This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft File: MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json) Hash identifier: ByIknbfO4LkgZ97DVYmgJocc5dfdSC643Os/FrjAk1s= Subject key identifier: 16:55:0B:08:AA:F7:47:41:8E:D1:D7:BA:DA:60:01:B8:1B:64:9F:57 Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34 Certificate issuer: /CN=30fd95ce80eace734e340ddd723110fa5252fa34 Certificate serial: 019AF3527A4A3DADBE7B9ADBADC46E4A02B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 11:00:59 +0000 Manifest this update: Sat 06 Dec 2025 11:00:59 +0000 Manifest next update: Sun 07 Dec 2025 11:00:59 +0000 Files and hashes: 1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: 4xEEznLH0AMRF+wvo3II2Ux/Oh9kqCcQOgaPBHvnHwI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:7a:4a:3d:ad:be:7b:9a:db:ad:c4:6e:4a:02:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34 Validity Not Before: Dec 6 11:00:59 2025 GMT Not After : Dec 7 11:00:59 2025 GMT Subject: CN=16550b08aaf747418ed1d7bada6001b81b649f57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:f4:ac:62:6b:11:40:04:f2:07:ed:6d:6d:80: 83:e2:28:d9:e2:73:f4:e2:57:28:7c:55:29:4c:3f: 04:e8:a3:ef:e6:79:eb:2c:d9:16:6e:59:68:9a:cf: b9:b3:d4:a5:75:ed:22:0e:c1:a4:08:f5:71:67:f1: 3b:58:0c:fd:dd:0e:29:bf:86:59:28:eb:47:48:3f: b1:18:04:86:a2:67:fd:d8:0d:38:49:d7:d7:30:8b: 2a:6c:df:f3:24:3d:9a:3c:9f:37:b5:23:4c:3c:72: a7:33:ce:7f:d1:b5:65:dc:82:b0:e7:31:35:03:a2: 5c:a2:69:c4:bf:c3:6c:fd:a4:60:c3:ec:ed:ea:84: 82:25:77:67:47:fa:f9:28:db:50:4f:35:7c:7b:d4: 7a:b6:99:17:7e:3f:f1:db:ad:96:0a:e3:4a:47:5c: 07:d3:06:2d:b9:f9:71:a4:2b:66:bc:16:f1:5d:27: 5b:e0:d3:a9:28:69:95:90:99:be:92:05:82:b1:6d: 85:91:e8:fa:11:4f:08:0f:5e:4a:49:35:5d:1c:1d: 37:63:c1:4c:af:c7:d2:8b:d9:05:75:db:19:54:b2: b7:d1:da:10:6b:58:90:5d:d2:23:cd:ab:6f:ed:8c: bb:39:dc:c1:41:62:a7:05:0a:cd:36:9c:45:e7:27: 3a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:55:0B:08:AA:F7:47:41:8E:D1:D7:BA:DA:60:01:B8:1B:64:9F:57 X509v3 Authority Key Identifier: keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:49:3b:89:38:ec:32:da:88:29:c9:c2:a5:06:e6:2a:74:d9: 30:29:0b:f1:3d:73:75:a8:9f:77:ce:78:ad:62:42:3d:22:a2: 3a:12:4e:9f:9f:51:99:b6:0a:0e:be:a5:55:6f:80:7e:64:c3: c2:a8:48:6d:23:12:33:84:3c:ff:37:39:97:23:0b:db:aa:eb: ef:ff:6d:4a:03:46:54:46:c7:5c:42:96:48:59:0e:56:19:ae: b9:98:b9:cc:50:02:4a:11:c9:32:a3:72:f3:8c:ea:b7:e2:2e: 62:b7:ca:39:95:2e:4d:a7:78:d3:83:c3:a9:b6:01:92:2a:c3: 71:c4:c1:5e:dc:f6:ab:1b:59:d7:3d:10:4f:d7:84:c1:b6:20: 76:9f:21:a1:7b:67:39:b6:88:39:82:7a:49:c3:21:45:39:a0: 88:38:f9:69:86:b6:72:30:cf:92:13:58:5f:f0:bf:a9:84:ec: 5e:2e:5e:8e:26:ee:19:32:26:30:75:2f:ea:54:02:0c:73:5a: cf:cd:69:33:24:76:ce:00:4e:93:3a:36:cc:03:66:5b:0b:e7: c7:9b:09:1c:e7:8d:20:12:e2:52:15:c4:44:e7:3c:7c:d8:13: 82:96:7c:fc:88:66:9e:3e:17:54:12:d1:4b:4d:a4:28:29:96: fa:88:ed:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUnpKPa2+e5rbrcRuSgK1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1 MmZhMzQwHhcNMjUxMjA2MTEwMDU5WhcNMjUxMjA3MTEwMDU5WjAzMTEwLwYDVQQD EygxNjU1MGIwOGFhZjc0NzQxOGVkMWQ3YmFkYTYwMDFiODFiNjQ5ZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vSsYmsRQATyB+1tbYCD4ijZ4nP0 4lcofFUpTD8E6KPv5nnrLNkWblloms+5s9Slde0iDsGkCPVxZ/E7WAz93Q4pv4ZZ KOtHSD+xGASGomf92A04SdfXMIsqbN/zJD2aPJ83tSNMPHKnM85/0bVl3IKw5zE1 A6JcomnEv8Ns/aRgw+zt6oSCJXdnR/r5KNtQTzV8e9R6tpkXfj/x262WCuNKR1wH 0wYtuflxpCtmvBbxXSdb4NOpKGmVkJm+kgWCsW2Fkej6EU8ID15KSTVdHB03Y8FM r8fSi9kFddsZVLK30doQa1iQXdIjzatv7Yy7OdzBQWKnBQrNNpxF5yc6WwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBZVCwiq90dBjtHXutpgAbgbZJ9XMB8GA1UdIwQY MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAEk7iTjs MtqIKcnCpQbmKnTZMCkL8T1zdaifd854rWJCPSKiOhJOn59RmbYKDr6lVW+AfmTD wqhIbSMSM4Q8/zc5lyML26rr7/9tSgNGVEbHXEKWSFkOVhmuuZi5zFACShHJMqNy 84zqt+IuYrfKOZUuTad404PDqbYBkirDccTBXtz2qxtZ1z0QT9eEwbYgdp8hoXtn ObaIOYJ6ScMhRTmgiDj5aYa2cjDPkhNYX/C/qYTsXi5ejibuGTImMHUv6lQCDHNa z81pMyR2zgBOkzo2zANmWwvnx5sJHOeNIBLiUhXEROc8fNgTgpZ8/Ihmnj4XVBLR S02kKCmW+ojtEA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:03:17 2025 by rpki-client