This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft File: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft (raw, json) Hash identifier: OZpyor5/+wRci0g4CjfSJpdEEU09Y9jagagh53c/0oM= Subject key identifier: BF:DB:3F:E3:CF:EF:47:D6:98:5D:BE:78:E7:8D:49:17:68:B1:D8:AA Authority key identifier: 32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1 Certificate issuer: /CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1 Certificate serial: 019AF0BEE7F46F62CACA1CFC72227534F10E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft Manifest number: 0C29 Signing time: Fri 05 Dec 2025 23:00:34 +0000 Manifest this update: Fri 05 Dec 2025 23:00:34 +0000 Manifest next update: Sat 06 Dec 2025 23:00:34 +0000 Files and hashes: 1: 2W4Y0bQNlvS93LoW6fNHPM7BKLQ.roa (hash: I9C4k+xseXfObTJ4huNUkRHHI0jQTaqLFqDJffjcwOE=) 2: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl (hash: /ZJehIBjD+RStcrDLClcwakc11lRfe3b+qZfeNx+aDQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:be:e7:f4:6f:62:ca:ca:1c:fc:72:22:75:34:f1:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1 Validity Not Before: Dec 5 23:00:34 2025 GMT Not After : Dec 6 23:00:34 2025 GMT Subject: CN=bfdb3fe3cfef47d6985dbe78e78d491768b1d8aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f0:12:b6:27:d7:0a:64:08:86:92:8d:43:fb: 72:a3:08:7a:ea:c0:3c:29:04:d1:f9:92:10:d5:f2: e2:1f:4a:b7:e8:1c:fb:6a:a4:01:4a:6f:e0:9f:3c: 56:61:90:50:67:c0:b1:42:95:e9:82:22:9a:cc:0b: d9:f9:e4:47:60:fc:03:a3:ba:fe:76:de:9e:6e:c2: b8:00:9a:fe:16:ac:28:86:e1:f7:81:7b:87:74:3a: 9d:2f:2c:8c:34:f1:35:28:6d:93:35:44:2a:88:28: f0:ad:d6:19:fd:2c:53:e3:0b:a2:cf:03:48:38:54: d8:35:dd:e1:25:8c:3d:e8:62:63:7a:fb:5e:1f:55: c4:5e:c4:8b:cc:6d:82:cf:54:a0:2c:4a:3a:06:94: f0:7c:da:99:30:ee:ed:ef:25:c6:c1:2e:94:99:35: 62:85:b1:a2:b4:a2:ce:b1:51:5f:d3:ca:fd:dc:d2: 7b:48:94:11:15:8e:88:bf:d1:24:12:45:fe:34:b7: 48:57:78:27:84:31:a0:85:5b:a9:99:5a:93:6b:98: 35:be:55:67:61:7d:25:92:f1:7e:4c:7c:b3:7d:8d: b9:fb:90:69:c2:29:84:ff:aa:ff:16:21:fc:d1:96: 20:6e:89:48:e7:b3:03:b2:fe:32:79:5b:82:86:10: be:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:DB:3F:E3:CF:EF:47:D6:98:5D:BE:78:E7:8D:49:17:68:B1:D8:AA X509v3 Authority Key Identifier: keyid:32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:3d:56:a0:9b:1b:0b:5c:be:c7:c2:e7:6e:4e:1d:99:06:4a: f4:c0:ea:ba:76:a5:6c:24:b8:0b:71:cb:2b:1e:96:c7:61:e8: 91:23:84:cc:a5:a1:21:ea:86:94:6c:f1:e1:db:03:ba:66:db: d0:7e:74:3a:77:95:db:60:2a:8b:d4:ff:06:3c:31:83:20:7d: 01:a1:3b:e8:f3:d2:83:3e:87:8c:5e:1a:36:8f:1e:77:12:2a: 0a:4a:2a:15:7b:33:f9:ed:e8:b4:a0:52:12:3c:75:6b:06:5e: 6f:de:49:cb:f2:9c:bb:13:d8:47:39:3c:d6:7b:13:55:bc:9b: 05:e0:58:53:4b:25:de:6f:31:3c:b3:69:99:c8:d0:5d:fe:59: 4c:b7:cd:74:6b:23:33:1f:05:e4:d7:a2:f9:15:fa:30:eb:96: a1:e7:cb:8b:8f:87:56:fb:ea:42:a1:4d:15:65:63:6e:4d:b0: 39:dc:b8:b5:99:4e:2a:0a:4a:49:89:26:5b:bd:01:83:9c:63: 3a:38:1f:6b:e2:31:54:40:21:1f:02:b3:f4:d5:0f:1a:08:ac: 01:23:65:dd:6e:72:7c:4a:61:4e:1a:32:48:75:57:5a:22:ec: 56:b7:cf:f6:e6:f2:1f:a7:d9:ff:f5:ca:04:5d:9c:82:09:78: 57:81:3a:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvuf0b2LKyhz8ciJ1NPEOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNGM3MTA0NmM1NDlmYjNjN2Q0ZWJjNGNmOTUxOWQwMDJl NzZkZjEwHhcNMjUxMjA1MjMwMDM0WhcNMjUxMjA2MjMwMDM0WjAzMTEwLwYDVQQD EyhiZmRiM2ZlM2NmZWY0N2Q2OTg1ZGJlNzhlNzhkNDkxNzY4YjFkOGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PAStifXCmQIhpKNQ/tyowh66sA8 KQTR+ZIQ1fLiH0q36Bz7aqQBSm/gnzxWYZBQZ8CxQpXpgiKazAvZ+eRHYPwDo7r+ dt6ebsK4AJr+FqwohuH3gXuHdDqdLyyMNPE1KG2TNUQqiCjwrdYZ/SxT4wuizwNI OFTYNd3hJYw96GJjevteH1XEXsSLzG2Cz1SgLEo6BpTwfNqZMO7t7yXGwS6UmTVi hbGitKLOsVFf08r93NJ7SJQRFY6Iv9EkEkX+NLdIV3gnhDGghVupmVqTa5g1vlVn YX0lkvF+THyzfY25+5BpwimE/6r/FiH80ZYgbolI57MDsv4yeVuChhC+aQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/bP+PP70fWmF2+eOeNSRdosdiqMB8GA1UdIwQY MBaAFDJMcQRsVJ+zx9TrxM+VGdAC523xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUt N2NmZWFmMDg2ZTE0LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUtN2NmZWFmMDg2ZTE0 LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANz1WoJsb C1y+x8Lnbk4dmQZK9MDqunalbCS4C3HLKx6Wx2HokSOEzKWhIeqGlGzx4dsDumbb 0H50OneV22Aqi9T/BjwxgyB9AaE76PPSgz6HjF4aNo8edxIqCkoqFXsz+e3otKBS Ejx1awZeb95Jy/KcuxPYRzk81nsTVbybBeBYU0sl3m8xPLNpmcjQXf5ZTLfNdGsj Mx8F5Nei+RX6MOuWoefLi4+HVvvqQqFNFWVjbk2wOdy4tZlOKgpKSYkmW70Bg5xj Ojgfa+IxVEAhHwKz9NUPGgisASNl3W5yfEphThoySHVXWiLsVrfP9ubyH6fZ//XK BF2cggl4V4E66g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:04:01 2025 by rpki-client