This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft File: mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json) Hash identifier: thbwh95JOu4Jk6rtwuD20CpaEPGFq1gxaBMypUaSwNc= Subject key identifier: DD:33:17:D2:CA:4F:C7:67:08:56:6E:DD:03:87:5D:27:00:9F:4F:F4 Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59 Certificate issuer: /CN=993150308061dcdac5d8465cf884c67a3bb19159 Certificate serial: 019AF0885B063CC82FF1F0EF28E20340FE31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft Manifest number: 0855 Signing time: Fri 05 Dec 2025 22:00:59 +0000 Manifest this update: Fri 05 Dec 2025 22:00:59 +0000 Manifest next update: Sat 06 Dec 2025 22:00:59 +0000 Files and hashes: 1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: h2ryQFFEYNbpqe0GV6A9ic1+7F+lrKhonmafL4xIPb0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:5b:06:3c:c8:2f:f1:f0:ef:28:e2:03:40:fe:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159 Validity Not Before: Dec 5 22:00:59 2025 GMT Not After : Dec 6 22:00:59 2025 GMT Subject: CN=dd3317d2ca4fc76708566edd03875d27009f4ff4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:a8:cd:42:99:92:ee:b9:2c:60:c1:86:da:7d: 4e:89:bd:39:8e:f9:1c:7b:67:b8:9d:fd:0e:7c:3b: 1a:9b:cd:34:a3:a1:a5:fe:19:ce:26:2d:c6:cb:52: 43:a1:59:0c:32:41:79:8d:45:48:f2:af:20:7a:9e: 41:b2:6b:c1:96:59:0c:ba:d5:78:0e:a4:e0:61:68: 93:f4:ee:75:64:9c:ac:23:88:9e:94:4f:93:b0:05: f8:f5:de:ff:48:dd:b8:6c:d2:c7:80:58:6b:e3:83: 1a:68:8b:9e:97:02:93:03:33:e5:b4:4d:44:49:21: b0:6f:2e:e9:40:4d:24:7c:92:9a:6d:ae:37:c2:58: b6:94:08:f9:ab:29:76:42:a5:50:32:2e:bb:81:16: 24:85:ea:e1:f0:dd:58:58:b6:3f:b2:d0:4b:e0:5f: 16:5f:a2:34:77:f7:e6:85:15:83:b3:b8:2e:36:bd: 09:3d:6b:e6:2b:47:99:e6:c1:50:11:69:56:5d:3e: 1f:dc:f1:25:4c:fe:09:20:0d:8e:de:16:d1:59:68: e6:7f:46:24:c4:15:9d:13:7b:86:b6:3d:8d:5e:e4: 49:0c:aa:17:f0:93:a0:9e:ce:10:6c:17:1c:f9:b6: c8:1c:47:05:ff:fe:01:94:fd:fa:bc:3a:8e:5b:09: d3:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:33:17:D2:CA:4F:C7:67:08:56:6E:DD:03:87:5D:27:00:9F:4F:F4 X509v3 Authority Key Identifier: keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:c4:65:c4:08:53:9f:79:c8:b9:f5:49:31:6c:0c:70:36:84: e6:18:46:9d:8a:76:d0:97:e1:be:c0:43:09:bd:b8:aa:40:54: 93:78:ea:e7:7c:2e:52:3f:40:5a:3e:73:13:42:ed:16:8b:d5: ad:0c:1a:99:a9:ce:05:6f:b3:8b:4c:90:ec:c1:5f:c4:47:0a: 37:e0:02:84:57:e7:73:e6:95:15:a5:83:fd:3b:e7:c8:19:4e: 78:14:e2:00:62:87:70:16:12:36:6e:56:cc:14:d3:bb:86:fb: 30:32:1e:47:1e:e4:11:e0:86:13:c0:b8:1e:97:b0:ba:9a:33: 14:18:0f:29:22:0b:5e:cf:cd:f6:df:8c:c3:fe:90:ee:fd:3a: 09:af:0b:2d:6b:bf:a7:b5:34:62:6c:b6:83:37:aa:ff:a7:29: 4c:90:8f:c3:a0:1b:7b:9a:ce:0b:52:6d:db:f1:67:c9:4c:c5: ea:d4:85:9d:8d:53:0a:b4:98:10:cb:aa:5a:67:2c:7e:a3:01: 51:02:da:9b:b4:31:8a:84:bc:3d:a3:5e:9a:c3:c1:52:1d:c6: 7f:ef:8e:7c:6c:7b:0a:9e:73:c9:65:45:98:79:cb:1f:3b:29: 0e:c0:3f:88:21:a0:86:fe:1b:24:df:7f:f6:8e:a9:f0:33:ff: de:15:46:99 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiFsGPMgv8fDvKOIDQP4xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji MTkxNTkwHhcNMjUxMjA1MjIwMDU5WhcNMjUxMjA2MjIwMDU5WjAzMTEwLwYDVQQD EyhkZDMzMTdkMmNhNGZjNzY3MDg1NjZlZGQwMzg3NWQyNzAwOWY0ZmY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA86jNQpmS7rksYMGG2n1Oib05jvkc e2e4nf0OfDsam800o6Gl/hnOJi3Gy1JDoVkMMkF5jUVI8q8gep5BsmvBllkMutV4 DqTgYWiT9O51ZJysI4ielE+TsAX49d7/SN24bNLHgFhr44MaaIuelwKTAzPltE1E SSGwby7pQE0kfJKaba43wli2lAj5qyl2QqVQMi67gRYkherh8N1YWLY/stBL4F8W X6I0d/fmhRWDs7guNr0JPWvmK0eZ5sFQEWlWXT4f3PElTP4JIA2O3hbRWWjmf0Yk xBWdE3uGtj2NXuRJDKoX8JOgns4QbBcc+bbIHEcF//4BlP36vDqOWwnTYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN0zF9LKT8dnCFZu3QOHXScAn0/0MB8GA1UdIwQY MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOcRlxAhT n3nIufVJMWwMcDaE5hhGnYp20JfhvsBDCb24qkBUk3jq53wuUj9AWj5zE0LtFovV rQwamanOBW+zi0yQ7MFfxEcKN+AChFfnc+aVFaWD/TvnyBlOeBTiAGKHcBYSNm5W zBTTu4b7MDIeRx7kEeCGE8C4HpewupozFBgPKSILXs/N9t+Mw/6Q7v06Ca8LLWu/ p7U0Ymy2gzeq/6cpTJCPw6Abe5rOC1Jt2/FnyUzF6tSFnY1TCrSYEMuqWmcsfqMB UQLam7QxioS8PaNemsPBUh3Gf++OfGx7Cp5zyWVFmHnLHzspDsA/iCGghv4bJN9/ 9o6p8DP/3hVGmQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:25 2025 by rpki-client