This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft File: MtYmm4lSBJZffsl_Gdi12ckwt40.mft (raw, json) Hash identifier: XL8vhip40ltIeKTiMYD+YRFqMZreS6T6P/9mv7DIp+w= Subject key identifier: FB:F4:AE:4B:08:DD:95:A3:48:30:1F:66:3A:EB:36:5A:ED:42:83:A4 Authority key identifier: 32:D6:26:9B:89:52:04:96:5F:7E:C9:7F:19:D8:B5:D9:C9:30:B7:8D Certificate issuer: /CN=32d6269b895204965f7ec97f19d8b5d9c930b78d Certificate serial: 019AF12D55E94207FB3F481E677EDE7C3D8A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft Manifest number: 0215 Signing time: Sat 06 Dec 2025 01:01:11 +0000 Manifest this update: Sat 06 Dec 2025 01:01:11 +0000 Manifest next update: Sun 07 Dec 2025 01:01:11 +0000 Files and hashes: 1: MtYmm4lSBJZffsl_Gdi12ckwt40.crl (hash: eFe/GGe7Eo2J7+QTC4nvxw8yguaFrPsdkNbKrejeivY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:55:e9:42:07:fb:3f:48:1e:67:7e:de:7c:3d:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32d6269b895204965f7ec97f19d8b5d9c930b78d Validity Not Before: Dec 6 01:01:11 2025 GMT Not After : Dec 7 01:01:11 2025 GMT Subject: CN=fbf4ae4b08dd95a348301f663aeb365aed4283a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:3f:82:64:7c:f3:75:ad:64:f5:cf:7a:de:09: bd:78:d4:d1:55:f9:27:1e:ba:82:06:02:8a:d6:b6: dd:83:67:f2:b3:85:8f:0b:01:82:c3:9f:71:d2:94: 75:96:20:8c:e0:71:91:39:16:bf:31:32:39:20:19: d3:bb:71:58:06:60:12:c0:74:76:c8:74:ea:6b:bd: ca:92:d6:32:59:39:94:24:c5:7a:fe:26:ac:12:60: 4c:d6:8b:b2:55:00:48:27:72:82:80:74:06:a9:db: 8d:84:2f:0c:98:d9:4f:d3:e8:77:c1:00:4f:c4:7d: 0e:c0:cd:24:ee:29:d8:ec:22:e0:cb:a7:9f:e8:ae: b6:ee:53:90:3b:c1:ed:5f:fc:d4:34:a9:f2:6b:3b: 06:09:d1:5c:7f:c7:6f:e1:d1:b0:a8:ea:e1:41:f7: 9d:d5:01:97:92:4a:52:0b:5b:8e:0d:76:74:74:6f: 74:27:ae:98:b8:c4:3b:18:30:ae:11:eb:30:1f:3b: fd:ba:aa:1a:36:3a:7c:ff:a5:87:50:6f:5b:1b:48: d0:fa:b5:19:20:7c:4c:0e:c4:ef:34:05:12:f7:c0: 1e:bc:55:7e:fa:d8:d8:3a:73:00:dd:2a:0d:a0:61: 5e:aa:62:d3:75:f0:28:3c:99:33:ee:06:40:09:15: d6:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:F4:AE:4B:08:DD:95:A3:48:30:1F:66:3A:EB:36:5A:ED:42:83:A4 X509v3 Authority Key Identifier: keyid:32:D6:26:9B:89:52:04:96:5F:7E:C9:7F:19:D8:B5:D9:C9:30:B7:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtYmm4lSBJZffsl_Gdi12ckwt40.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e7277e-f8db-4e32-bddd-9815249aadef/1/MtYmm4lSBJZffsl_Gdi12ckwt40.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b0:b9:7e:dc:8d:9c:f4:de:06:1a:6a:50:67:0e:78:52:78:a3: 23:1a:57:80:99:25:ac:d9:91:fa:65:f1:08:0a:7b:89:57:3e: 35:e1:b2:ca:5e:07:4d:35:2a:3d:ef:23:34:da:e3:1d:a2:fd: ee:0c:65:b6:f9:a9:09:96:1e:9b:67:f7:3e:5b:11:63:f7:f2: d2:1d:2f:0a:ab:58:6e:37:41:6a:7f:c5:bb:ce:dd:df:7d:80: a2:e3:8b:ac:0e:fa:0a:93:2c:b7:bd:04:33:1c:5d:43:3f:b8: 91:e2:5a:ed:5b:df:da:fc:7c:71:58:9b:52:3b:12:44:0d:ed: df:bc:75:f0:91:38:c4:ac:53:8c:92:9c:30:2a:aa:37:a2:15: 7c:20:12:ca:e6:3f:ee:6f:cc:f7:e5:14:1d:01:1a:51:cf:3d: fa:83:16:35:9c:60:bc:61:25:47:c4:09:93:7f:c8:bb:72:f0: a8:20:0f:ff:4f:11:23:52:fb:4e:99:fd:f5:62:71:dd:c9:51: 10:4c:6c:ba:46:e1:47:d9:db:ff:a5:d1:bb:c9:a3:ad:97:5d: 93:d6:86:3c:b8:96:b4:83:e4:eb:86:74:49:a9:a2:d4:10:f1: 6f:f8:32:76:88:65:72:cb:47:22:30:73:15:58:a3:7a:04:96: 02:a2:d7:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLVXpQgf7P0geZ37efD2KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyZDYyNjliODk1MjA0OTY1ZjdlYzk3ZjE5ZDhiNWQ5Yzkz MGI3OGQwHhcNMjUxMjA2MDEwMTExWhcNMjUxMjA3MDEwMTExWjAzMTEwLwYDVQQD EyhmYmY0YWU0YjA4ZGQ5NWEzNDgzMDFmNjYzYWViMzY1YWVkNDI4M2E0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT+CZHzzda1k9c963gm9eNTRVfkn HrqCBgKK1rbdg2fys4WPCwGCw59x0pR1liCM4HGRORa/MTI5IBnTu3FYBmASwHR2 yHTqa73KktYyWTmUJMV6/iasEmBM1ouyVQBIJ3KCgHQGqduNhC8MmNlP0+h3wQBP xH0OwM0k7inY7CLgy6ef6K627lOQO8HtX/zUNKnyazsGCdFcf8dv4dGwqOrhQfed 1QGXkkpSC1uODXZ0dG90J66YuMQ7GDCuEeswHzv9uqoaNjp8/6WHUG9bG0jQ+rUZ IHxMDsTvNAUS98AevFV++tjYOnMA3SoNoGFeqmLTdfAoPJkz7gZACRXWPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPv0rksI3ZWjSDAfZjrrNlrtQoOkMB8GA1UdIwQY MBaAFDLWJpuJUgSWX37JfxnYtdnJMLeNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNzI3N2UtZjhkYi00ZTMyLWJkZGQt OTgxNTI0OWFhZGVmLzEvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9lNzI3N2UtZjhkYi00ZTMyLWJkZGQtOTgxNTI0OWFhZGVm LzEvTXRZbW00bFNCSlpmZnNsX0dkaTEyY2t3dDQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsLl+3I2c 9N4GGmpQZw54UnijIxpXgJklrNmR+mXxCAp7iVc+NeGyyl4HTTUqPe8jNNrjHaL9 7gxltvmpCZYem2f3PlsRY/fy0h0vCqtYbjdBan/Fu87d332AouOLrA76CpMst70E MxxdQz+4keJa7Vvf2vx8cVibUjsSRA3t37x18JE4xKxTjJKcMCqqN6IVfCASyuY/ 7m/M9+UUHQEaUc89+oMWNZxgvGElR8QJk3/Iu3LwqCAP/08RI1L7Tpn99WJx3clR EExsukbhR9nb/6XRu8mjrZddk9aGPLiWtIPk64Z0Sami1BDxb/gydohlcstHIjBz FVijegSWAqLXGw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:52:46 2025 by rpki-client