This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft File: MWKbwb0al4TaHlsLjV4I4r5n3kA.mft (raw, json) Hash identifier: Olne35RPVfr6sg71ZJayvqnXqpQqiqTbnedTUsdGmJI= Subject key identifier: 3F:1E:8C:24:08:1A:40:AD:6B:B7:E5:86:C3:95:F4:0F:B9:60:FB:B6 Authority key identifier: 31:62:9B:C1:BD:1A:97:84:DA:1E:5B:0B:8D:5E:08:E2:BE:67:DE:40 Certificate issuer: /CN=31629bc1bd1a9784da1e5b0b8d5e08e2be67de40 Certificate serial: 019AF1D18861FB93F8F5F5377C2B8599D9DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MWKbwb0al4TaHlsLjV4I4r5n3kA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft Manifest number: 76 Signing time: Sat 06 Dec 2025 04:00:32 +0000 Manifest this update: Sat 06 Dec 2025 04:00:32 +0000 Manifest next update: Sun 07 Dec 2025 04:00:32 +0000 Files and hashes: 1: MWKbwb0al4TaHlsLjV4I4r5n3kA.crl (hash: YKjZ01C6lFz0DNQhBvuYiCEQXKlAQrQSs5s8/t1px3E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.crl rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft rsync://rpki.ripe.net/repository/DEFAULT/MWKbwb0al4TaHlsLjV4I4r5n3kA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:88:61:fb:93:f8:f5:f5:37:7c:2b:85:99:d9:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31629bc1bd1a9784da1e5b0b8d5e08e2be67de40 Validity Not Before: Dec 6 04:00:32 2025 GMT Not After : Dec 7 04:00:32 2025 GMT Subject: CN=3f1e8c24081a40ad6bb7e586c395f40fb960fbb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:c3:80:95:97:74:ab:2d:ca:5e:3e:ab:ef:20: 67:d4:69:d0:68:cf:28:f6:7c:90:8c:d9:af:2a:fb: d7:fb:63:9d:77:e4:fb:01:a3:11:a1:38:f0:bc:4a: 8d:b9:14:1c:b7:99:fe:c5:d9:52:6d:37:5b:68:eb: 2f:56:9f:74:a2:4b:1a:53:c9:bd:5a:0d:f0:22:e2: 67:6b:b2:48:88:e3:17:8b:67:03:fd:18:99:76:0c: 9f:58:35:2c:57:e7:c2:e1:5a:e8:15:c9:df:55:1b: 81:11:79:1e:bf:38:60:db:a9:87:8b:c0:b8:43:23: 3a:d2:fe:62:0d:58:8c:cb:ef:cf:dd:d2:1a:4e:86: a7:74:4f:51:b0:0f:83:8f:10:93:e6:bc:98:d0:58: e5:c1:bc:e6:8a:70:c2:72:40:8a:d6:84:7b:6c:fb: 9c:27:13:aa:55:ef:44:19:54:db:52:28:9a:f1:e8: 07:ed:bf:84:ff:07:5b:0f:0a:ee:10:88:97:ca:c9: 62:e9:22:fd:a2:2d:6c:c8:ac:4a:f6:14:d6:94:4f: 97:d7:90:15:98:19:b9:9d:6f:d6:04:e0:a4:4e:03: 59:20:19:4d:20:db:04:e1:59:1c:c4:ac:78:20:62: 39:83:67:d3:17:a5:b7:1e:14:77:90:67:cf:33:43: 02:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:1E:8C:24:08:1A:40:AD:6B:B7:E5:86:C3:95:F4:0F:B9:60:FB:B6 X509v3 Authority Key Identifier: keyid:31:62:9B:C1:BD:1A:97:84:DA:1E:5B:0B:8D:5E:08:E2:BE:67:DE:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MWKbwb0al4TaHlsLjV4I4r5n3kA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b54e9c-ba92-4e8b-a09e-4f9332a2a71e/1/MWKbwb0al4TaHlsLjV4I4r5n3kA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:71:21:67:79:28:67:fa:20:7c:a6:ec:31:29:d2:0c:87:3d: cc:77:14:26:3b:3d:3b:23:7c:c9:0d:23:21:ca:21:0e:20:d2: 26:d1:70:21:51:98:58:bf:60:5d:93:aa:ef:28:ea:c4:fa:4f: 7f:cd:30:a2:ce:c1:08:78:32:d0:f7:81:52:b9:7f:3b:38:bd: dc:c1:c8:f7:86:1a:27:3a:c6:15:24:91:3c:a5:8a:d8:df:53: 0a:0d:26:53:2d:69:3c:a7:fc:a1:d9:66:db:1a:13:27:03:ef: 0b:48:af:79:11:ae:70:a6:de:77:ff:d6:2e:48:59:7f:56:91: 80:88:a5:13:0c:1c:1b:c0:1d:c2:3d:ce:12:13:d8:2d:d8:d6: db:51:a5:09:0d:52:dc:76:08:05:c1:a2:2b:6f:c1:dc:87:1a: ce:3f:f2:ca:c5:cb:5d:ba:70:fe:a8:b8:44:3f:b4:12:b2:4e: f1:a2:2c:d4:fc:d0:43:40:bb:1c:00:30:a0:e8:a8:32:52:3d: 14:00:82:cf:19:66:0f:b0:57:7e:28:f9:aa:d5:13:86:df:a8: b7:30:9d:54:a8:59:e1:96:8e:f2:18:d4:92:f2:e4:a6:7b:69: 24:37:90:72:f4:fc:0d:43:e7:38:14:68:77:9b:c1:fe:ed:65: 85:1a:b0:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0Yhh+5P49fU3fCuFmdnbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxNjI5YmMxYmQxYTk3ODRkYTFlNWIwYjhkNWUwOGUyYmU2 N2RlNDAwHhcNMjUxMjA2MDQwMDMyWhcNMjUxMjA3MDQwMDMyWjAzMTEwLwYDVQQD EygzZjFlOGMyNDA4MWE0MGFkNmJiN2U1ODZjMzk1ZjQwZmI5NjBmYmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sOAlZd0qy3KXj6r7yBn1GnQaM8o 9nyQjNmvKvvX+2Odd+T7AaMRoTjwvEqNuRQct5n+xdlSbTdbaOsvVp90oksaU8m9 Wg3wIuJna7JIiOMXi2cD/RiZdgyfWDUsV+fC4VroFcnfVRuBEXkevzhg26mHi8C4 QyM60v5iDViMy+/P3dIaToandE9RsA+DjxCT5ryY0FjlwbzminDCckCK1oR7bPuc JxOqVe9EGVTbUiia8egH7b+E/wdbDwruEIiXysli6SL9oi1syKxK9hTWlE+X15AV mBm5nW/WBOCkTgNZIBlNINsE4VkcxKx4IGI5g2fTF6W3HhR3kGfPM0MCHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD8ejCQIGkCta7flhsOV9A+5YPu2MB8GA1UdIwQY MBaAFDFim8G9GpeE2h5bC41eCOK+Z95AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVdLYndiMGFsNFRhSGxzTGpWNEk0cjVuM2tBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iNTRlOWMtYmE5Mi00ZThiLWEwOWUt NGY5MzMyYTJhNzFlLzEvTVdLYndiMGFsNFRhSGxzTGpWNEk0cjVuM2tBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9iNTRlOWMtYmE5Mi00ZThiLWEwOWUtNGY5MzMyYTJhNzFl LzEvTVdLYndiMGFsNFRhSGxzTGpWNEk0cjVuM2tBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV3EhZ3ko Z/ogfKbsMSnSDIc9zHcUJjs9OyN8yQ0jIcohDiDSJtFwIVGYWL9gXZOq7yjqxPpP f80wos7BCHgy0PeBUrl/Ozi93MHI94YaJzrGFSSRPKWK2N9TCg0mUy1pPKf8odlm 2xoTJwPvC0iveRGucKbed//WLkhZf1aRgIilEwwcG8Adwj3OEhPYLdjW21GlCQ1S 3HYIBcGiK2/B3Icazj/yysXLXbpw/qi4RD+0ErJO8aIs1PzQQ0C7HAAwoOioMlI9 FACCzxlmD7BXfij5qtUTht+otzCdVKhZ4ZaO8hjUkvLkpntpJDeQcvT8DUPnOBRo d5vB/u1lhRqwSA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:36 2025 by rpki-client