjYjVhODk5ZGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyHMspw8n89dDUu9W+EEfYaOIYRp HZC8zavuqVKkC8DiQt99M/2KxpcyppcxvccZYK1+FmzBF/hloAq8wEUkdGoO30MJ 2NKhBKMB0gARO1qYeVOvtyFasXtHQPeXZmqWkb8EgmxjnRwFrjJRoESuLPV9jIn9 VHfzaNj7VJMmUhq7HSw3+ykgEE2XcQEiinkeNqUU5YAvqc/q4OXPX7C7PJlUeosf ZF+NH4I3hjJuKwBiduZwmU82gUM7ISldav/kXFnfO+no3njz3EyECh1hikeOJHYA tx69E8VMagh86tVGoyMXlSucpjiKwKl9nCvtdK0AQuWumq8v5AwVzZL6kQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKM2fXKvm75V5hwS3B0urMtaiZ3AMB8GA1UdIwQY MBaAFDKxuUsHPFR5kcIPhC6t7BZ+wZ40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXJHNVN3YzhWSG1Sd2ctRUxxM3NGbjdCbmpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYTIwNmUtMTc4OC00MzZiLTk3Mjgt YmVkNGI5OWE3YmI0LzEvTXJHNVN3YzhWSG1Sd2ctRUxxM3NGbjdCbmpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS8wYTIwNmUtMTc4OC00MzZiLTk3MjgtYmVkNGI5OWE3YmI0 LzEvTXJHNVN3YzhWSG1Sd2ctRUxxM3NGbjdCbmpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC7pdjQpD 331CP5GdMfWTknOYPBkiZsFqjwhHQ9jdg1RsFQh18EAUwRqPjZqqprOOFU/tqYAr PDRLzNZpJwbVV0p9yrXMCTJwhQEoN41J44tJQcewAZekJ4OaQc7z6FoRx0LcEzQ9 Gwor8Qs3S0LD530LZlEhE3nd3bRA5DArzcKKIgBMKLQw0zaaqYkXuOroWh0hZz4Y cYec5b0xIdeK6aym4vcgEZY3oMzFrp/taoQd6V+6jKL5CrSd2HNJKNFsBarHIy3y 6XPG3DLvgmEYtaaMR0LQGNXvcMu3IdatfnuHGmg/p9dgP0NZBwa33ya2jh1z0L6N IlMEcHvBrMYC/w== -----END CERTIFICATE-----Generated at Tue Dec 23 02:08:32 2025 by rpki-client