This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a96094-db94-4546-a424-8908f0ab185b/1/MfxYQJK_niCslRtZUN1PpxMgPMM.mft File: MfxYQJK_niCslRtZUN1PpxMgPMM.mft (raw, json) Hash identifier: hqH/PlxInDW8SSAir9TM0tB3rogAHkCmZDf923r3oyM= Subject key identifier: B8:63:DC:1C:35:46:D8:DE:7F:38:9A:EC:EC:CA:94:E4:40:45:74:1F Authority key identifier: 31:FC:58:40:92:BF:9E:20:AC:95:1B:59:50:DD:4F:A7:13:20:3C:C3 Certificate issuer: /CN=31fc584092bf9e20ac951b5950dd4fa713203cc3 Certificate serial: 019AF31CA91CBF1C1325C61A9DBC4A55A7CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MfxYQJK_niCslRtZUN1PpxMgPMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/a96094-db94-4546-a424-8908f0ab185b/1/MfxYQJK_niCslRtZUN1PpxMgPMM.mft Manifest number: 1180 Signing time: Sat 06 Dec 2025 10:02:13 +0000 Manifest this update: Sat 06 Dec 2025 10:02:13 +0000 Manifest next update: Sun 07 Dec 2025 10:02:13 +0000 Files and hashes: 1: MfxYQJK_niCslRtZUN1PpxMgPMM.crl (hash: 1V54TIUzThbgnh8N1B/7wHmTG0rFsVL3iZ9trEGk1fc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/a96094-db94-4546-a424-8908f0ab185b/1/MfxYQJK_niCslRtZUN1PpxMgPMM.crl rsync://rpki.ripe.net/repository/DEFAULT/77/a96094-db94-4546-a424-8908f0ab185b/1/MfxYQJK_niCslRtZUN1PpxMgPMM.mft rsync://rpki.ripe.net/repository/DEFAULT/MfxYQJK_niCslRtZUN1PpxMgPMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:a9:1c:bf:1c:13:25:c6:1a:9d:bc:4a:55:a7:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31fc584092bf9e20ac951b5950dd4fa713203cc3 Validity Not Before: Dec 6 10:02:13 2025 GMT Not After : Dec 7 10:02:13 2025 GMT Subject: CN=b863dc1c3546d8de7f389aececca94e44045741f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:7c:8c:87:c2:39:2b:d8:03:1c:80:5b:a3:3c: 31:1a:7c:7f:9d:e6:ed:bb:86:4c:4b:a9:cd:45:7b: 85:99:5b:1d:47:bf:e7:87:bc:7b:a9:84:11:bb:9c: 87:88:64:1a:6d:78:fd:7b:cf:8e:19:b6:a7:ef:c6: bb:ea:5d:4b:f9:e2:5d:cf:a5:fd:5c:a4:d7:de:17: 12:d9:c5:dc:0e:18:0b:78:dd:78:99:2c:4e:0b:a4: 94:d7:fa:60:1c:b0:c5:17:78:c9:cf:8f:71:2d:1f: 28:6e:1a:e2:e1:c3:f6:67:04:65:55:33:23:79:07: 4e:83:2f:a1:ac:cf:bb:9a:b8:55:06:a4:48:21:8b: 92:ad:43:38:f7:7a:6d:7b:9b:1a:b8:12:3e:0c:46: 8e:17:82:13:00:bf:e4:6e:03:55:03:04:62:45:ce: 1b:fc:9f:83:14:12:f0:e4:77:da:e1:df:82:ab:7b: 71:96:7b:35:a6:ee:ea:39:8e:74:5b:1e:e8:73:f9: 38:9d:0d:46:c5:77:6b:fa:3b:66:ab:8d:eb:3c:c6: a8:de:83:97:52:29:2c:72:19:9a:6b:cb:f4:40:19: 3a:f2:df:2e:0c:6d:36:7e:4d:e6:77:40:64:e0:b3: 91:72:2b:a2:ae:54:4f:84:85:73:5d:c0:92:3c:b2: 33:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:63:DC:1C:35:46:D8:DE:7F:38:9A:EC:EC:CA:94:E4:40:45:74:1F X509v3 Authority Key Identifier: keyid:31:FC:58:40:92:BF:9E:20:AC:95:1B:59:50:DD:4F:A7:13:20:3C:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MfxYQJK_niCslRtZUN1PpxMgPMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a96094-db94-4546-a424-8908f0ab185b/1/MfxYQJK_niCslRtZUN1PpxMgPMM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a96094-db94-4546-a424-8908f0ab185b/1/MfxYQJK_niCslRtZUN1PpxMgPMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:4c:84:99:de:cd:20:0f:51:07:78:6f:4f:8e:63:20:1b:b8: 9d:a2:b5:79:c3:f8:81:6a:5f:80:e0:f6:d9:07:e0:81:1b:51: 86:7f:db:b4:8e:04:16:c7:80:a8:41:c6:74:73:61:5c:ba:18: 6a:2d:1b:bd:0c:5a:e4:c4:67:45:de:0e:52:7f:c7:54:b4:f0: 9e:28:91:8c:5d:ad:12:68:99:f2:1c:9d:18:eb:3e:fb:87:b4: 6a:a8:a1:82:1e:4b:a6:62:cd:a2:91:25:c1:e3:75:b6:94:33: aa:6a:8b:b7:92:7f:65:54:cf:e5:3c:2a:a6:1a:32:ae:49:be: 69:ec:4e:45:9b:81:50:cf:6e:7d:11:ad:ef:76:f5:86:65:1b: 8e:dd:4e:56:81:73:26:80:4a:21:3c:69:f8:70:79:1d:50:b6: ef:3a:3b:da:b0:3f:59:3c:a5:fd:5f:db:ed:ce:17:4d:e1:c8: 8f:49:4b:00:c7:01:09:56:c3:48:cd:10:fc:b4:78:82:9b:86: 33:ed:6f:e6:87:4a:11:46:a5:f8:bf:4d:53:55:ea:24:3c:f7: 39:9f:41:06:27:50:27:cb:af:0b:ed:dc:62:31:f7:b4:91:71: a8:ef:b5:55:aa:58:f4:dd:51:7d:82:aa:16:01:fb:1b:03:1b: 0e:34:f4:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHKkcvxwTJcYanbxKVafOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxZmM1ODQwOTJiZjllMjBhYzk1MWI1OTUwZGQ0ZmE3MTMy MDNjYzMwHhcNMjUxMjA2MTAwMjEzWhcNMjUxMjA3MTAwMjEzWjAzMTEwLwYDVQQD EyhiODYzZGMxYzM1NDZkOGRlN2YzODlhZWNlY2NhOTRlNDQwNDU3NDFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHyMh8I5K9gDHIBbozwxGnx/nebt u4ZMS6nNRXuFmVsdR7/nh7x7qYQRu5yHiGQabXj9e8+OGban78a76l1L+eJdz6X9 XKTX3hcS2cXcDhgLeN14mSxOC6SU1/pgHLDFF3jJz49xLR8obhri4cP2ZwRlVTMj eQdOgy+hrM+7mrhVBqRIIYuSrUM493pte5sauBI+DEaOF4ITAL/kbgNVAwRiRc4b /J+DFBLw5Hfa4d+Cq3txlns1pu7qOY50Wx7oc/k4nQ1GxXdr+jtmq43rPMao3oOX Uikschmaa8v0QBk68t8uDG02fk3md0Bk4LORciuirlRPhIVzXcCSPLIz/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLhj3Bw1Rtjefzia7OzKlORARXQfMB8GA1UdIwQY MBaAFDH8WECSv54grJUbWVDdT6cTIDzDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWZ4WVFKS19uaUNzbFJ0WlVOMVBweE1nUE1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hOTYwOTQtZGI5NC00NTQ2LWE0MjQt ODkwOGYwYWIxODViLzEvTWZ4WVFKS19uaUNzbFJ0WlVOMVBweE1nUE1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny9hOTYwOTQtZGI5NC00NTQ2LWE0MjQtODkwOGYwYWIxODVi LzEvTWZ4WVFKS19uaUNzbFJ0WlVOMVBweE1nUE1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArEyEmd7N IA9RB3hvT45jIBu4naK1ecP4gWpfgOD22QfggRtRhn/btI4EFseAqEHGdHNhXLoY ai0bvQxa5MRnRd4OUn/HVLTwniiRjF2tEmiZ8hydGOs++4e0aqihgh5LpmLNopEl weN1tpQzqmqLt5J/ZVTP5Twqphoyrkm+aexORZuBUM9ufRGt73b1hmUbjt1OVoFz JoBKITxp+HB5HVC27zo72rA/WTyl/V/b7c4XTeHIj0lLAMcBCVbDSM0Q/LR4gpuG M+1v5odKEUal+L9NU1XqJDz3OZ9BBidQJ8uvC+3cYjH3tJFxqO+1VapY9N1RfYKq FgH7GwMbDjT0kA== -----END CERTIFICATE-----Generated at Sat Dec 6 19:15:28 2025 by rpki-client