This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft File: mNtTOItvp7HlovTGhjq3Hxz7VRI.mft (raw, json) Hash identifier: UbGDBLoiHc5HMzJ920Gd5IGL7cKTqysWEcP2IEdkfb0= Subject key identifier: 58:CB:05:66:32:B1:78:6D:CC:36:EE:B7:97:6B:98:D2:03:F9:2A:AA Authority key identifier: 98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12 Certificate issuer: /CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512 Certificate serial: 019AF31D54F545E84EF5F5F921DF8512460E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft Manifest number: 0468 Signing time: Sat 06 Dec 2025 10:02:56 +0000 Manifest this update: Sat 06 Dec 2025 10:02:56 +0000 Manifest next update: Sun 07 Dec 2025 10:02:56 +0000 Files and hashes: 1: mNtTOItvp7HlovTGhjq3Hxz7VRI.crl (hash: 08ASGS5SvGWfTzSzThnIhoiSQ7gnitM88DciLeiZ10o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:54:f5:45:e8:4e:f5:f5:f9:21:df:85:12:46:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512 Validity Not Before: Dec 6 10:02:56 2025 GMT Not After : Dec 7 10:02:56 2025 GMT Subject: CN=58cb056632b1786dcc36eeb7976b98d203f92aaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:fd:29:51:3f:b3:91:a3:a9:3f:3d:25:59:07: dc:56:61:d2:79:61:ba:19:f5:61:ff:28:72:0c:52: 2f:9c:66:d0:24:4a:5c:84:fb:f1:75:55:a4:eb:ca: 37:2f:06:92:e3:16:cd:08:81:0a:9b:3a:71:af:ec: 00:73:1d:7d:b3:6c:9d:48:2d:8f:db:0a:aa:d1:39: b9:9b:c0:32:12:70:3d:44:c1:5b:63:fc:2c:c6:0f: 36:17:ff:58:6e:07:2d:2d:2c:d5:8a:ed:37:50:6e: 71:8b:3a:f6:c5:af:0c:97:c7:61:2a:85:e5:8a:b3: a3:a8:b6:3f:3f:4b:55:9a:5c:c5:50:7b:55:28:52: fb:81:70:88:6c:b8:b3:b5:89:54:c3:ad:b2:f7:8b: 22:50:6f:79:c1:9b:7e:b1:70:95:35:07:50:06:a4: f1:59:68:56:f7:96:57:bb:1b:b8:66:d4:a9:af:ca: a1:3b:7b:9c:f8:1c:b6:b1:38:e7:23:63:86:bb:b2: 32:b9:a8:08:96:30:63:fd:8a:f4:50:8c:7c:e1:78: 10:26:07:71:9a:d0:81:1b:6e:35:1c:0b:4b:69:20: 56:24:39:cf:0a:6f:eb:20:a9:4c:be:45:d1:b9:24: d3:5c:41:b9:b2:26:27:d6:ca:d8:7e:aa:23:be:1f: 5b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:CB:05:66:32:B1:78:6D:CC:36:EE:B7:97:6B:98:D2:03:F9:2A:AA X509v3 Authority Key Identifier: keyid:98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:53:98:d2:1f:42:25:60:6c:39:e3:13:7c:e0:73:56:41:61: d2:7c:ee:8a:d6:45:69:4a:ee:c9:06:ec:85:c7:41:6a:2d:6b: c0:f1:83:65:ed:13:c5:5e:59:c8:16:17:96:71:29:0b:16:72: 47:64:9e:39:af:f9:3a:73:2a:9d:6f:e2:0f:88:da:ff:0b:8f: c4:29:89:24:49:59:a9:f5:a4:46:e5:87:81:95:e2:9c:cc:e7: 85:9c:bb:dc:38:4a:df:2e:b5:4d:80:85:e4:f5:ee:0c:53:fd: fd:12:19:34:60:f6:44:48:3f:5b:b6:1f:05:37:62:97:fe:67: cf:17:de:da:18:ad:b3:9a:bf:b1:d5:fb:f9:66:86:13:a7:31: 89:ef:d5:ff:bd:0d:22:77:6a:9a:59:97:38:d6:63:7f:42:83: 07:d1:b0:a9:f8:ad:85:6d:9d:ea:28:39:2e:22:68:80:9f:5a: 8d:0f:a5:f0:52:bc:f7:b3:fa:bb:c9:6e:46:95:11:30:a6:55: 7c:0f:85:62:64:9a:62:6f:0e:f3:50:0b:23:81:17:32:a3:bd: 93:48:e0:00:6b:4e:c1:42:d8:3a:4e:15:09:19:b1:11:c1:ec: 43:e1:8b:25:2b:32:1b:f8:fb:fc:f9:4f:79:25:c6:b4:16:a1: 3d:c4:16:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHVT1RehO9fX5Id+FEkYOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk4ZGI1MzM4OGI2ZmE3YjFlNWEyZjRjNjg2M2FiNzFmMWNm YjU1MTIwHhcNMjUxMjA2MTAwMjU2WhcNMjUxMjA3MTAwMjU2WjAzMTEwLwYDVQQD Eyg1OGNiMDU2NjMyYjE3ODZkY2MzNmVlYjc5NzZiOThkMjAzZjkyYWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv0pUT+zkaOpPz0lWQfcVmHSeWG6 GfVh/yhyDFIvnGbQJEpchPvxdVWk68o3LwaS4xbNCIEKmzpxr+wAcx19s2ydSC2P 2wqq0Tm5m8AyEnA9RMFbY/wsxg82F/9YbgctLSzViu03UG5xizr2xa8Ml8dhKoXl irOjqLY/P0tVmlzFUHtVKFL7gXCIbLiztYlUw62y94siUG95wZt+sXCVNQdQBqTx WWhW95ZXuxu4ZtSpr8qhO3uc+By2sTjnI2OGu7IyuagIljBj/Yr0UIx84XgQJgdx mtCBG241HAtLaSBWJDnPCm/rIKlMvkXRuSTTXEG5siYn1srYfqojvh9bEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFjLBWYysXhtzDbut5drmNID+SqqMB8GA1UdIwQY MBaAFJjbUziLb6ex5aL0xoY6tx8c+1USMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYt Yzc0NjdkYTJkYjYwLzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYtYzc0NjdkYTJkYjYw LzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAlOY0h9C JWBsOeMTfOBzVkFh0nzuitZFaUruyQbshcdBai1rwPGDZe0TxV5ZyBYXlnEpCxZy R2SeOa/5OnMqnW/iD4ja/wuPxCmJJElZqfWkRuWHgZXinMznhZy73DhK3y61TYCF 5PXuDFP9/RIZNGD2REg/W7YfBTdil/5nzxfe2hits5q/sdX7+WaGE6cxie/V/70N IndqmlmXONZjf0KDB9GwqfithW2d6ig5LiJogJ9ajQ+l8FK897P6u8luRpURMKZV fA+FYmSaYm8O81ALI4EXMqO9k0jgAGtOwULYOk4VCRmxEcHsQ+GLJSsyG/j7/PlP eSXGtBahPcQWBg== -----END CERTIFICATE-----Generated at Sat Dec 6 17:42:22 2025 by rpki-client