This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft File: Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json) Hash identifier: j9tmYBHIqxJYyQanhv4znKVK5GFoXN3EJBrHcy7/yaY= Subject key identifier: E3:50:D4:21:21:79:9B:61:0F:55:F3:B7:B7:05:A6:67:2D:F6:59:CE Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9 Certificate issuer: /CN=32789bd392e1c5c69b7420cc036803af1258cef9 Certificate serial: 019B2F6769C1913620B8660E412F5DA0601A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft Manifest number: 08D3 Signing time: Thu 18 Dec 2025 03:01:04 +0000 Manifest this update: Thu 18 Dec 2025 03:01:04 +0000 Manifest next update: Fri 19 Dec 2025 03:01:04 +0000 Files and hashes: 1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: ZCqOWy5WQ/yUy/s9MGa9CLv0IJXFn2912pLSUJgngBk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:67:69:c1:91:36:20:b8:66:0e:41:2f:5d:a0:60:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9 Validity Not Before: Dec 18 03:01:04 2025 GMT Not After : Dec 19 03:01:04 2025 GMT Subject: CN=e350d42121799b610f55f3b7b705a6672df659ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:cf:0c:8d:74:13:b4:bc:89:bf:77:b2:dc:bb: 67:2a:bc:9b:af:4a:19:37:04:25:b4:28:f8:4b:c2: 3e:d1:fa:4e:63:cf:8f:16:cb:28:e1:0e:93:c0:dc: 96:7a:ce:66:7d:1d:ef:19:e0:01:74:43:e8:50:3f: ac:c0:f8:27:1c:bf:b9:d9:bc:06:8e:68:c6:39:e7: a7:35:e5:4d:19:4a:31:05:73:c5:82:40:bc:9a:94: 40:9c:0b:38:ca:d6:c1:ad:f9:14:6b:fe:6d:3f:6a: 4e:dd:66:ae:ab:de:75:c2:e5:4c:78:79:c8:a7:85: 57:cb:1f:be:9d:68:76:b4:22:3c:ef:de:ab:3f:1a: 48:e2:7b:f1:27:87:41:ef:ce:ea:15:1c:50:04:fd: e1:e6:f1:11:00:6c:b1:37:55:30:56:60:56:0e:dc: 77:74:38:ed:8a:f7:4a:52:8d:64:8a:27:1f:bc:6f: c9:cf:c4:63:9d:86:f7:5f:6f:37:27:ba:13:95:9c: 32:23:7e:b7:80:c7:b6:14:50:87:6e:b9:4a:66:bb: 86:1f:10:bf:71:b7:83:e3:87:11:d0:0e:48:4c:e1: a6:06:df:2d:2f:fa:e0:95:d7:4b:02:ed:4f:64:48: 8a:bc:48:c3:1b:8e:e8:c4:e4:f3:c4:c3:49:b3:50: a9:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:50:D4:21:21:79:9B:61:0F:55:F3:B7:B7:05:A6:67:2D:F6:59:CE X509v3 Authority Key Identifier: keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:b7:5b:60:c8:69:22:69:1e:8b:fd:a5:ef:9d:06:f1:8c:60: f7:2f:86:c0:9a:05:59:02:83:89:9d:de:a0:c9:1d:e4:b5:0b: e8:33:5a:f6:cf:ed:29:0f:c4:42:8b:e2:ef:15:a4:4d:d3:1d: d5:f9:87:f0:f8:2a:f8:af:26:33:ff:84:fb:9a:0a:44:ed:c2: 0a:53:fc:0c:8e:dc:70:eb:20:b7:c6:f8:2d:5b:58:7e:2c:51: 32:79:c0:fd:b1:f2:95:45:f0:02:81:62:e3:a1:ce:c2:17:2a: 3c:bf:85:54:5f:6d:cf:8e:3d:a8:bf:3a:10:c4:f2:d3:5f:46: 14:cc:f9:36:59:19:76:83:b7:5b:3a:ee:e5:8c:96:6e:0a:34: df:3c:62:c4:27:59:26:bb:41:f9:db:1c:15:e8:c5:e7:b8:0e: 5b:c3:9b:cc:34:fe:de:1b:4b:5b:57:fe:11:02:11:e5:86:6d: c1:44:0c:18:b9:06:9b:f3:29:93:df:0e:5d:32:03:4f:5c:6b: 49:39:06:77:df:5c:48:8d:07:3a:48:8f:a1:16:fe:9e:21:f4: c4:0b:f7:4c:2e:27:89:e6:42:13:e7:67:8e:62:64:5a:6b:2f: 8f:18:39:1c:98:45:47:f7:eb:28:30:af:ce:f4:1c:54:ea:12: ed:ef:08:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvZ2nBkTYguGYOQS9doGAaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1 OGNlZjkwHhcNMjUxMjE4MDMwMTA0WhcNMjUxMjE5MDMwMTA0WjAzMTEwLwYDVQQD EyhlMzUwZDQyMTIxNzk5YjYxMGY1NWYzYjdiNzA1YTY2NzJkZjY1OWNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc8MjXQTtLyJv3ey3LtnKrybr0oZ NwQltCj4S8I+0fpOY8+PFsso4Q6TwNyWes5mfR3vGeABdEPoUD+swPgnHL+52bwG jmjGOeenNeVNGUoxBXPFgkC8mpRAnAs4ytbBrfkUa/5tP2pO3Wauq951wuVMeHnI p4VXyx++nWh2tCI8796rPxpI4nvxJ4dB787qFRxQBP3h5vERAGyxN1UwVmBWDtx3 dDjtivdKUo1kiicfvG/Jz8RjnYb3X283J7oTlZwyI363gMe2FFCHbrlKZruGHxC/ cbeD44cR0A5ITOGmBt8tL/rglddLAu1PZEiKvEjDG47oxOTzxMNJs1CpnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFONQ1CEheZthD1Xzt7cFpmct9lnOMB8GA1UdIwQY MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7dbYMhp Imkei/2l750G8Yxg9y+GwJoFWQKDiZ3eoMkd5LUL6DNa9s/tKQ/EQovi7xWkTdMd 1fmH8Pgq+K8mM/+E+5oKRO3CClP8DI7ccOsgt8b4LVtYfixRMnnA/bHylUXwAoFi 46HOwhcqPL+FVF9tz449qL86EMTy019GFMz5NlkZdoO3Wzru5YyWbgo03zxixCdZ JrtB+dscFejF57gOW8ObzDT+3htLW1f+EQIR5YZtwUQMGLkGm/Mpk98OXTIDT1xr STkGd99cSI0HOkiPoRb+niH0xAv3TC4nieZCE+dnjmJkWmsvjxg5HJhFR/frKDCv zvQcVOoS7e8IBw== -----END CERTIFICATE-----Generated at Thu Dec 18 07:40:28 2025 by rpki-client