This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft File: Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json) Hash identifier: dHVc+PCnwhsRKGgQbyx6AWpYRyq+k2QXm5vXNId8cso= Subject key identifier: 08:2F:A4:8A:26:3F:3A:C4:0A:0A:C8:8D:E3:61:C8:81:46:2E:18:76 Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB Certificate issuer: /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab Certificate serial: 019AF2094E661AFE6045A501E86552D7387B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 05:01:27 +0000 Manifest this update: Sat 06 Dec 2025 05:01:27 +0000 Manifest next update: Sun 07 Dec 2025 05:01:27 +0000 Files and hashes: 1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: dDAenCFbPtDjHQXmYSHFrBw945ZEgUkAWTj6p5UkxPE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:4e:66:1a:fe:60:45:a5:01:e8:65:52:d7:38:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab Validity Not Before: Dec 6 05:01:27 2025 GMT Not After : Dec 7 05:01:27 2025 GMT Subject: CN=082fa48a263f3ac40a0ac88de361c881462e1876 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:66:83:89:64:de:9e:3e:ea:55:7b:e5:72:2e: ae:f5:35:dc:5a:08:17:36:b2:30:8c:02:a0:af:44: 43:40:ae:23:44:c2:6f:54:24:c5:24:d9:37:18:6e: 00:16:66:4b:06:72:09:61:b0:fc:98:f4:7a:9e:0b: 57:30:03:e7:5f:e9:ac:7e:bc:6a:04:14:fc:48:90: a4:66:5f:60:09:fb:4f:3e:f9:bd:5c:c8:4a:17:6d: 51:31:ba:47:e6:57:6b:46:b5:3e:84:3b:4d:b0:55: d8:fc:50:a0:ca:b0:14:e4:24:a1:4e:3a:b5:18:32: c0:f5:12:1f:7f:a9:ea:e0:40:d7:70:23:b9:f3:f3: 54:fb:3c:35:31:4d:d9:5c:b0:2e:70:dc:d3:c7:fa: 60:d9:d1:a4:86:4d:39:30:84:c7:bd:c8:a1:8a:e5: 72:d5:c5:35:c4:e4:3d:33:0d:66:2e:1b:8c:1e:97: 67:40:99:85:7e:ec:1f:f1:1c:b5:f7:24:3c:99:99: ab:53:1d:2d:20:3a:f7:1a:eb:ea:78:b6:06:75:bf: f8:52:c8:b6:53:63:9e:a9:2b:8b:07:19:c4:b0:07: 1c:01:91:64:91:ef:36:9f:83:33:bf:f6:11:b2:fa: 20:ec:3b:5c:a0:95:e5:93:e5:30:09:b0:d3:eb:43: e5:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:2F:A4:8A:26:3F:3A:C4:0A:0A:C8:8D:E3:61:C8:81:46:2E:18:76 X509v3 Authority Key Identifier: keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:1b:63:3f:d0:fd:81:51:cf:e1:41:92:3d:b5:a4:70:ed:df: 9b:c1:77:32:24:ce:f8:e7:e8:43:8a:3e:7d:cc:2f:c6:a5:b6: a3:04:fc:07:44:bd:11:a4:1c:71:21:f5:a4:72:b8:46:20:e7: b7:eb:0d:02:35:71:80:d2:ba:42:c9:17:d7:10:b7:0e:69:1e: 6b:c3:8a:16:89:13:b4:6d:0a:bd:ad:dd:68:9a:c8:b2:86:19: f4:0c:ff:20:8c:12:e6:8a:0a:24:27:2b:a4:ed:fd:d4:18:f7: 09:26:0a:a2:18:e0:4b:66:99:21:b0:3c:e7:2e:d2:32:2d:16: 1a:ba:e3:b8:04:7c:81:68:3b:fe:57:e3:67:b0:cf:48:cd:78: 5b:fc:92:5f:74:c8:39:6e:7f:f6:2e:71:af:b4:12:14:6a:dc: dc:03:0b:02:d9:93:dd:86:da:a0:b6:25:49:47:c3:61:8c:a5: 21:37:2d:85:47:b1:19:a2:c8:ae:4a:5e:c0:09:b0:ff:46:d7: 6f:20:6a:fb:20:b8:91:43:c8:e4:20:c1:a5:6d:c9:9e:06:b1: 01:a1:bb:58:3d:88:86:3b:a7:aa:5e:1d:6e:f3:3f:03:1d:6d: 97:74:1a:33:be:7c:2a:24:4f:db:62:82:58:84:6d:ef:cc:b0: 21:97:04:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCU5mGv5gRaUB6GVS1zh7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx ZjM1YWIwHhcNMjUxMjA2MDUwMTI3WhcNMjUxMjA3MDUwMTI3WjAzMTEwLwYDVQQD EygwODJmYTQ4YTI2M2YzYWM0MGEwYWM4OGRlMzYxYzg4MTQ2MmUxODc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWaDiWTenj7qVXvlci6u9TXcWggX NrIwjAKgr0RDQK4jRMJvVCTFJNk3GG4AFmZLBnIJYbD8mPR6ngtXMAPnX+msfrxq BBT8SJCkZl9gCftPPvm9XMhKF21RMbpH5ldrRrU+hDtNsFXY/FCgyrAU5CShTjq1 GDLA9RIff6nq4EDXcCO58/NU+zw1MU3ZXLAucNzTx/pg2dGkhk05MITHvcihiuVy 1cU1xOQ9Mw1mLhuMHpdnQJmFfuwf8Ry19yQ8mZmrUx0tIDr3GuvqeLYGdb/4Usi2 U2OeqSuLBxnEsAccAZFkke82n4Mzv/YRsvog7DtcoJXlk+UwCbDT60PlUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAgvpIomPzrECgrIjeNhyIFGLhh2MB8GA1UdIwQY MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADhtjP9D9 gVHP4UGSPbWkcO3fm8F3MiTO+OfoQ4o+fcwvxqW2owT8B0S9EaQccSH1pHK4RiDn t+sNAjVxgNK6QskX1xC3Dmkea8OKFokTtG0Kva3daJrIsoYZ9Az/IIwS5ooKJCcr pO391Bj3CSYKohjgS2aZIbA85y7SMi0WGrrjuAR8gWg7/lfjZ7DPSM14W/ySX3TI OW5/9i5xr7QSFGrc3AMLAtmT3YbaoLYlSUfDYYylITcthUexGaLIrkpewAmw/0bX byBq+yC4kUPI5CDBpW3JngaxAaG7WD2Ihjunql4dbvM/Ax1tl3QaM758KiRP22KC WIRt78ywIZcEYQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:37:57 2025 by rpki-client