This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/d9d82d-1ca4-4824-a92c-ca55efc7752d/1/MQ4un7cGaMeWrc6HeyHgmooa0Ck.mft File: MQ4un7cGaMeWrc6HeyHgmooa0Ck.mft (raw, json) Hash identifier: I9E+qwKP9Uk9hTXJg5h+Ox/p75+BBikzfHsOAeZOHaI= Subject key identifier: 72:32:EC:96:5C:E3:9E:F3:03:7B:D4:62:F4:66:D5:F9:CD:57:AD:DB Authority key identifier: 31:0E:2E:9F:B7:06:68:C7:96:AD:CE:87:7B:21:E0:9A:8A:1A:D0:29 Certificate issuer: /CN=310e2e9fb70668c796adce877b21e09a8a1ad029 Certificate serial: 019AF2AE028BF6BF0CA063996D32A3CDB03E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQ4un7cGaMeWrc6HeyHgmooa0Ck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/d9d82d-1ca4-4824-a92c-ca55efc7752d/1/MQ4un7cGaMeWrc6HeyHgmooa0Ck.mft Manifest number: 0F61 Signing time: Sat 06 Dec 2025 08:01:21 +0000 Manifest this update: Sat 06 Dec 2025 08:01:21 +0000 Manifest next update: Sun 07 Dec 2025 08:01:21 +0000 Files and hashes: 1: MQ4un7cGaMeWrc6HeyHgmooa0Ck.crl (hash: BVfCT1HPru+8wQuyVHLpqbYV7zrUSrkT9lvQcwpQc+E=) 2: QXjAwQSpvYGLG9EKG43DcrvrWjg.roa (hash: /g3NGPvML9niLWrxGUEsCrw0JcuhbxCMPrgB31IKq7M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/d9d82d-1ca4-4824-a92c-ca55efc7752d/1/MQ4un7cGaMeWrc6HeyHgmooa0Ck.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/d9d82d-1ca4-4824-a92c-ca55efc7752d/1/MQ4un7cGaMeWrc6HeyHgmooa0Ck.mft rsync://rpki.ripe.net/repository/DEFAULT/MQ4un7cGaMeWrc6HeyHgmooa0Ck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ae:02:8b:f6:bf:0c:a0:63:99:6d:32:a3:cd:b0:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=310e2e9fb70668c796adce877b21e09a8a1ad029 Validity Not Before: Dec 6 08:01:21 2025 GMT Not After : Dec 7 08:01:21 2025 GMT Subject: CN=7232ec965ce39ef3037bd462f466d5f9cd57addb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0e:75:e2:3e:1d:36:41:21:32:ec:6e:d5:20: 85:d2:0f:21:c0:94:47:52:67:f8:1b:50:4b:95:19: 96:e1:a2:90:6d:8e:9f:aa:e2:f4:66:b5:18:63:ba: 5f:a0:84:dd:28:b3:c2:5b:db:ad:b6:06:20:20:78: cf:1a:6f:5c:e7:0a:c7:10:35:3f:62:48:b8:c5:50: 13:e4:8d:99:18:eb:2d:92:7b:9f:79:d0:a9:01:bd: 29:66:41:1e:55:a2:50:b7:a2:16:e0:5a:63:ba:ed: 69:df:9f:65:c9:88:8d:84:4b:1e:11:8c:73:d8:c5: 85:0d:a0:0d:cf:ff:88:4e:a6:01:d7:f1:44:85:f0: 5b:cd:60:2e:b7:60:d8:a1:02:4d:68:c8:6b:f3:34: 54:96:30:3b:af:66:dc:fb:38:7d:21:f8:fd:97:78: ac:09:2e:af:6e:e4:bf:e9:34:1f:89:33:a3:71:fa: f1:98:31:13:64:bf:01:49:7d:4d:e7:31:28:a1:77: 4f:5e:b1:8a:12:46:23:54:1f:1b:94:9e:4e:8d:64: d5:ba:02:20:fc:5a:f8:28:92:29:81:c1:1c:9b:71: ff:45:94:64:a3:cb:bd:31:52:43:43:be:7e:e7:18: 79:5b:3e:3e:a8:72:c6:d1:fd:9c:6e:0a:4f:37:63: b5:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:32:EC:96:5C:E3:9E:F3:03:7B:D4:62:F4:66:D5:F9:CD:57:AD:DB X509v3 Authority Key Identifier: keyid:31:0E:2E:9F:B7:06:68:C7:96:AD:CE:87:7B:21:E0:9A:8A:1A:D0:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQ4un7cGaMeWrc6HeyHgmooa0Ck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/d9d82d-1ca4-4824-a92c-ca55efc7752d/1/MQ4un7cGaMeWrc6HeyHgmooa0Ck.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/d9d82d-1ca4-4824-a92c-ca55efc7752d/1/MQ4un7cGaMeWrc6HeyHgmooa0Ck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:ea:9e:77:91:d2:bb:62:c7:48:f1:7f:00:ac:17:7f:4a:37: 26:d9:ee:f1:18:53:c7:95:96:1a:f7:ab:71:ab:ef:98:c1:d2: 45:ed:68:98:24:f9:10:b8:b4:f5:0e:ee:9e:8c:bb:b2:7d:85: 65:12:e3:e7:3a:31:ab:21:9c:b6:ff:ea:60:01:2c:df:53:43: 3c:b6:9b:11:f1:50:1d:c3:d5:58:02:c2:da:5b:5c:c1:55:4d: df:ab:51:db:56:b2:98:12:66:22:c9:4a:df:4a:bd:0c:a2:6d: b4:49:cf:a6:fe:da:24:cb:1c:90:37:c9:46:01:de:05:f1:5d: 6c:91:19:ef:4f:29:ff:e2:70:89:ef:59:c2:c1:88:b2:29:3e: ae:27:ae:73:66:5d:2d:ba:ac:53:c2:82:37:cf:c8:6d:3e:fd: 01:3d:a5:62:7c:3f:fb:6a:9e:6a:49:53:9a:fc:12:ec:80:a4: f1:0f:83:74:48:c4:c8:cc:92:46:e2:a7:7e:62:4b:66:f8:0f: 39:28:ca:61:2a:00:ab:99:11:5a:af:88:6a:5a:11:d1:28:5d: c0:af:18:8d:dd:3d:cb:38:48:cd:bd:38:94:b1:0b:16:44:5c: 5d:2c:c2:1f:97:a5:cb:68:60:38:c7:70:6d:50:ad:82:e5:0c: f9:04:6a:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrgKL9r8MoGOZbTKjzbA+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxMGUyZTlmYjcwNjY4Yzc5NmFkY2U4NzdiMjFlMDlhOGEx YWQwMjkwHhcNMjUxMjA2MDgwMTIxWhcNMjUxMjA3MDgwMTIxWjAzMTEwLwYDVQQD Eyg3MjMyZWM5NjVjZTM5ZWYzMDM3YmQ0NjJmNDY2ZDVmOWNkNTdhZGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ514j4dNkEhMuxu1SCF0g8hwJRH Umf4G1BLlRmW4aKQbY6fquL0ZrUYY7pfoITdKLPCW9uttgYgIHjPGm9c5wrHEDU/ Yki4xVAT5I2ZGOstknufedCpAb0pZkEeVaJQt6IW4Fpjuu1p359lyYiNhEseEYxz 2MWFDaANz/+ITqYB1/FEhfBbzWAut2DYoQJNaMhr8zRUljA7r2bc+zh9Ifj9l3is CS6vbuS/6TQfiTOjcfrxmDETZL8BSX1N5zEooXdPXrGKEkYjVB8blJ5OjWTVugIg /Fr4KJIpgcEcm3H/RZRko8u9MVJDQ75+5xh5Wz4+qHLG0f2cbgpPN2O10wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHIy7JZc457zA3vUYvRm1fnNV63bMB8GA1UdIwQY MBaAFDEOLp+3BmjHlq3Oh3sh4JqKGtApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVE0dW43Y0dhTWVXcmM2SGV5SGdtb29hMENrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9kOWQ4MmQtMWNhNC00ODI0LWE5MmMt Y2E1NWVmYzc3NTJkLzEvTVE0dW43Y0dhTWVXcmM2SGV5SGdtb29hMENrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy9kOWQ4MmQtMWNhNC00ODI0LWE5MmMtY2E1NWVmYzc3NTJk LzEvTVE0dW43Y0dhTWVXcmM2SGV5SGdtb29hMENrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATuqed5HS u2LHSPF/AKwXf0o3Jtnu8RhTx5WWGvercavvmMHSRe1omCT5ELi09Q7unoy7sn2F ZRLj5zoxqyGctv/qYAEs31NDPLabEfFQHcPVWALC2ltcwVVN36tR21aymBJmIslK 30q9DKJttEnPpv7aJMsckDfJRgHeBfFdbJEZ708p/+Jwie9ZwsGIsik+rieuc2Zd LbqsU8KCN8/IbT79AT2lYnw/+2qeaklTmvwS7ICk8Q+DdEjEyMySRuKnfmJLZvgP OSjKYSoAq5kRWq+IaloR0ShdwK8Yjd09yzhIzb04lLELFkRcXSzCH5ely2hgOMdw bVCtguUM+QRq6A== -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:36 2025 by rpki-client