This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft File: mlCFOiSox2IjTokTpKWymFwzHa0.mft (raw, json) Hash identifier: cp3zMLnJKQdvjXUPKpX8Zsn8IIDiWr9tGkhioCoUGd8= Subject key identifier: D3:7E:7D:42:77:B7:5D:1B:8E:78:5A:DD:67:BF:79:90:E1:62:4B:F0 Authority key identifier: 9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD Certificate issuer: /CN=9a50853a24a8c762234e8913a4a5b2985c331dad Certificate serial: 019B19BB6516D66F84D63E376D44C71FE273 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft Manifest number: 1536 Signing time: Sat 13 Dec 2025 22:01:10 +0000 Manifest this update: Sat 13 Dec 2025 22:01:10 +0000 Manifest next update: Sun 14 Dec 2025 22:01:10 +0000 Files and hashes: 1: mlCFOiSox2IjTokTpKWymFwzHa0.crl (hash: F44MMWoUly5lWYFPH8Xdg5/z9WvLmrAHsHL7oGkLOq0=) 2: wrVdtsFJg-xxcwL89uUP6qnVtLk.roa (hash: Y5fuW3nl7fba2JKNfboUC/pVBV59jurhYdqhnS+frGI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 22:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bb:65:16:d6:6f:84:d6:3e:37:6d:44:c7:1f:e2:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a50853a24a8c762234e8913a4a5b2985c331dad Validity Not Before: Dec 13 22:01:10 2025 GMT Not After : Dec 14 22:01:10 2025 GMT Subject: CN=d37e7d4277b75d1b8e785add67bf7990e1624bf0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:85:1b:12:5c:41:7a:91:13:fa:8d:49:2b:01: 0b:e7:68:d2:41:db:26:23:7f:7e:67:6c:12:95:7d: 21:25:01:99:4c:c1:05:cb:4a:87:51:1b:5d:29:36: b1:fb:7b:7b:93:b1:33:41:89:76:6c:5f:80:3c:0c: 12:a5:39:37:57:51:a4:4a:9b:e6:a8:76:48:e1:52: e6:0f:23:18:70:93:8f:77:c8:77:5b:86:d8:b7:18: 0d:82:18:02:45:11:5e:30:f3:e4:ae:46:4b:3d:88: e2:a3:dd:7c:3f:db:fa:b5:4b:d8:1b:24:77:64:29: 58:0f:07:be:bd:96:54:aa:58:42:a6:c9:04:d3:70: 07:41:51:a3:01:2d:d0:ce:1e:d2:ac:93:14:04:3b: 73:73:75:4f:53:8a:2f:20:dc:40:2e:71:65:67:35: 27:75:18:ee:ca:f2:5d:6c:98:1f:a9:7b:30:07:03: 5e:13:7e:3e:83:ed:b9:c0:4c:52:4f:b7:66:e0:13: b1:77:f2:64:b4:f3:f3:7c:10:b5:11:6c:86:f3:64: cf:0b:16:85:18:c9:ab:7c:49:b0:f4:43:50:22:24: e7:c5:26:2d:e8:85:ea:75:c0:be:03:20:3b:22:72: fa:9e:42:ea:c4:bd:23:65:0a:af:2c:a0:14:42:4f: 23:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:7E:7D:42:77:B7:5D:1B:8E:78:5A:DD:67:BF:79:90:E1:62:4B:F0 X509v3 Authority Key Identifier: keyid:9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:26:b1:54:de:0d:23:b4:12:c1:4c:69:75:31:7d:6b:98:1b: 45:03:61:e6:22:82:37:6e:35:68:23:1a:eb:1f:96:54:ba:e8: f1:64:e4:72:42:e4:5d:72:1f:21:bc:d2:80:b9:41:31:6a:ad: bd:92:e6:be:15:09:af:86:dc:c4:6b:20:79:e8:7e:27:9a:05: 9e:6d:85:58:1a:f9:28:5a:a1:33:b8:37:7b:05:ce:21:4f:7a: 68:04:f1:37:55:d7:12:fd:41:26:51:42:1f:ce:66:10:51:49: a0:ab:3c:ed:a1:83:64:76:4d:91:cc:55:e3:b5:d6:b8:91:9d: 2c:39:32:38:0b:89:ab:cd:26:cf:c3:54:99:36:fe:7a:98:11: 6b:04:41:1d:06:e4:bd:49:36:cf:0c:fd:b0:97:19:72:91:18: c0:3a:ed:3a:f4:16:15:36:68:f2:58:9a:69:c0:07:30:3e:f3: f3:52:1a:97:30:91:2f:f1:b3:b4:13:9c:a0:67:54:d1:9e:18: 5b:a9:7e:6e:20:5f:7b:1e:df:11:34:34:55:e4:9a:c9:2b:2a: 32:3c:a1:44:26:bc:73:1a:23:01:9d:58:cc:63:60:cd:31:bd: 56:32:00:b9:ef:63:df:49:f2:b3:6b:39:ed:4f:a1:13:5b:74: c5:49:46:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZu2UW1m+E1j43bUTHH+JzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhNTA4NTNhMjRhOGM3NjIyMzRlODkxM2E0YTViMjk4NWMz MzFkYWQwHhcNMjUxMjEzMjIwMTEwWhcNMjUxMjE0MjIwMTEwWjAzMTEwLwYDVQQD EyhkMzdlN2Q0Mjc3Yjc1ZDFiOGU3ODVhZGQ2N2JmNzk5MGUxNjI0YmYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYUbElxBepET+o1JKwEL52jSQdsm I39+Z2wSlX0hJQGZTMEFy0qHURtdKTax+3t7k7EzQYl2bF+APAwSpTk3V1GkSpvm qHZI4VLmDyMYcJOPd8h3W4bYtxgNghgCRRFeMPPkrkZLPYjio918P9v6tUvYGyR3 ZClYDwe+vZZUqlhCpskE03AHQVGjAS3Qzh7SrJMUBDtzc3VPU4ovINxALnFlZzUn dRjuyvJdbJgfqXswBwNeE34+g+25wExST7dm4BOxd/JktPPzfBC1EWyG82TPCxaF GMmrfEmw9ENQIiTnxSYt6IXqdcC+AyA7InL6nkLqxL0jZQqvLKAUQk8j4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNN+fUJ3t10bjnha3We/eZDhYkvwMB8GA1UdIwQY MBaAFJpQhTokqMdiI06JE6SlsphcMx2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgt ODhiNThkMDJiMmExLzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgtODhiNThkMDJiMmEx LzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyaxVN4N I7QSwUxpdTF9a5gbRQNh5iKCN241aCMa6x+WVLro8WTkckLkXXIfIbzSgLlBMWqt vZLmvhUJr4bcxGsgeeh+J5oFnm2FWBr5KFqhM7g3ewXOIU96aATxN1XXEv1BJlFC H85mEFFJoKs87aGDZHZNkcxV47XWuJGdLDkyOAuJq80mz8NUmTb+epgRawRBHQbk vUk2zwz9sJcZcpEYwDrtOvQWFTZo8liaacAHMD7z81IalzCRL/GztBOcoGdU0Z4Y W6l+biBfex7fETQ0VeSaySsqMjyhRCa8cxojAZ1YzGNgzTG9VjIAue9j30nys2s5 7U+hE1t0xUlGyg== -----END CERTIFICATE-----Generated at Sun Dec 14 07:44:31 2025 by rpki-client