This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft File: MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json) Hash identifier: 5JuE9ucsurhK7UIX9x8rVwAwi8A5O2mVtrukK85wdAY= Subject key identifier: 46:2F:92:4D:0C:24:4D:EC:37:B9:97:A8:2B:91:BF:C5:9E:86:2D:BE Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09 Certificate issuer: /CN=300842db0837daf311a334b722318e70b588b009 Certificate serial: 019AF12D868A4B6D1FEA47CBB54DC1644647 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 01:01:23 +0000 Manifest this update: Sat 06 Dec 2025 01:01:23 +0000 Manifest next update: Sun 07 Dec 2025 01:01:23 +0000 Files and hashes: 1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: Ug0b3J2GkKms+23FUYnrPUJhM85vOu2vVP5LM5h3utI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:86:8a:4b:6d:1f:ea:47:cb:b5:4d:c1:64:46:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=300842db0837daf311a334b722318e70b588b009 Validity Not Before: Dec 6 01:01:23 2025 GMT Not After : Dec 7 01:01:23 2025 GMT Subject: CN=462f924d0c244dec37b997a82b91bfc59e862dbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:d7:10:52:20:4b:76:d1:14:16:64:46:33:aa: a6:47:37:e5:ce:b7:46:b5:c1:86:c7:a8:4e:e3:cc: 33:8b:8e:91:0d:1d:74:79:b7:d9:9b:7d:9d:cf:2e: 71:2b:e6:77:38:ba:86:d9:09:b4:c2:fb:32:50:65: 76:e8:14:82:b7:0c:b6:60:95:35:e5:be:e7:7e:e6: bc:c0:02:1c:9e:c0:5e:f1:b9:b1:7c:2b:7d:dc:b6: be:a2:9b:a5:49:17:34:38:cc:f2:92:2f:78:fb:ec: b9:3b:aa:f7:20:c9:e6:c6:e7:69:da:fe:f4:c5:34: 17:df:44:7f:2e:b6:61:d5:2b:ed:34:e2:50:76:c7: d7:8b:4a:27:76:c4:a4:ef:8b:61:0b:e7:95:b1:d9: 96:6b:b7:31:e6:75:39:a9:42:72:d0:66:91:c7:d7: f0:d7:49:69:9d:1b:1c:61:ea:da:78:6c:53:3a:4d: 9a:df:c1:49:1c:5c:f8:19:05:68:3b:6a:16:f5:2c: 13:59:6f:a4:88:0e:f1:e6:4a:05:3f:b5:7d:12:50: 40:57:d9:b4:ff:4f:c9:c2:c2:14:f6:34:1b:cf:10: e8:92:22:73:b8:1f:9b:2b:17:21:40:3f:17:f7:47: be:26:e9:9d:12:2a:c7:7b:c4:1b:9a:3a:32:28:96: 8c:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:2F:92:4D:0C:24:4D:EC:37:B9:97:A8:2B:91:BF:C5:9E:86:2D:BE X509v3 Authority Key Identifier: keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:b8:6a:b0:83:66:18:d8:1d:4b:44:a7:b6:0a:c6:b0:a7:2f: 34:a2:58:16:9a:17:40:4b:58:24:9a:a9:6f:27:58:27:77:8f: 65:e3:f5:82:3d:7c:1a:43:dd:a9:49:84:b8:79:81:ec:46:4d: 8d:aa:b3:a2:c6:c0:bc:77:1b:fa:63:af:28:09:1c:ad:64:ce: 4c:77:14:dc:45:1b:b0:78:87:d6:d8:ce:44:0c:05:a9:56:b5: d3:6d:bd:69:4b:a3:b9:c1:99:ee:c1:23:1e:be:4e:dd:62:be: 6e:fa:34:90:5f:a9:67:fa:55:f4:9c:3f:4c:64:40:f0:02:af: 49:1c:ec:24:14:92:9b:0b:89:8f:3c:22:87:e3:a1:19:e4:8c: f2:7c:20:9e:4a:dd:62:34:fe:f1:28:52:24:5d:99:c6:60:3f: ed:0f:87:83:db:42:07:3c:5a:38:c1:74:39:7c:ab:d7:52:82: 81:41:62:0b:b3:f8:7a:f7:79:f4:52:b1:27:08:00:b6:06:96: ad:92:a6:f3:4d:da:e3:02:c8:5e:77:60:9e:29:9d:c0:39:1b: 56:cd:29:7b:08:62:dc:fb:ea:f9:d6:30:cc:67:95:73:53:34: 33:b6:8c:d1:f0:ee:17:9c:ef:10:f3:c6:35:79:f0:dd:73:29: a9:07:88:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLYaKS20f6kfLtU3BZEZHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4 OGIwMDkwHhcNMjUxMjA2MDEwMTIzWhcNMjUxMjA3MDEwMTIzWjAzMTEwLwYDVQQD Eyg0NjJmOTI0ZDBjMjQ0ZGVjMzdiOTk3YTgyYjkxYmZjNTllODYyZGJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59cQUiBLdtEUFmRGM6qmRzflzrdG tcGGx6hO48wzi46RDR10ebfZm32dzy5xK+Z3OLqG2Qm0wvsyUGV26BSCtwy2YJU1 5b7nfua8wAIcnsBe8bmxfCt93La+opulSRc0OMzyki94++y5O6r3IMnmxudp2v70 xTQX30R/LrZh1SvtNOJQdsfXi0ondsSk74thC+eVsdmWa7cx5nU5qUJy0GaRx9fw 10lpnRscYeraeGxTOk2a38FJHFz4GQVoO2oW9SwTWW+kiA7x5koFP7V9ElBAV9m0 /0/JwsIU9jQbzxDokiJzuB+bKxchQD8X90e+JumdEirHe8QbmjoyKJaMWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEYvkk0MJE3sN7mXqCuRv8Wehi2+MB8GA1UdIwQY MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhbhqsINm GNgdS0SntgrGsKcvNKJYFpoXQEtYJJqpbydYJ3ePZeP1gj18GkPdqUmEuHmB7EZN jaqzosbAvHcb+mOvKAkcrWTOTHcU3EUbsHiH1tjORAwFqVa10229aUujucGZ7sEj Hr5O3WK+bvo0kF+pZ/pV9Jw/TGRA8AKvSRzsJBSSmwuJjzwih+OhGeSM8nwgnkrd YjT+8ShSJF2ZxmA/7Q+Hg9tCBzxaOMF0OXyr11KCgUFiC7P4evd59FKxJwgAtgaW rZKm803a4wLIXndgnimdwDkbVs0pewhi3Pvq+dYwzGeVc1M0M7aM0fDuF5zvEPPG NXnw3XMpqQeIfg== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:39 2025 by rpki-client