This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft File: MBHFvtv0MNvOQcazjxyxJVKrv-k.mft (raw, json) Hash identifier: NpEIySWfiBzqoaY8k0VLa7T3NAzoLOc74vHdeHDNDi0= Subject key identifier: F1:44:37:3D:84:E3:A2:0A:96:17:B0:1F:A8:37:D2:D3:90:CB:FC:65 Authority key identifier: 30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9 Certificate issuer: /CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9 Certificate serial: 019AF1D1F6BE1A2A0C84B43376CBB765FB30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft Manifest number: 032F Signing time: Sat 06 Dec 2025 04:01:00 +0000 Manifest this update: Sat 06 Dec 2025 04:01:00 +0000 Manifest next update: Sun 07 Dec 2025 04:01:00 +0000 Files and hashes: 1: MBHFvtv0MNvOQcazjxyxJVKrv-k.crl (hash: sqHCokLUQ2uYWjBn5IrLrdIAJe7OaQSZ5NWNObpjFTo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:f6:be:1a:2a:0c:84:b4:33:76:cb:b7:65:fb:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3011c5bedbf430dbce41c6b38f1cb12552abbfe9 Validity Not Before: Dec 6 04:01:00 2025 GMT Not After : Dec 7 04:01:00 2025 GMT Subject: CN=f144373d84e3a20a9617b01fa837d2d390cbfc65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:32:63:7c:47:b3:4a:75:3c:83:71:54:ad:55: 92:f9:3b:0b:b3:83:e7:3a:32:33:13:89:88:95:65: a9:8d:d2:e7:a1:5d:b9:67:0c:16:a5:76:df:3c:d9: 31:8a:f3:21:f6:29:fa:d8:7e:89:6e:ed:34:1e:36: 22:d3:5a:79:d8:45:ed:60:04:89:d4:cb:e5:9f:d0: 5d:9f:63:bb:ef:b5:8c:f1:d9:e7:9f:da:19:4d:f8: 11:cf:87:24:af:b5:c9:79:95:61:12:23:0a:09:82: 03:8b:fc:ba:b8:36:ce:50:a2:13:b0:9a:ac:d0:de: 14:10:7c:55:ea:61:db:d0:b7:13:8f:35:c5:62:38: 9e:be:5b:de:0c:1b:ab:ab:ea:cd:b5:b6:68:90:9b: 64:d5:27:1f:05:1f:d3:e1:b4:f6:b6:cc:34:44:2b: f4:61:1a:47:ca:8c:61:ec:a4:03:ff:ed:54:12:b9: 01:f2:63:5b:de:01:38:33:a6:9d:16:b3:5e:ff:3c: 40:59:50:ab:32:a0:44:cb:7f:99:20:72:17:12:3c: 50:17:ed:5a:ec:61:f1:09:8d:a0:b1:67:3c:a4:df: 9e:ef:e8:62:51:b1:7a:49:7f:ab:74:50:56:4e:16: ba:96:e5:59:06:5d:ab:d1:03:e4:58:7c:c4:8b:87: a0:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:44:37:3D:84:E3:A2:0A:96:17:B0:1F:A8:37:D2:D3:90:CB:FC:65 X509v3 Authority Key Identifier: keyid:30:11:C5:BE:DB:F4:30:DB:CE:41:C6:B3:8F:1C:B1:25:52:AB:BF:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBHFvtv0MNvOQcazjxyxJVKrv-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/80c8cb-bb6f-4d26-aafe-2d83c0800c0b/1/MBHFvtv0MNvOQcazjxyxJVKrv-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:73:2f:5f:8a:9a:1f:e8:92:83:39:43:82:6b:66:89:08:b6: 09:2b:3a:a3:c0:ad:f9:6d:31:b7:86:7b:bc:2f:5d:53:58:47: af:9c:a6:e8:86:4d:06:2f:6c:fb:62:30:1a:83:71:36:9f:13: 9a:eb:17:68:24:f0:f8:28:d2:47:60:88:c8:3b:7d:5e:5d:45: a8:a2:0d:e1:90:5d:59:3d:6e:89:80:22:33:e4:63:26:e8:b3: 52:cf:d7:9c:52:25:fa:e7:55:7f:21:99:02:43:60:a6:cd:0c: b5:24:39:26:75:17:4d:c2:8b:0e:aa:27:c1:64:e0:40:5e:4d: 05:81:ec:45:da:4d:29:8c:9a:8c:fd:fb:53:95:7f:b4:8b:fb: aa:63:be:04:71:f6:53:f3:81:f7:3f:18:f3:ec:81:69:fe:49: 6d:81:b9:1a:d8:36:ff:9f:ba:03:0f:ae:8e:12:ed:9d:03:3c: a6:4f:99:ba:e0:ac:28:95:11:60:a8:be:6d:73:70:bc:cf:42: 9c:3a:7b:d5:79:14:53:f9:a7:49:12:1c:eb:c4:5a:74:85:f8: fd:5a:1d:00:7d:ac:f8:f1:ee:3f:03:2e:64:a4:e2:96:46:dd: 3f:41:f3:cb:d6:b1:a1:e9:82:16:bc:83:a7:5f:f7:67:b2:56: d2:59:c6:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0fa+GioMhLQzdsu3ZfswMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwMTFjNWJlZGJmNDMwZGJjZTQxYzZiMzhmMWNiMTI1NTJh YmJmZTkwHhcNMjUxMjA2MDQwMTAwWhcNMjUxMjA3MDQwMTAwWjAzMTEwLwYDVQQD EyhmMTQ0MzczZDg0ZTNhMjBhOTYxN2IwMWZhODM3ZDJkMzkwY2JmYzY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DJjfEezSnU8g3FUrVWS+TsLs4Pn OjIzE4mIlWWpjdLnoV25ZwwWpXbfPNkxivMh9in62H6Jbu00HjYi01p52EXtYASJ 1Mvln9Bdn2O777WM8dnnn9oZTfgRz4ckr7XJeZVhEiMKCYIDi/y6uDbOUKITsJqs 0N4UEHxV6mHb0LcTjzXFYjievlveDBurq+rNtbZokJtk1ScfBR/T4bT2tsw0RCv0 YRpHyoxh7KQD/+1UErkB8mNb3gE4M6adFrNe/zxAWVCrMqBEy3+ZIHIXEjxQF+1a 7GHxCY2gsWc8pN+e7+hiUbF6SX+rdFBWTha6luVZBl2r0QPkWHzEi4egpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPFENz2E46IKlhewH6g30tOQy/xlMB8GA1UdIwQY MBaAFDARxb7b9DDbzkHGs48csSVSq7/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUt MmQ4M2MwODAwYzBiLzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi84MGM4Y2ItYmI2Zi00ZDI2LWFhZmUtMmQ4M2MwODAwYzBi LzEvTUJIRnZ0djBNTnZPUWNhemp4eXhKVktydi1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP3MvX4qa H+iSgzlDgmtmiQi2CSs6o8Ct+W0xt4Z7vC9dU1hHr5ym6IZNBi9s+2IwGoNxNp8T musXaCTw+CjSR2CIyDt9Xl1FqKIN4ZBdWT1uiYAiM+RjJuizUs/XnFIl+udVfyGZ AkNgps0MtSQ5JnUXTcKLDqonwWTgQF5NBYHsRdpNKYyajP37U5V/tIv7qmO+BHH2 U/OB9z8Y8+yBaf5JbYG5Gtg2/5+6Aw+ujhLtnQM8pk+ZuuCsKJURYKi+bXNwvM9C nDp71XkUU/mnSRIc68RadIX4/VodAH2s+PHuPwMuZKTilkbdP0Hzy9axoemCFryD p1/3Z7JW0lnGdA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:35:14 2025 by rpki-client