This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft File: mK9kDIIO61-8kigcYRRPEae9cH4.mft (raw, json) Hash identifier: 7sdEOPXkaqHqiXRc7vs0VLWk9fDHeww0UjQO86eIODg= Subject key identifier: 90:7E:C3:DC:A7:FD:E3:C1:4F:0D:08:E9:DE:F0:8E:9F:75:74:E9:EE Authority key identifier: 98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E Certificate issuer: /CN=98af640c820eeb5fbc92281c61144f11a7bd707e Certificate serial: 019B2EFA904AF6596CDE889493C6733DC4F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft Manifest number: 04D8 Signing time: Thu 18 Dec 2025 01:02:11 +0000 Manifest this update: Thu 18 Dec 2025 01:02:11 +0000 Manifest next update: Fri 19 Dec 2025 01:02:11 +0000 Files and hashes: 1: OWXYykmlPDxYaUK6ibOA62-hDng.roa (hash: x4BvE6J+LBS4eTxuz/ILECCYgRYsxbKFwFccG0CtiDI=) 2: mK9kDIIO61-8kigcYRRPEae9cH4.crl (hash: SZ4OFZHAcNnwnbmBA3VO7FzWqJTA3OL1J1mNo2Q/U24=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:fa:90:4a:f6:59:6c:de:88:94:93:c6:73:3d:c4:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98af640c820eeb5fbc92281c61144f11a7bd707e Validity Not Before: Dec 18 01:02:11 2025 GMT Not After : Dec 19 01:02:11 2025 GMT Subject: CN=907ec3dca7fde3c14f0d08e9def08e9f7574e9ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:85:47:ee:37:42:e3:91:e2:ae:66:3f:f7:c7: 27:de:fb:de:04:b8:43:f4:3b:a7:60:b4:d7:d3:52: aa:74:72:87:cb:d6:12:e9:74:d3:ae:59:69:0c:3d: 2e:d5:71:80:16:8e:cf:72:5f:95:34:77:7d:94:b5: 91:56:9e:d0:85:4d:0e:6e:72:e6:f1:02:b8:73:a4: f4:25:3a:6a:9c:d0:84:9a:c3:dc:7e:90:e8:dc:cd: fe:a7:57:d6:cf:92:a5:db:3a:f1:a3:61:0b:e8:b5: dd:fd:51:7e:ca:ba:fc:08:29:52:f7:19:f3:34:ad: da:24:bf:36:5d:df:b0:9f:54:51:de:24:46:e5:c3: 57:c6:80:88:9f:08:c0:0a:20:7b:8d:f1:8f:7f:eb: ea:95:09:67:b1:e5:ad:a3:1a:fe:4c:92:a8:a7:aa: 4b:e9:87:41:d1:7e:2f:e9:44:78:52:cb:5b:26:b9: a6:44:64:a1:c3:0f:6c:46:6f:8c:c9:39:a5:19:24: b0:11:2a:66:64:aa:2d:72:9e:b9:64:e6:82:3e:99: 2a:f9:68:6f:29:22:e0:76:80:e3:4d:df:c5:a5:8f: 44:99:1a:47:38:5a:73:ab:9b:ee:0f:48:dc:e9:14: b0:bc:39:1d:9c:47:29:b0:1e:2a:c5:c4:ac:3b:72: 77:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:7E:C3:DC:A7:FD:E3:C1:4F:0D:08:E9:DE:F0:8E:9F:75:74:E9:EE X509v3 Authority Key Identifier: keyid:98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:7f:0e:ca:74:4c:80:8d:16:49:91:1a:f4:db:b4:67:01:7d: 47:6d:97:31:89:1b:88:32:4e:1d:3f:aa:fa:05:e9:5b:28:37: bb:7a:b7:d6:54:cc:d7:ef:91:e7:a5:13:da:44:8a:c6:d6:ba: 1b:5c:d6:03:9b:2a:42:03:6d:4a:6a:bb:53:5b:96:24:f5:1d: 9a:42:1f:d9:37:59:19:3b:e7:25:4c:48:34:f7:51:e3:24:7b: 28:6b:09:ad:cb:c3:76:84:a1:d1:18:dd:59:eb:c5:b4:5a:f7: e4:13:a2:c6:85:74:17:a2:e4:87:89:ef:8a:0c:40:41:13:11: bb:56:c1:98:a1:60:cb:d8:59:73:06:50:eb:53:bc:68:c4:4d: a5:52:d2:dc:ff:5a:53:97:c3:a8:1a:ee:24:f2:83:bb:a3:70: e8:60:54:8f:f3:7e:59:3d:09:6d:d2:9b:7c:92:7d:7a:b0:17: 98:2f:66:c4:f4:9b:77:63:77:be:2a:8c:d0:a5:d6:ac:52:76: 0d:0b:7d:3a:0e:cd:bf:70:be:33:86:b9:e8:ef:c1:a8:4f:6c: e4:6d:1b:05:89:57:c0:f7:4a:ba:33:d4:56:ca:0b:99:3e:28: d4:db:bf:6b:d0:a9:af:e8:05:c1:00:ef:5a:6c:eb:47:c4:0f: 18:27:3b:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+pBK9lls3oiUk8ZzPcTwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk4YWY2NDBjODIwZWViNWZiYzkyMjgxYzYxMTQ0ZjExYTdi ZDcwN2UwHhcNMjUxMjE4MDEwMjExWhcNMjUxMjE5MDEwMjExWjAzMTEwLwYDVQQD Eyg5MDdlYzNkY2E3ZmRlM2MxNGYwZDA4ZTlkZWYwOGU5Zjc1NzRlOWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oVH7jdC45HirmY/98cn3vveBLhD 9DunYLTX01KqdHKHy9YS6XTTrllpDD0u1XGAFo7Pcl+VNHd9lLWRVp7QhU0ObnLm 8QK4c6T0JTpqnNCEmsPcfpDo3M3+p1fWz5Kl2zrxo2EL6LXd/VF+yrr8CClS9xnz NK3aJL82Xd+wn1RR3iRG5cNXxoCInwjACiB7jfGPf+vqlQlnseWtoxr+TJKop6pL 6YdB0X4v6UR4UstbJrmmRGShww9sRm+MyTmlGSSwESpmZKotcp65ZOaCPpkq+Whv KSLgdoDjTd/FpY9EmRpHOFpzq5vuD0jc6RSwvDkdnEcpsB4qxcSsO3J3aQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJB+w9yn/ePBTw0I6d7wjp91dOnuMB8GA1UdIwQY MBaAFJivZAyCDutfvJIoHGEUTxGnvXB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYt ZWNhYjcwZWYzMmRhLzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYtZWNhYjcwZWYzMmRh LzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcX8OynRM gI0WSZEa9Nu0ZwF9R22XMYkbiDJOHT+q+gXpWyg3u3q31lTM1++R56UT2kSKxta6 G1zWA5sqQgNtSmq7U1uWJPUdmkIf2TdZGTvnJUxINPdR4yR7KGsJrcvDdoSh0Rjd WevFtFr35BOixoV0F6Lkh4nvigxAQRMRu1bBmKFgy9hZcwZQ61O8aMRNpVLS3P9a U5fDqBruJPKDu6Nw6GBUj/N+WT0JbdKbfJJ9erAXmC9mxPSbd2N3viqM0KXWrFJ2 DQt9Og7Nv3C+M4a56O/BqE9s5G0bBYlXwPdKujPUVsoLmT4o1Nu/a9Cpr+gFwQDv WmzrR8QPGCc7gw== -----END CERTIFICATE-----Generated at Thu Dec 18 05:45:47 2025 by rpki-client