This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft File: mTFQMIBh3NrF2EZc-ITGejuxkVk.mft (raw, json) Hash identifier: qyEBz4ASvmsJfrTy8bhhHrr/WtNXzzOvayKzvTy04rw= Subject key identifier: C8:CD:CB:01:E1:7E:08:46:6F:D3:EC:1C:9F:0F:2C:87:54:1F:BF:79 Authority key identifier: 99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59 Certificate issuer: /CN=993150308061dcdac5d8465cf884c67a3bb19159 Certificate serial: 019B3BD924B599ABDA8AE939589E43403FA9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft Manifest number: 087C Signing time: Sat 20 Dec 2025 13:00:44 +0000 Manifest this update: Sat 20 Dec 2025 13:00:44 +0000 Manifest next update: Sun 21 Dec 2025 13:00:44 +0000 Files and hashes: 1: mTFQMIBh3NrF2EZc-ITGejuxkVk.crl (hash: WhltEsPEyMvxYwKq315qMnsEFenjRlNc2BJ0sCjf7BQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 13:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:d9:24:b5:99:ab:da:8a:e9:39:58:9e:43:40:3f:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993150308061dcdac5d8465cf884c67a3bb19159 Validity Not Before: Dec 20 13:00:44 2025 GMT Not After : Dec 21 13:00:44 2025 GMT Subject: CN=c8cdcb01e17e08466fd3ec1c9f0f2c87541fbf79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a2:49:04:ad:fd:a1:3d:f9:d1:01:0c:ac:30: 57:2f:78:3d:87:e5:88:24:c9:55:9b:92:37:ac:c5: 25:c4:f5:3f:cb:87:00:1f:66:f2:f7:62:43:9c:bc: 98:6b:31:1c:79:ce:a7:41:e1:6f:65:91:3d:18:10: 30:b0:a2:ad:f5:6f:9d:31:17:61:1f:42:e2:de:9e: ec:7e:12:b2:fb:a0:b0:dd:94:a8:51:b2:66:80:8c: e5:43:2f:8e:b2:62:fe:fc:0c:d6:12:f3:b8:4c:f0: b8:58:81:1a:38:d9:cc:3e:bb:c7:b5:d7:eb:ed:c1: e2:ce:90:7f:56:a7:7d:85:84:1e:98:9d:32:e7:73: 58:c4:9a:2a:ab:9e:4a:30:86:9f:9d:20:4e:ce:c9: 2c:ac:99:19:04:6a:e2:cd:c3:d4:de:e1:f3:f5:c4: 3a:b2:ff:85:40:0d:a5:7a:df:1e:7f:18:9c:7a:9a: 37:2b:67:46:a5:50:f2:58:3f:85:c9:71:ac:c7:e8: 81:9d:3a:8e:3f:03:08:b5:39:ea:61:01:66:b4:97: 82:7b:d1:77:90:e9:4e:98:33:14:99:92:ea:bc:8b: 98:f2:05:eb:50:4f:89:02:30:b3:59:3b:83:47:f5: f5:1a:3e:f0:2d:78:5d:a4:50:37:36:2b:9b:8a:41: f5:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:CD:CB:01:E1:7E:08:46:6F:D3:EC:1C:9F:0F:2C:87:54:1F:BF:79 X509v3 Authority Key Identifier: keyid:99:31:50:30:80:61:DC:DA:C5:D8:46:5C:F8:84:C6:7A:3B:B1:91:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTFQMIBh3NrF2EZc-ITGejuxkVk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8a845a-2669-4045-8d83-52b230ecacae/1/mTFQMIBh3NrF2EZc-ITGejuxkVk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:58:a6:f7:fb:81:96:b2:fd:78:65:a6:b6:19:84:33:ab:3c: 1e:1b:86:fd:c5:fb:9b:1f:e4:5f:6b:3f:e0:6c:64:9c:86:f0: 3e:40:68:ed:7b:96:d2:ef:e6:d1:65:2b:06:65:39:b7:a4:85: ae:67:ec:11:65:11:c4:cf:ea:72:3f:91:a6:66:b7:c7:7e:a8: d5:66:1a:4e:22:3e:05:d0:43:f1:55:d9:a0:24:49:c9:b4:05: 37:1a:07:d4:cf:d2:1a:0b:03:69:b7:f8:1d:22:2a:9e:c9:34: 6a:e2:15:0f:ea:fb:e2:10:d6:1f:43:1c:88:db:40:5e:1f:4c: b6:df:42:7e:d0:81:fb:a4:53:bf:64:81:9d:e3:b4:15:6f:51: fd:58:87:ba:17:03:41:ff:46:ad:c0:e4:8a:94:70:e4:2b:03: 04:e0:12:87:9a:cd:d8:17:0f:60:9b:85:8d:34:1f:3e:5b:ad: 89:04:06:e1:89:0c:8b:f8:d6:b0:28:fa:e9:85:59:e5:35:61: 2a:01:a0:a2:6a:a7:da:21:50:1e:44:a7:22:23:2a:8e:fe:a4: be:49:3d:95:51:04:f6:cf:7e:88:6d:4d:33:7d:f8:a8:a7:33: dc:9b:60:b7:5c:4e:40:e0:30:37:d5:6f:20:20:48:30:f0:21: 4d:ef:1a:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs72SS1mavaiuk5WJ5DQD+pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5MzE1MDMwODA2MWRjZGFjNWQ4NDY1Y2Y4ODRjNjdhM2Ji MTkxNTkwHhcNMjUxMjIwMTMwMDQ0WhcNMjUxMjIxMTMwMDQ0WjAzMTEwLwYDVQQD EyhjOGNkY2IwMWUxN2UwODQ2NmZkM2VjMWM5ZjBmMmM4NzU0MWZiZjc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6JJBK39oT350QEMrDBXL3g9h+WI JMlVm5I3rMUlxPU/y4cAH2by92JDnLyYazEcec6nQeFvZZE9GBAwsKKt9W+dMRdh H0Li3p7sfhKy+6Cw3ZSoUbJmgIzlQy+OsmL+/AzWEvO4TPC4WIEaONnMPrvHtdfr 7cHizpB/Vqd9hYQemJ0y53NYxJoqq55KMIafnSBOzsksrJkZBGrizcPU3uHz9cQ6 sv+FQA2let8efxicepo3K2dGpVDyWD+FyXGsx+iBnTqOPwMItTnqYQFmtJeCe9F3 kOlOmDMUmZLqvIuY8gXrUE+JAjCzWTuDR/X1Gj7wLXhdpFA3NiubikH15wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMjNywHhfghGb9PsHJ8PLIdUH795MB8GA1UdIwQY MBaAFJkxUDCAYdzaxdhGXPiExno7sZFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMt NTJiMjMwZWNhY2FlLzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS84YTg0NWEtMjY2OS00MDQ1LThkODMtNTJiMjMwZWNhY2Fl LzEvbVRGUU1JQmgzTnJGMkVaYy1JVEdlanV4a1ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVim9/uB lrL9eGWmthmEM6s8HhuG/cX7mx/kX2s/4GxknIbwPkBo7XuW0u/m0WUrBmU5t6SF rmfsEWURxM/qcj+Rpma3x36o1WYaTiI+BdBD8VXZoCRJybQFNxoH1M/SGgsDabf4 HSIqnsk0auIVD+r74hDWH0MciNtAXh9Mtt9CftCB+6RTv2SBneO0FW9R/ViHuhcD Qf9GrcDkipRw5CsDBOASh5rN2BcPYJuFjTQfPlutiQQG4YkMi/jWsCj66YVZ5TVh KgGgomqn2iFQHkSnIiMqjv6kvkk9lVEE9s9+iG1NM334qKcz3Jtgt1xOQOAwN9Vv ICBIMPAhTe8afA== -----END CERTIFICATE-----Generated at Sat Dec 20 20:31:37 2025 by rpki-client