This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft File: MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json) Hash identifier: ZbV6KFNPzFPuxnnc1p/8t+OgTJoickDRl8C9860fVY8= Subject key identifier: C3:DF:0A:E6:61:15:E5:82:19:AF:DF:88:73:63:B9:C6:8E:1C:9B:00 Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D Certificate issuer: /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d Certificate serial: 019AF35250E62DC7BC383607A81082104A53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft Manifest number: 06AE Signing time: Sat 06 Dec 2025 11:00:49 +0000 Manifest this update: Sat 06 Dec 2025 11:00:49 +0000 Manifest next update: Sun 07 Dec 2025 11:00:49 +0000 Files and hashes: 1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: 9DKkd2+6IRoplMSTQ05NP4LOJWeoW5b39YUimtuhdzI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:50:e6:2d:c7:bc:38:36:07:a8:10:82:10:4a:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d Validity Not Before: Dec 6 11:00:49 2025 GMT Not After : Dec 7 11:00:49 2025 GMT Subject: CN=c3df0ae66115e58219afdf887363b9c68e1c9b00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8c:12:d8:74:f6:3f:cf:c9:60:27:c1:6a:ae: 09:e6:2f:ca:b0:56:da:36:db:02:05:44:3e:c5:72: a0:9f:80:53:9a:36:52:2e:55:11:0c:b3:f1:c2:6d: cb:68:d1:5c:26:34:df:76:cc:23:dd:4e:b9:36:a8: 5a:9b:d6:b1:5a:c1:7c:90:17:5b:4b:b8:c3:ac:a0: d1:7a:d9:53:d6:98:24:4f:47:a0:ce:5d:5a:04:60: b6:39:0d:d0:74:61:aa:21:6b:3a:f2:47:31:b9:df: 0d:4d:94:dd:bc:f7:0d:c2:9f:50:75:9c:6c:1f:15: 35:a9:5a:a4:c7:d8:fc:fe:3c:dd:16:b3:8e:bd:5f: 42:c6:be:02:e5:f6:20:fb:96:53:0b:52:4f:1d:e1: 36:5d:9f:12:f0:b9:4e:3e:e9:9c:a4:cf:c8:8a:c4: 0b:06:b5:2e:b7:fd:ed:70:3f:09:24:82:6d:cf:42: b0:03:eb:10:9b:c0:06:3a:eb:06:44:a5:35:85:58: 3c:ad:47:f4:41:e0:07:60:4a:37:07:f8:92:7d:42: 33:b5:77:20:fc:97:3f:8b:78:ae:bc:12:91:1c:d4: 00:0f:6b:cc:00:0e:1d:10:c1:ae:5c:bb:0b:b4:96: 61:bb:66:86:07:28:10:ab:45:87:78:d0:c7:33:f1: 61:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:DF:0A:E6:61:15:E5:82:19:AF:DF:88:73:63:B9:C6:8E:1C:9B:00 X509v3 Authority Key Identifier: keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:68:0c:fb:81:59:0c:cc:47:f4:8d:60:72:00:87:b6:7c:84: 2c:a3:fd:b0:2c:f2:25:6d:aa:6a:0a:20:7f:64:a9:05:87:db: 78:54:0d:16:e1:9e:e9:a9:19:79:99:bf:a6:83:84:94:0d:7e: 7f:bd:32:0e:72:8e:a9:92:b6:fa:8e:b9:8a:16:70:26:fd:9d: 99:e9:03:01:52:f6:2a:06:c3:73:20:90:30:3d:05:6a:2c:a1: 5c:22:57:b6:d1:f3:6a:df:99:cc:cb:d1:55:e1:ee:a2:4b:75: f4:ea:fc:3a:16:83:b0:fe:1f:73:74:2d:b5:3f:86:02:4a:c8: 02:b1:c4:f9:50:dd:04:28:ef:d7:f1:d0:97:67:b1:28:94:43: 85:c5:2f:7d:a4:3d:d3:eb:2a:0c:f3:79:2d:b2:2f:42:e7:ec: 5c:ff:12:b1:52:5b:28:c3:26:e2:c9:66:59:c8:86:c2:a2:d6: c0:5c:4f:52:1d:45:ac:2c:e9:07:d0:9e:20:f2:cd:44:b8:03: 4a:b1:7e:9c:fc:a8:79:de:d9:8e:82:8b:9a:63:83:5c:d4:cf: 37:89:96:14:56:80:66:dd:23:64:fd:9e:2a:ab:1c:12:4c:09: 28:d5:ab:fd:af:17:5c:48:d4:13:91:35:37:66:08:62:32:7b: a4:be:20:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUlDmLce8ODYHqBCCEEpTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj MWE1OWQwHhcNMjUxMjA2MTEwMDQ5WhcNMjUxMjA3MTEwMDQ5WjAzMTEwLwYDVQQD EyhjM2RmMGFlNjYxMTVlNTgyMTlhZmRmODg3MzYzYjljNjhlMWM5YjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuowS2HT2P8/JYCfBaq4J5i/KsFba NtsCBUQ+xXKgn4BTmjZSLlURDLPxwm3LaNFcJjTfdswj3U65Nqham9axWsF8kBdb S7jDrKDRetlT1pgkT0egzl1aBGC2OQ3QdGGqIWs68kcxud8NTZTdvPcNwp9QdZxs HxU1qVqkx9j8/jzdFrOOvV9Cxr4C5fYg+5ZTC1JPHeE2XZ8S8LlOPumcpM/IisQL BrUut/3tcD8JJIJtz0KwA+sQm8AGOusGRKU1hVg8rUf0QeAHYEo3B/iSfUIztXcg /Jc/i3iuvBKRHNQAD2vMAA4dEMGuXLsLtJZhu2aGBygQq0WHeNDHM/FhtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMPfCuZhFeWCGa/fiHNjucaOHJsAMB8GA1UdIwQY MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmgM+4FZ DMxH9I1gcgCHtnyELKP9sCzyJW2qagogf2SpBYfbeFQNFuGe6akZeZm/poOElA1+ f70yDnKOqZK2+o65ihZwJv2dmekDAVL2KgbDcyCQMD0FaiyhXCJXttHzat+ZzMvR VeHuokt19Or8OhaDsP4fc3QttT+GAkrIArHE+VDdBCjv1/HQl2exKJRDhcUvfaQ9 0+sqDPN5LbIvQufsXP8SsVJbKMMm4slmWciGwqLWwFxPUh1FrCzpB9CeIPLNRLgD SrF+nPyoed7ZjoKLmmODXNTPN4mWFFaAZt0jZP2eKqscEkwJKNWr/a8XXEjUE5E1 N2YIYjJ7pL4gOA== -----END CERTIFICATE-----Generated at Sat Dec 6 19:30:16 2025 by rpki-client