This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft File: MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json) Hash identifier: iE5OveoLTK94xPCR0G7bxMJ+F6/R5Ux5A6vUnj85fhw= Subject key identifier: 95:48:F3:A8:AC:6A:45:2B:7C:AF:58:A3:B9:84:2D:05:58:13:58:98 Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33 Certificate issuer: /CN=3026e2422fa722454e608317d21862b66aa37d33 Certificate serial: 019AF12DC0A9942E7EAD9A799F88D2CD6B9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft Manifest number: 16B1 Signing time: Sat 06 Dec 2025 01:01:38 +0000 Manifest this update: Sat 06 Dec 2025 01:01:38 +0000 Manifest next update: Sun 07 Dec 2025 01:01:38 +0000 Files and hashes: 1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: O5Xx0wg3J6XJ1B0ze4SAvMNGUsuyy/UmYYF9j9c5cV8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:c0:a9:94:2e:7e:ad:9a:79:9f:88:d2:cd:6b:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33 Validity Not Before: Dec 6 01:01:38 2025 GMT Not After : Dec 7 01:01:38 2025 GMT Subject: CN=9548f3a8ac6a452b7caf58a3b9842d0558135898 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:7e:f2:13:ac:d0:18:d5:2a:95:db:1f:02:fc: 64:4e:8b:54:20:cf:6d:f4:75:9d:e7:73:1c:58:e9: c8:71:04:27:d3:9a:95:58:06:d9:5a:9e:3c:93:b3: a1:ee:93:9a:d3:11:93:75:29:2e:8b:38:f3:57:00: dc:bd:84:ff:2c:f4:27:07:95:ac:74:aa:cb:71:f7: c8:ad:9d:83:2c:2d:4e:d2:f2:9a:d6:31:e6:c4:0e: 04:dd:bb:4f:a2:d0:78:71:21:3f:0f:bc:4d:e7:8a: 93:0b:69:ea:b8:8d:d0:6c:ba:cf:7a:e7:98:64:b4: ea:c6:25:28:84:25:46:df:f7:51:e5:af:3c:06:d8: 59:9e:7a:18:55:6a:6d:b2:50:ce:ac:f4:d3:1d:27: 15:3c:7f:15:7d:f5:36:26:89:60:0b:25:24:76:2a: 6b:8e:78:94:8e:11:95:ef:be:e7:ac:9d:35:23:d4: ed:e4:e9:dd:25:ae:c1:fd:6d:bf:93:25:bf:76:f9: 5f:93:7f:35:0a:04:48:a6:5e:7a:c3:23:6b:4e:87: 3c:59:cc:81:b3:72:22:7e:2f:cb:22:a7:4b:5d:aa: 42:2e:a9:9e:11:9e:f5:f8:01:2c:ef:0a:05:a8:af: 62:52:14:35:10:e9:0e:34:73:6a:ae:92:58:fe:78: 26:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:48:F3:A8:AC:6A:45:2B:7C:AF:58:A3:B9:84:2D:05:58:13:58:98 X509v3 Authority Key Identifier: keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:5e:3a:a0:35:52:b3:d8:e8:56:d4:47:d2:f2:ed:e6:9f:d1: 51:fe:f4:44:e6:95:d6:a0:07:d8:f2:51:05:0e:f1:62:0e:59: 46:39:15:63:cc:6e:6d:f1:4a:cb:5d:f4:7d:94:e1:31:c8:a5: 7b:92:97:95:04:63:8a:a0:91:6f:6c:46:f3:7d:d0:d6:0a:c4: 70:b3:82:c5:fa:86:dd:6e:08:33:cd:2e:94:b3:21:47:ea:60: 96:2b:a4:f5:d6:1e:58:bc:a2:75:8d:7b:1a:5e:0e:c9:d4:f6: cc:ee:91:6a:a7:5b:4c:4c:ee:50:3a:b0:c6:37:d1:73:a4:24: b3:d6:fa:ef:76:6e:d1:36:70:e5:f0:c1:6b:e2:3b:61:5c:49: 54:f4:91:01:75:8d:cb:2b:dd:09:f2:00:a2:70:8a:fa:4e:6b: a3:dc:06:0e:47:b9:3d:3f:4a:d9:c1:7c:c5:c0:ba:9f:81:11: 7d:0b:46:e6:c8:58:b9:cf:25:86:7a:9b:24:8f:fb:a6:d6:5c: 64:a3:5f:80:45:b2:50:73:07:b4:fd:20:87:e9:ec:fb:20:17: 60:1b:6f:44:d2:7c:5f:38:13:66:9c:7b:00:11:7b:a4:30:1c: d5:2b:9f:18:7d:c0:59:3a:d9:0b:08:90:be:ef:fa:a5:82:a3: 7d:7d:39:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLcCplC5+rZp5n4jSzWufMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh MzdkMzMwHhcNMjUxMjA2MDEwMTM4WhcNMjUxMjA3MDEwMTM4WjAzMTEwLwYDVQQD Eyg5NTQ4ZjNhOGFjNmE0NTJiN2NhZjU4YTNiOTg0MmQwNTU4MTM1ODk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi37yE6zQGNUqldsfAvxkTotUIM9t 9HWd53McWOnIcQQn05qVWAbZWp48k7Oh7pOa0xGTdSkuizjzVwDcvYT/LPQnB5Ws dKrLcffIrZ2DLC1O0vKa1jHmxA4E3btPotB4cSE/D7xN54qTC2nquI3QbLrPeueY ZLTqxiUohCVG3/dR5a88BthZnnoYVWptslDOrPTTHScVPH8VffU2JolgCyUkdipr jniUjhGV777nrJ01I9Tt5OndJa7B/W2/kyW/dvlfk381CgRIpl56wyNrToc8WcyB s3Iifi/LIqdLXapCLqmeEZ71+AEs7woFqK9iUhQ1EOkONHNqrpJY/ngmiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJVI86isakUrfK9Yo7mELQVYE1iYMB8GA1UdIwQY MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdF46oDVS s9joVtRH0vLt5p/RUf70ROaV1qAH2PJRBQ7xYg5ZRjkVY8xubfFKy130fZThMcil e5KXlQRjiqCRb2xG833Q1grEcLOCxfqG3W4IM80ulLMhR+pgliuk9dYeWLyidY17 Gl4OydT2zO6RaqdbTEzuUDqwxjfRc6Qks9b673Zu0TZw5fDBa+I7YVxJVPSRAXWN yyvdCfIAonCK+k5ro9wGDke5PT9K2cF8xcC6n4ERfQtG5shYuc8lhnqbJI/7ptZc ZKNfgEWyUHMHtP0gh+ns+yAXYBtvRNJ8XzgTZpx7ABF7pDAc1SufGH3AWTrZCwiQ vu/6pYKjfX05nw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:12:32 2025 by rpki-client