This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft File: mK9kDIIO61-8kigcYRRPEae9cH4.mft (raw, json) Hash identifier: hIQJBmYXTsz6ezDTIm6RKbIz0MHhZQq81BvNK3e/a6o= Subject key identifier: AC:3E:E8:99:CF:A0:3F:38:7D:DA:13:3E:79:D1:0F:82:75:4B:DC:68 Authority key identifier: 98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E Certificate issuer: /CN=98af640c820eeb5fbc92281c61144f11a7bd707e Certificate serial: 019AF31B79D75BF3B515377CE99C6FBAA906 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft Manifest number: 04B9 Signing time: Sat 06 Dec 2025 10:00:55 +0000 Manifest this update: Sat 06 Dec 2025 10:00:55 +0000 Manifest next update: Sun 07 Dec 2025 10:00:55 +0000 Files and hashes: 1: OWXYykmlPDxYaUK6ibOA62-hDng.roa (hash: x4BvE6J+LBS4eTxuz/ILECCYgRYsxbKFwFccG0CtiDI=) 2: mK9kDIIO61-8kigcYRRPEae9cH4.crl (hash: aiz3s9xUP4zA9DcKHHPpNH1ptjEiAnsXDd/XYb0OsK8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:79:d7:5b:f3:b5:15:37:7c:e9:9c:6f:ba:a9:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98af640c820eeb5fbc92281c61144f11a7bd707e Validity Not Before: Dec 6 10:00:55 2025 GMT Not After : Dec 7 10:00:55 2025 GMT Subject: CN=ac3ee899cfa03f387dda133e79d10f82754bdc68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:cb:53:14:de:18:18:4b:66:ea:bb:bc:09:e3: 0a:9a:d7:16:6e:24:ba:ac:6e:b5:92:ee:cf:18:f3: 26:95:72:cb:a2:6a:9e:3b:55:82:1f:c1:4c:d0:2f: d4:fd:dd:e1:d9:ca:f1:3e:3e:33:1c:02:42:14:5b: 32:78:25:c3:7b:87:4a:70:16:1e:03:e6:cd:57:19: a1:1a:c9:ad:95:65:1e:0d:4e:36:54:30:fd:ff:24: 6f:71:39:5b:95:b2:bb:cb:1b:8c:b4:9d:0b:80:e7: 39:f0:c7:a2:24:bb:90:76:80:3d:e2:6f:ac:9d:cc: 28:07:85:76:5e:e2:12:ee:e4:97:66:e6:48:d1:be: d8:84:51:24:c9:ad:f7:de:cd:9b:00:56:b2:c9:dc: 6a:ca:a2:b1:fd:12:fb:33:97:0c:ea:61:db:1f:dd: 75:27:13:eb:df:83:3c:65:ea:5c:ac:84:f6:2a:96: 57:2d:e9:cf:4a:d0:99:a3:03:2f:42:77:87:89:a4: 61:10:c1:90:7f:b2:4d:45:19:2c:00:b5:5f:5b:7c: af:57:5d:db:54:ac:46:f4:7f:11:34:4f:d4:73:d1: 4a:2b:f5:15:08:3e:18:eb:df:0a:9c:7e:60:c9:b1: bb:34:8e:4f:27:50:ac:89:e4:50:a7:c3:8a:f8:e0: 19:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:3E:E8:99:CF:A0:3F:38:7D:DA:13:3E:79:D1:0F:82:75:4B:DC:68 X509v3 Authority Key Identifier: keyid:98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:6a:e2:fc:24:53:ac:c6:10:d9:4d:e4:47:28:65:78:14:e1: 73:62:43:33:20:c4:fc:cd:36:db:03:43:33:87:61:bf:1e:97: 4c:6c:c5:71:28:d2:32:4b:c8:e6:60:c9:77:63:0d:bd:13:b2: 35:12:79:38:f2:a4:3b:a7:7f:57:cb:05:24:e5:68:f3:a1:b0: 69:5e:24:75:7f:2f:ba:80:46:da:f8:4a:f0:11:27:ae:4b:f8: 3a:78:1a:b3:3e:b1:e4:2f:c4:22:57:ad:30:5f:37:63:2e:27: 0b:91:98:4a:09:3b:4b:a4:2c:cb:34:26:4b:c7:90:a6:2c:f3: ff:6e:a4:a7:79:cd:03:a0:f4:a9:4d:d7:fc:0a:cd:b2:7b:56: bd:95:a5:06:82:db:4a:ae:c1:46:d0:00:6d:e0:1d:f9:d0:79: 70:a8:a1:90:33:d7:e4:a8:ee:c8:f3:9b:33:83:2a:e7:0c:aa: aa:81:4e:82:d5:98:db:35:83:d4:0f:e3:0f:b1:5b:5e:4c:6c: e4:e0:d0:de:6d:f6:88:37:09:82:25:ac:f6:30:cf:43:d5:2c: 49:7d:b1:10:51:12:ea:4e:c6:26:6e:24:33:8b:7e:70:3d:66: c2:35:ea:c6:3a:31:26:a8:ca:f3:e1:03:97:15:4b:d6:eb:05: cf:19:e4:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG3nXW/O1FTd86ZxvuqkGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk4YWY2NDBjODIwZWViNWZiYzkyMjgxYzYxMTQ0ZjExYTdi ZDcwN2UwHhcNMjUxMjA2MTAwMDU1WhcNMjUxMjA3MTAwMDU1WjAzMTEwLwYDVQQD EyhhYzNlZTg5OWNmYTAzZjM4N2RkYTEzM2U3OWQxMGY4Mjc1NGJkYzY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAustTFN4YGEtm6ru8CeMKmtcWbiS6 rG61ku7PGPMmlXLLomqeO1WCH8FM0C/U/d3h2crxPj4zHAJCFFsyeCXDe4dKcBYe A+bNVxmhGsmtlWUeDU42VDD9/yRvcTlblbK7yxuMtJ0LgOc58MeiJLuQdoA94m+s ncwoB4V2XuIS7uSXZuZI0b7YhFEkya333s2bAFayydxqyqKx/RL7M5cM6mHbH911 JxPr34M8ZepcrIT2KpZXLenPStCZowMvQneHiaRhEMGQf7JNRRksALVfW3yvV13b VKxG9H8RNE/Uc9FKK/UVCD4Y698KnH5gybG7NI5PJ1CsieRQp8OK+OAZjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKw+6JnPoD84fdoTPnnRD4J1S9xoMB8GA1UdIwQY MBaAFJivZAyCDutfvJIoHGEUTxGnvXB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYt ZWNhYjcwZWYzMmRhLzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYtZWNhYjcwZWYzMmRh LzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsWri/CRT rMYQ2U3kRyhleBThc2JDMyDE/M022wNDM4dhvx6XTGzFcSjSMkvI5mDJd2MNvROy NRJ5OPKkO6d/V8sFJOVo86GwaV4kdX8vuoBG2vhK8BEnrkv4Ongasz6x5C/EIlet MF83Yy4nC5GYSgk7S6QsyzQmS8eQpizz/26kp3nNA6D0qU3X/ArNsntWvZWlBoLb Sq7BRtAAbeAd+dB5cKihkDPX5KjuyPObM4Mq5wyqqoFOgtWY2zWD1A/jD7FbXkxs 5ODQ3m32iDcJgiWs9jDPQ9UsSX2xEFES6k7GJm4kM4t+cD1mwjXqxjoxJqjK8+ED lxVL1usFzxnk0Q== -----END CERTIFICATE-----Generated at Sat Dec 6 17:51:37 2025 by rpki-client