This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft File: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft (raw, json) Hash identifier: nEIAnzqzuaxfLFHN+kur5IJ5zjlC96SqDLmMlP3eHS0= Subject key identifier: 17:B5:EE:13:5E:12:AF:A1:3A:6F:FF:BB:1D:FB:EB:F6:43:90:94:D4 Authority key identifier: 31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B Certificate issuer: /CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b Certificate serial: 019B3CEC0A4E457FF3E784D210473830B792 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft Manifest number: 0A79 Signing time: Sat 20 Dec 2025 18:01:00 +0000 Manifest this update: Sat 20 Dec 2025 18:01:00 +0000 Manifest next update: Sun 21 Dec 2025 18:01:00 +0000 Files and hashes: 1: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl (hash: uJRnTe8/xa2XkqPLV2XtxohwrjwlWDNAgdPHyEc49HA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:ec:0a:4e:45:7f:f3:e7:84:d2:10:47:38:30:b7:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b Validity Not Before: Dec 20 18:01:00 2025 GMT Not After : Dec 21 18:01:00 2025 GMT Subject: CN=17b5ee135e12afa13a6fffbb1dfbebf6439094d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:75:62:16:58:4b:62:79:9d:db:dd:3a:d0:83: 94:7b:29:d3:a1:e1:16:4a:ca:8a:fe:5b:a0:00:f9: b9:cb:58:02:a6:cc:84:d1:7b:d2:92:83:4e:10:e8: 78:cc:1a:c2:4b:ef:9d:3f:99:b9:0f:a6:24:ed:02: 22:06:a3:d1:53:6d:4b:01:58:31:3c:2c:fc:86:af: d9:11:13:37:96:2e:32:a4:8d:c1:5e:d5:19:a5:99: 24:bb:b0:53:87:3b:1e:41:0f:31:77:51:9d:51:b3: 3e:99:d2:00:de:a1:92:2a:c0:08:f7:a3:c1:06:8f: bd:3a:07:5a:c9:af:2c:b4:05:41:47:c0:e1:13:0d: a0:90:56:88:cc:d5:e5:b5:bf:16:47:22:41:90:ad: 56:69:d4:46:e6:24:79:bf:58:1c:e9:87:51:ea:98: 25:9d:b9:4d:36:75:b0:47:9b:de:a9:5f:3a:08:5d: f2:8b:8b:cd:88:51:8f:1e:ee:66:1c:c3:0a:24:14: cb:b0:3b:6c:2e:f2:67:68:61:5d:38:35:9b:c8:03: 86:ff:5d:e7:e0:26:d6:bf:a5:50:5d:f8:17:e0:19: d7:0e:71:5b:2a:a1:0b:5b:49:a1:aa:34:00:8a:a0: 3a:c7:e6:83:a2:ee:f7:56:95:4f:b9:d1:4d:0b:7b: 35:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:B5:EE:13:5E:12:AF:A1:3A:6F:FF:BB:1D:FB:EB:F6:43:90:94:D4 X509v3 Authority Key Identifier: keyid:31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:e0:a1:39:ba:2c:a3:0d:e4:b8:5a:11:0c:5a:59:45:2c:02: 47:22:57:60:cd:a7:92:02:47:4e:96:6c:9c:b7:81:7c:52:88: 06:a3:1e:ed:07:8e:26:90:9a:f3:79:b7:2e:6d:e7:07:54:29: 38:d4:12:5c:3c:f4:c5:2c:5f:db:a9:a9:63:39:74:65:ef:78: 83:5e:64:e8:2d:c1:31:3f:8b:4c:a7:45:07:5e:51:e3:02:28: 7c:11:cd:c7:dd:75:ed:07:d6:36:52:81:a9:30:a0:ef:e1:2f: ff:2f:45:f1:76:a8:6f:07:69:e6:14:7c:ef:0b:f5:05:09:f5: f5:3d:15:a6:14:06:71:b0:af:22:2a:94:0f:ab:1c:9a:4c:40: 6d:ff:65:cd:be:84:5e:3a:13:ce:e2:6f:af:dd:c0:f9:bd:c8: 57:2e:a7:d9:b2:5b:e9:92:62:de:94:97:cf:5d:ee:b3:15:73: 04:bd:b3:38:cc:5d:a6:37:27:8c:a3:2a:43:b1:77:dd:03:dc: 7d:26:fb:4c:bf:54:37:5f:f9:15:dd:c7:ca:42:61:ab:1b:8c: 3b:6d:bc:98:08:9f:6a:c9:db:51:6f:c1:95:f7:24:e3:f9:3e: 98:55:18:14:3e:01:c4:58:01:76:d6:23:33:f3:e8:b8:37:13: db:b7:43:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs87ApORX/z54TSEEc4MLeSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxYjE2MjFjZTI4Y2JiZmVmMDM4YWJkNzU0OWZjNmNiNTBl NzExNmIwHhcNMjUxMjIwMTgwMTAwWhcNMjUxMjIxMTgwMTAwWjAzMTEwLwYDVQQD EygxN2I1ZWUxMzVlMTJhZmExM2E2ZmZmYmIxZGZiZWJmNjQzOTA5NGQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHViFlhLYnmd29060IOUeynToeEW SsqK/lugAPm5y1gCpsyE0XvSkoNOEOh4zBrCS++dP5m5D6Yk7QIiBqPRU21LAVgx PCz8hq/ZERM3li4ypI3BXtUZpZkku7BThzseQQ8xd1GdUbM+mdIA3qGSKsAI96PB Bo+9Ogdaya8stAVBR8DhEw2gkFaIzNXltb8WRyJBkK1WadRG5iR5v1gc6YdR6pgl nblNNnWwR5veqV86CF3yi4vNiFGPHu5mHMMKJBTLsDtsLvJnaGFdODWbyAOG/13n 4CbWv6VQXfgX4BnXDnFbKqELW0mhqjQAiqA6x+aDou73VpVPudFNC3s1+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBe17hNeEq+hOm//ux376/ZDkJTUMB8GA1UdIwQY MBaAFDGxYhzijLv+8Dir11SfxstQ5xFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQt NjYxNDYzMjcyM2I5LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQtNjYxNDYzMjcyM2I5 LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOChObos ow3kuFoRDFpZRSwCRyJXYM2nkgJHTpZsnLeBfFKIBqMe7QeOJpCa83m3Lm3nB1Qp ONQSXDz0xSxf26mpYzl0Ze94g15k6C3BMT+LTKdFB15R4wIofBHNx9117QfWNlKB qTCg7+Ev/y9F8Xaobwdp5hR87wv1BQn19T0VphQGcbCvIiqUD6scmkxAbf9lzb6E XjoTzuJvr93A+b3IVy6n2bJb6ZJi3pSXz13usxVzBL2zOMxdpjcnjKMqQ7F33QPc fSb7TL9UN1/5Fd3HykJhqxuMO228mAifasnbUW/Blfck4/k+mFUYFD4BxFgBdtYj M/PouDcT27dD0Q== -----END CERTIFICATE-----Generated at Sun Dec 21 03:52:43 2025 by rpki-client